urlscan.io logo urlscan.io
SecurityTrails logo

vnexpress.net Open in urlscan Pro
111.65.250.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vnexpress.net/
Effective URL: https://vnexpress.net/
Submission: On June 11 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 135 IPs in 16 countries across 116 domains to perform 587 HTTP transactions. The main IP is 111.65.250.2, located in Viet Nam and belongs to FPTONLINE-AS-VN FPT Online JSC, VN. The main domain is vnexpress.net.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on January 21st 2021. Valid for: a year.
This is the only time vnexpress.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 111.65.250.2 45894 (FPTONLINE...)
16 2a00:1450:400... 15169 (GOOGLE)
5 111.65.249.130 45894 (FPTONLINE...)
26 142.250.185.66 15169 (GOOGLE)
32 111.65.251.2 45894 (FPTONLINE...)
7 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 180.148.129.21 45894 (FPTONLINE...)
4 2a00:1450:400... 15169 (GOOGLE)
17 2a0b:4d07:102::1 44239 (PROINITY ...)
4 2a00:1450:400... 15169 (GOOGLE)
3 7 2a02:6b8::1:119 13238 (YANDEX)
7 1.55.119.34 18403 (FPT-AS-AP...)
1 50.16.226.23 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.16.186.32 20940 (AKAMAI-ASN1)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 111.65.249.226 45894 (FPTONLINE...)
1 180.148.141.233 45894 (FPTONLINE...)
1 180.148.132.197 45894 (FPTONLINE...)
2 2600:1901:0:9... 15169 (GOOGLE)
1 111.65.249.224 45894 (FPTONLINE...)
18 2a00:1450:400... 15169 (GOOGLE)
1 103.132.192.30 138552 (RTBHOUSE-...)
3 185.64.189.112 62713 (AS-PUBMATIC)
1 7 2606:4700:20:... 13335 (CLOUDFLAR...)
7 2606:4700:e0:... 13335 (CLOUDFLAR...)
8 20 185.33.221.90 29990 (ASN-APPNEX)
1 178.250.0.165 44788 (ASN-CRITE...)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 111.65.249.131 45894 (FPTONLINE...)
8 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 180.148.132.75 45894 (FPTONLINE...)
3 111.65.248.197 45894 (FPTONLINE...)
19 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
10 35.171.241.0 14618 (AMAZON-AES)
2 3.219.93.236 14618 (AMAZON-AES)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
2 3 52.29.14.143 16509 (AMAZON-02)
1 34.192.164.183 14618 (AMAZON-AES)
1 52.57.10.248 16509 (AMAZON-02)
1 193.122.128.135 31898 (ORACLE-BM...)
5 178.162.133.149 60781 (LEASEWEB-...)
5 51.89.9.254 16276 (OVH)
12 2.18.233.180 16625 (AKAMAI-AS)
6 7 213.19.147.44 26120 (RHYTHMONE)
1 13.58.174.102 16509 (AMAZON-02)
2 213.19.147.43 3356 (LEVEL3)
1 3.123.110.9 16509 (AMAZON-02)
2 3 2.18.234.233 16625 (AKAMAI-AS)
12 16 142.250.185.130 15169 (GOOGLE)
1 3 52.94.232.32 16509 (AMAZON-02)
2 18.197.54.206 16509 (AMAZON-02)
1 111.65.248.227 45894 (FPTONLINE...)
1 125.212.217.46 7552 (VIETEL-AS...)
1 54.195.94.143 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
5 185.64.190.78 62713 (AS-PUBMATIC)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
4 52.57.141.238 16509 (AMAZON-02)
2 2.18.235.40 16625 (AKAMAI-AS)
6 104.109.78.125 16625 (AKAMAI-AS)
3 151.101.13.108 54113 (FASTLY)
3 69.173.144.165 26667 (RUBICONPR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
7 54.39.16.115 16276 (OVH)
1 10 35.244.159.8 15169 (GOOGLE)
22 144.217.254.84 16276 (OVH)
5 5 185.29.133.58 30419 (MEDIAMATH...)
3 3 2620:116:800d... 16509 (AMAZON-02)
5 7 37.157.3.29 198622 (ADFORM)
5 7 13.248.242.197 16509 (AMAZON-02)
1 2a0c:5c81:513... 55081 (24SHELLS)
3 4 35.186.253.211 15169 (GOOGLE)
1 3 62.149.0.72 15497 (COLOCALL ...)
1 162.55.3.17 24940 (HETZNER-AS)
2 104.16.68.69 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 213.155.156.166 1299 (TELIANET ...)
1 1 178.250.2.151 44788 (ASN-CRITE...)
2 26 185.64.190.80 62713 (AS-PUBMATIC)
2 185.64.189.114 62713 (AS-PUBMATIC)
3 3 51.210.112.236 16276 (OVH)
7 10 34.251.130.56 16509 (AMAZON-02)
1 19 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 159.253.128.183 36351 (SOFTLAYER)
3 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
3 5 52.49.40.147 16509 (AMAZON-02)
1 1 162.55.6.213 24940 (HETZNER-AS)
1 1 87.98.128.108 16276 (OVH)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 72.251.241.196 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 3 151.101.13.44 54113 (FASTLY)
1 38.91.45.7 398989 (DEEPINTENT)
2 4 35.227.248.159 15169 (GOOGLE)
4 4 3.66.135.160 16509 (AMAZON-02)
1 1 34.236.65.196 14618 (AMAZON-AES)
1 38.27.122.158 174 (COGENT-174)
1 2 35.201.96.126 15169 (GOOGLE)
1 2 77.243.60.138 42697 (NETIC-AS)
1 3 54.78.254.47 16509 (AMAZON-02)
3 4 3.126.56.137 16509 (AMAZON-02)
5 6 18.158.181.33 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
4 5 151.101.114.49 54113 (FASTLY)
3 3 2001:678:cb4:... 56396 (TURN)
1 3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 159.65.196.12 14061 (DIGITALOC...)
2 2 66.155.71.149 13768 (COGECO-PEER1)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 54.247.114.64 16509 (AMAZON-02)
1 1 34.239.198.206 14618 (AMAZON-AES)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 6 46.249.52.249 50673 (SERVERIUS-AS)
3 7 34.193.191.157 14618 (AMAZON-AES)
7 5.178.65.245 50673 (SERVERIUS-AS)
5 5.178.65.252 50673 (SERVERIUS-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 168.119.149.178 24940 (HETZNER-AS)
2 2 88.214.206.142 46636 (NATCOWEB)
1 1 2a00:7c80:0:1... 49981 (WORLDSTREAM)
1 1 2.19.35.65 16625 (AKAMAI-AS)
3 13 2.18.234.21 16625 (AKAMAI-AS)
1 2607:ae80:5::49 26558 (FREEWHEEL)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
4 4 54.170.210.188 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.102 24961 (MYLOC-AS ...)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 52.56.111.113 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
3 52.215.215.228 16509 (AMAZON-02)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 34.237.161.69 14618 (AMAZON-AES)
1 2 52.95.118.60 16509 (AMAZON-02)
2 2 23.79.143.202 16625 (AKAMAI-AS)
1 34.249.223.226 16509 (AMAZON-02)
1 99.86.241.58 16509 (AMAZON-02)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
1 51.158.29.13 12876 (Online SAS)
3 185.64.190.81 62713 (AS-PUBMATIC)
2 2 88.212.252.2 7979 (SERVERS-COM)
1 208.100.17.174 32748 (STEADFAST)
1 1 185.183.112.155 60350 (VP)
1 216.46.185.183 13649 (ASN-VINS)
4 4 54.36.109.155 16276 (OVH)
1 1 2001:678:cb4:... 56396 (TURN)
1 37.157.4.41 198622 (ADFORM)
2 3.121.27.153 16509 (AMAZON-02)
587 135
8    111.65.250.2 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
vnexpress.net
16    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.de
adservice.google.cz
5    111.65.249.130 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
s.eclick.vn
26    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net
32    111.65.251.2 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
PTR: mx1.gatemail.vn
s1.vnecdn.net
s.vnecdn.net
7    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    180.148.129.21 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
logperf.vnexpress.net
4    2a00:1450:4001:82f::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
17    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
vcdn1-vnexpress.vnecdn.net
vcdn1-suckhoe.vnecdn.net
s1cdn.vnecdn.net
scdn.eclick.vn
vcdn1-giadinh.vnecdn.net
vcdn1-sohoa.vnecdn.net
vcdn1-giaitri.vnecdn.net
vcdn1-kinhdoanh.vnecdn.net
4    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
7    1.55.119.34 (Ho Chi Minh City, Viet Nam)

ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN)
octopus-stream01-cads.fpt.vn
1    50.16.226.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-226-23.compute-1.amazonaws.com
api.ipify.org
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2.16.186.32 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-32.deploy.static.akamaitechnologies.com
ced.sascdn.com
8    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
3    111.65.249.226 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
adp.vnecdn.net
1    180.148.141.233 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
la.vnecdn.net
1    180.148.132.197 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
la2.vnecdn.net
2    2600:1901:0:98f7:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.hbplatform.com
cdn.fuseplatform.net
1    111.65.249.224 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
g.eclick.vn
18    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adpone.com
eu-ads.adpone.com
ads.adpone.com
7    2606:4700:e0::ac40:621d (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adxpremium.services
user-sync.adxpremium.services
20    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
ib.adnxs.com
secure.adnxs.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    111.65.249.131 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
static.eclick.vn
8    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
adservice.google.cz
5    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
a01a439e6ee0b9dc5f58459ddd2e605e.safeframe.googlesyndication.com
fd9a5d7e6722de8e0614bee05cf8e7b9.safeframe.googlesyndication.com
cc5b498521e182e8f0b783e0dc349d2c.safeframe.googlesyndication.com
1    180.148.132.75 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
gw.vnexpress.net
3    111.65.248.197 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
usi-saas.vnexpress.net
19    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2606:4700:3030::6815:593f (United States)

ASN13335 (CLOUDFLARENET, US)
solution.urekamedia.com
bd.urekamedia.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
5    2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
10    35.171.241.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
2    3.219.93.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
go1.aniview.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    52.29.14.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-14-143.eu-central-1.compute.amazonaws.com
ad.360yield.com
ice.360yield.com
1    34.192.164.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.aniview.com
1    52.57.10.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
1    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
5    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
5    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
12    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    13.58.174.102 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-174-102.us-east-2.compute.amazonaws.com
rtb.gamoshi.io
2    213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.targeting.unrulymedia.com
tag.1rx.io
1    3.123.110.9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-110-9.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
3    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
16    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
3    52.94.232.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    18.197.54.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-54-206.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    111.65.248.227 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
core.polyad.net
1    125.212.217.46 (Ho Chi Minh City, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)
dmp.urekamedia.com
1    54.195.94.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-94-143.eu-west-1.compute.amazonaws.com
acds.prod.vidible.tv
6    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
cdn-ssl.vidible.tv
4    52.57.141.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
trk.vidible.tv
2    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
6    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
6    2606:4700:3033::6815:2384 (United States)

ASN13335 (CLOUDFLARENET, US)
a.vdo.ai
targeting.vdo.ai
7    54.39.16.115 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns555277.ip-54-39-16.net
analytics.vdo.ai
10    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
u.openx.net
eu-u.openx.net
us-u.openx.net
vdoai-d.openx.net
22    144.217.254.84 (Beauharnois, Canada)

ASN16276 (OVH, FR)
h.vdo.ai
5    185.29.133.58 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
7    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
7    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
3    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
1    162.55.3.17 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.17.3.55.162.clients.your-server.de
loopme.me
2    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
2    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
1    213.155.156.166 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
26    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: ns3175227.ip-51-210-112.eu
pixel.onaudience.com
10    34.251.130.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-130-56.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
19    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
3    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
5    52.49.40.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    162.55.6.213 (Germany)

ASN24940 (HETZNER-AS, DE)
csync.loopme.me
1    87.98.128.108 (France)

ASN16276 (OVH, FR)
green.erne.co
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
4    3.66.135.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-135-160.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    34.236.65.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-65-196.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    38.27.122.158 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
2    77.243.60.138 (Hjørring, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
3    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
loadm.exelator.com
loadeu.exelator.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    18.158.181.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
pool.admedo.com
5    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
3    2a02:fa8:8806:20::2010 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
prebid-match.dotomi.com
casale-match.dotomi.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
pixel.sitescout.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    54.247.114.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
1    34.239.198.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
2    2606:4700:3037::6815:18da (United States)

ASN13335 (CLOUDFLARENET, US)
dmp.rtbsrv.com
6    46.249.52.249 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
ads.us.e-planning.net
sync.e-planning.net
7    34.193.191.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
a.audrte.com
7    5.178.65.245 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
u-ams02.e-planning.net
5    5.178.65.252 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
s.e-planning.net
1    2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
3    168.119.149.178 (Germany)

ASN24940 (HETZNER-AS, DE)
sync.richaudience.com
2    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    2a00:7c80:0:121::2 (Netherlands)

ASN49981 (WORLDSTREAM, NL)
ufo.approximity.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
13    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    2607:ae80:5::49 (United States)

ASN26558 (FREEWHEEL, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:d120:1359:acbb:2de6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
4    54.170.210.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
1    151.1.205.165 (Bellagio, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
idsync.frontend.weborama.fr
1    89.163.159.102 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
1    212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    52.56.111.113 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
3    52.215.215.228 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-215-228.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    34.237.161.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usermatch.krxd.net
2    52.95.118.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    23.79.143.202 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-202.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    34.249.223.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    99.86.241.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-58.vie50.r.cloudfront.net
tags.crwdcntrl.net
8    2606:4700:20::ac43:47f1 (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
1    51.158.29.13 (Paris, France)

ASN12876 (Online SAS, FR)
js.cookieless-data.com
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    88.212.252.2 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    208.100.17.174 (United States)

ASN32748 (STEADFAST, US)
ssc-cms.33across.com
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    216.46.185.183 (Littleton, United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
4    54.36.109.155 (France)

ASN16276 (OVH, FR)
id5-sync.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
1    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ps.eyeota.net
Apex Domain
Subdomains		 Transfer
53 vnecdn.net
s1.vnecdn.net Failed
vcdn1-vnexpress.vnecdn.net
vcdn1-suckhoe.vnecdn.net
s1cdn.vnecdn.net
adp.vnecdn.net
la.vnecdn.net
la2.vnecdn.net
vcdn1-giadinh.vnecdn.net
vcdn1-sohoa.vnecdn.net
vcdn1-giaitri.vnecdn.net
vcdn1-kinhdoanh.vnecdn.net
s.vnecdn.net
1 MB
51 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
image2.pubmatic.com
simage4.pubmatic.com
147 KB
46 doubleclick.net
securepubads.g.doubleclick.net Failed
stats.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net Failed
582 KB
42 googlesyndication.com
pagead2.googlesyndication.com
7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
tpc.googlesyndication.com
a01a439e6ee0b9dc5f58459ddd2e605e.safeframe.googlesyndication.com
fd9a5d7e6722de8e0614bee05cf8e7b9.safeframe.googlesyndication.com
cc5b498521e182e8f0b783e0dc349d2c.safeframe.googlesyndication.com
260 KB
35 vdo.ai
a.vdo.ai
targeting.vdo.ai
analytics.vdo.ai
h.vdo.ai
3 MB
23 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
68 KB
19 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
6 KB
18 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
sync.e-planning.net
s.e-planning.net
19 KB
18 aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com
sync.aniview.com
302 KB
17 google.com
www.google.com
analytics.google.com
adservice.google.com
4 KB
14 openx.net
ureka-d.openx.net Failed
u.openx.net
eu-u.openx.net
us-u.openx.net
rtb.openx.net
vdoai-d.openx.net
3 KB
13 casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
15 KB
13 google-analytics.com
www.google-analytics.com Failed
93 KB
13 vnexpress.net
vnexpress.net
logperf.vnexpress.net Failed
gw.vnexpress.net
usi-saas.vnexpress.net
158 KB
12 rubiconproject.com
prebid-server.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
secure-assets.rubiconproject.com
33 KB
12 googleapis.com
storage.googleapis.com
ajax.googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
980 KB
12 googletagservices.com
www.googletagservices.com
375 KB
11 crwdcntrl.net
sync.crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
17 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
137 KB
8 quantumdex.io
sync.quantumdex.io
4 KB
8 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
5 KB
8 adform.net
c1.adform.net
dmp.adform.net
cm.adform.net
3 KB
8 eclick.vn
s.eclick.vn Failed
scdn.eclick.vn
g.eclick.vn
static.eclick.vn
152 KB
7 audrte.com
a.audrte.com
8 KB
7 adsrvr.org
match.adsrvr.org
3 KB
7 vidible.tv
acds.prod.vidible.tv
cdn-ssl.vidible.tv
trk.vidible.tv
111 KB
7 adxpremium.services
rtb.adxpremium.services
user-sync.adxpremium.services
8 KB
7 adpone.com
rtb.adpone.com
eu-ads.adpone.com
ads.adpone.com
5 KB
7 fpt.vn
octopus-stream01-cads.fpt.vn
131 KB
7 googletagmanager.com
www.googletagmanager.com Failed
289 KB
6 bidswitch.net
x.bidswitch.net
2 KB
6 mathtag.com
sync.mathtag.com
pixel.mathtag.com
3 KB
6 1rx.io
sync.1rx.io
tag.1rx.io
3 KB
5 everesttech.net
sync-tm.everesttech.net
2 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
2 KB
5 onetag-sys.com
onetag-sys.com
3 KB
5 sonobi.com
sync.go.sonobi.com
2 KB
5 urekamedia.com
solution.urekamedia.com
bd.urekamedia.com
dmp.urekamedia.com
32 KB
5 ampproject.org
cdn.ampproject.org
101 KB
5 yandex.com
mc.yandex.com
2 KB
5 google.de
www.google.de
adservice.google.de
563 B
4 id5-sync.com
id5-sync.com
6 KB
4 krxd.net
beacon.krxd.net
usermatch.krxd.net
1 KB
4 demdex.net
dpm.demdex.net
4 KB
4 turn.com
ad.turn.com
d.turn.com
2 KB
4 w55c.net
pm.w55c.net
3 KB
4 tapad.com
pixel.tapad.com
1 KB
4 adtelligent.com
s.adtelligent.com
sync.adtelligent.com
2 KB
3 richaudience.com
sync.richaudience.com
743 B
3 dotomi.com
pubmatic-match.dotomi.com
prebid-match.dotomi.com
casale-match.dotomi.com
393 B
3 exelator.com
loadm.exelator.com
loadeu.exelator.com
4 KB
3 taboola.com
trc.taboola.com
match.taboola.com
607 B
3 onaudience.com
pixel.onaudience.com
1 KB
3 quantserve.com
pixel.quantserve.com
1 KB
3 2mdn.net
s0.2mdn.net
49 KB
3 stickyadstv.com
ads.stickyadstv.com
2 KB
3 unrulymedia.com
tag.targeting.unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
3 360yield.com
ad.360yield.com
ice.360yield.com
964 B
3 google.cz
adservice.google.cz
1 KB
3 criteo.com
bidder.criteo.com
gum.criteo.com
dis.criteo.com
2 KB
2 eyeota.net
ps.eyeota.net
2 KB
2 betweendigital.com
ads.betweendigital.com
925 B
2 bluekai.com
tags.bluekai.com
641 B
2 weborama.fr
idsync.frontend.weborama.fr
843 B
2 tidaltv.com
sync.tidaltv.com
791 B
2 admanmedia.com
cs.admanmedia.com
829 B
2 rtbsrv.com
dmp.rtbsrv.com
1 KB
2 sitescout.com
pixel-sync.sitescout.com
pixel.sitescout.com
625 B
2 admedo.com
pool.admedo.com
715 B
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1008 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 adgrx.com
cm.adgrx.com
816 B
2 adition.com
dsp.adfarm1.adition.com
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 connectad.io
cdn.connectad.io
sync-eu.connectad.io
970 B
2 districtm.io
dmx.districtm.io
cdn.districtm.io
317 B
2 loopme.me
loopme.me
csync.loopme.me
410 B
2 moatads.com
z.moatads.com
px.moatads.com
44 KB
2 advertising.com
pixel.advertising.com
ads.adaptv.advertising.com
1 KB
2 criteo.net
static.criteo.net
53 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 yandex.ru
mc.yandex.ru
70 KB
1 ib-ibi.com
global.ib-ibi.com
72 B
1 adotmob.com
sync.adotmob.com
689 B
1 33across.com
ssc-cms.33across.com
1 cookieless-data.com
js.cookieless-data.com
367 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
38 B
1 mookie1.com
odr.mookie1.com
324 B
1 agkn.com
aa.agkn.com
381 B
1 theadex.com
dmp.theadex.com
378 B
1 bemail.it
bn01.er.bemail.it
659 B
1 fwmrm.net
dmp.v.fwmrm.net
361 B
1 approximity.com
ufo.approximity.com
280 B
1 navdmp.com
tag.navdmp.com
4 KB
1 ipredictive.com
sync.ipredictive.com
522 B
1 gumgum.com
rtb.gumgum.com
335 B
1 playground.xyz
ads.playground.xyz
487 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 bnmla.com
match.bnmla.com
114 B
1 stackadapt.com
sync.srv.stackadapt.com
651 B
1 deepintent.com
match.deepintent.com
44 B
1 contextweb.com
bh.contextweb.com
462 B
1 ad4m.at
ad4m.at
1009 B
1 erne.co
green.erne.co
326 B
1 de17a.com
d5p.de17a.com
134 B
1 polyad.net
core.polyad.net
485 B
1 gamoshi.io
rtb.gamoshi.io
320 B
1 technoratimedia.com
sync.technoratimedia.com
1 creativecdn.com
prebid-asia.creativecdn.com
175 B
1 fuseplatform.net
cdn.fuseplatform.net
78 KB
1 hbplatform.com
cdn.hbplatform.com
16 KB
1 sascdn.com
ced.sascdn.com
12 KB
1 ipify.org
api.ipify.org
229 B
0 avct.cloud Failed
ads.avct.cloud Failed
587 116
Domain Requested by
31 s1.vnecdn.net vnexpress.net
s1.vnecdn.net
26 securepubads.g.doubleclick.net vnexpress.net
www.googletagservices.com
securepubads.g.doubleclick.net
bd.urekamedia.com
22 h.vdo.ai a.vdo.ai
19 simage2.pubmatic.com 1 redirects ads.pubmatic.com
19 tpc.googlesyndication.com securepubads.g.doubleclick.net
vnexpress.net
7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
18 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
vnexpress.net
www.googletagservices.com
srcdoc
17 ib.adnxs.com 7 redirects s.eclick.vn
player.aniview.com
acdn.adnxs.com
a.vdo.ai
spl.zeotap.com
16 cm.g.doubleclick.net 12 redirects u.openx.net
bcp.crwdcntrl.net
15 mwzeom.zeotap.com ads.pubmatic.com
ads.us.e-planning.net
13 www.google-analytics.com vnexpress.net
www.google-analytics.com
www.googletagmanager.com
12 ads.pubmatic.com player.aniview.com
ads.pubmatic.com
s.eclick.vn
user-sync.adxpremium.services
ads.us.e-planning.net
a.vdo.ai
12 www.googletagservices.com vnexpress.net
securepubads.g.doubleclick.net
7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
10 track1.aniview.com vnexpress.net
player.aniview.com
8 sync.quantumdex.io ads.us.e-planning.net
sync.quantumdex.io
ssum-sec.casalemedia.com
8 www.google.com vnexpress.net
securepubads.g.doubleclick.net
7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
tpc.googlesyndication.com
8 vcdn1-vnexpress.vnecdn.net vnexpress.net
8 vnexpress.net 1 redirects vnexpress.net
s1.vnecdn.net
7 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
7 u-ams02.e-planning.net ads.us.e-planning.net
ads.pubmatic.com
ssum.casalemedia.com
7 a.audrte.com 3 redirects ads.pubmatic.com
ads.us.e-planning.net
a.audrte.com
7 image2.pubmatic.com 1 redirects ads.pubmatic.com
7 sync.crwdcntrl.net 5 redirects bcp.crwdcntrl.net
7 match.adsrvr.org 5 redirects u.openx.net
ssum.casalemedia.com
7 analytics.vdo.ai a.vdo.ai
7 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
7 octopus-stream01-cads.fpt.vn vnexpress.net
octopus-stream01-cads.fpt.vn
7 www.googletagmanager.com vnexpress.net
www.googletagmanager.com
a.vdo.ai
6 x.bidswitch.net 5 redirects ssum-sec.casalemedia.com
6 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
ads.us.e-planning.net
user-sync.adxpremium.services
6 imasdk.googleapis.com player.aniview.com
imasdk.googleapis.com
a.vdo.ai
5 s.e-planning.net ads.us.e-planning.net
5 sync-tm.everesttech.net 4 redirects ssum-sec.casalemedia.com
5 match.prod.bidr.io 3 redirects ads.pubmatic.com
u.openx.net
5 sync.mathtag.com 5 redirects
5 a.vdo.ai vnexpress.net
a.vdo.ai
5 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
5 sync.1rx.io 4 redirects player.aniview.com
5 onetag-sys.com player.aniview.com
a.vdo.ai
sync.quantumdex.io
5 sync.go.sonobi.com player.aniview.com
ads.us.e-planning.net
sync.quantumdex.io
5 player.aniview.com solution.urekamedia.com
player.aniview.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 rtb.adxpremium.services s.eclick.vn
s.adtelligent.com
ads.pubmatic.com
ads.us.e-planning.net
5 rtb.adpone.com s.eclick.vn
5 mc.yandex.com 2 redirects vnexpress.net
5 s.eclick.vn vnexpress.net
s1cdn.vnecdn.net
4 id5-sync.com 4 redirects
4 dpm.demdex.net 4 redirects
4 ups.analytics.yahoo.com 3 redirects ssum-sec.casalemedia.com
4 pm.w55c.net 4 redirects
4 pixel.tapad.com 2 redirects ads.pubmatic.com
spl.zeotap.com
4 spl.zeotap.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
4 rtb.openx.net 3 redirects u.openx.net
4 c1.adform.net 3 redirects ads.pubmatic.com
4 trk.vidible.tv
4 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
4 storage.googleapis.com vnexpress.net
storage.googleapis.com
3 ssum-sec.casalemedia.com 1 redirects sync.quantumdex.io
ssum.casalemedia.com
3 simage4.pubmatic.com ads.pubmatic.com
3 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
bcp.crwdcntrl.net
3 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
3 dmp.adform.net 2 redirects spl.zeotap.com
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 sync.e-planning.net ads.us.e-planning.net
sync.quantumdex.io
3 ads.us.e-planning.net 2 redirects user-sync.adxpremium.services
3 ad.turn.com 3 redirects
3 pr-bh.ybp.yahoo.com ads.pubmatic.com
u.openx.net
ssum-sec.casalemedia.com
3 pixel.onaudience.com 3 redirects
3 sync.adtelligent.com 1 redirects s.adtelligent.com
3 us-u.openx.net u.openx.net
3 pixel.quantserve.com 3 redirects
3 eu-u.openx.net u.openx.net
3 u.openx.net 1 redirects s.eclick.vn
a.vdo.ai
3 token.rubiconproject.com eus.rubiconproject.com
3 acdn.adnxs.com player.aniview.com
s.eclick.vn
a.vdo.ai
3 s0.2mdn.net imasdk.googleapis.com
3 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
3 ads.stickyadstv.com 2 redirects
3 secure.adnxs.com 1 redirects player.aniview.com
ssum.casalemedia.com
3 adservice.google.cz securepubads.g.doubleclick.net
3 usi-saas.vnexpress.net s1.vnecdn.net
3 hbopenbid.pubmatic.com s.eclick.vn
player.aniview.com
a.vdo.ai
3 adp.vnecdn.net s1cdn.vnecdn.net
s.eclick.vn
3 www.google.de vnexpress.net
2 ps.eyeota.net
2 ads.betweendigital.com 2 redirects
2 tags.bluekai.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 sync.tidaltv.com 2 redirects
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 cs.admanmedia.com 2 redirects
2 dmp.rtbsrv.com 2 redirects
2 pool.admedo.com 2 redirects
2 loadm.exelator.com 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 1 redirects ads.pubmatic.com
2 trc.taboola.com 1 redirects spl.zeotap.com
2 cm.adgrx.com ads.pubmatic.com
ssum.casalemedia.com
2 sync.targeting.unrulymedia.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 user-sync.adxpremium.services s.eclick.vn
user-sync.adxpremium.services
2 cdn-ssl.vidible.tv acds.prod.vidible.tv
player.aniview.com
2 prebid-server.rubiconproject.com player.aniview.com
2 ad.360yield.com 2 redirects
2 go1.aniview.com player.aniview.com
2 bd.urekamedia.com player.aniview.com
2 encrypted-tbn1.gstatic.com 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
2 encrypted-tbn3.gstatic.com 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
2 solution.urekamedia.com vnexpress.net
2 static.criteo.net s.eclick.vn
static.criteo.net
2 fonts.gstatic.com fonts.googleapis.com
2 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
imasdk.googleapis.com
2 vcdn1-giaitri.vnecdn.net vnexpress.net
2 sync.search.spotxchange.com 1 redirects vnexpress.net
2 analytics.google.com www.googletagmanager.com
2 mc.yandex.ru 1 redirects vnexpress.net
2 s1cdn.vnecdn.net vnexpress.net
s1.vnecdn.net
1 cm.adform.net
1 d.turn.com 1 redirects
1 global.ib-ibi.com bcp.crwdcntrl.net
1 sync.adotmob.com 1 redirects
1 dsum.casalemedia.com ssum.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 cdn.districtm.io a.vdo.ai
1 ssc-cms.33across.com sync.quantumdex.io
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 secure-assets.rubiconproject.com 1 redirects
1 ufo.approximity.com 1 redirects
1 prebid-match.dotomi.com ads.us.e-planning.net
1 tag.navdmp.com ads.us.e-planning.net
1 pixel.sitescout.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.bnmla.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ad4m.at ads.pubmatic.com
1 green.erne.co 1 redirects
1 csync.loopme.me 1 redirects
1 dis.criteo.com 1 redirects
1 d5p.de17a.com ads.pubmatic.com
1 sync-eu.connectad.io cdn.connectad.io
1 cdn.connectad.io user-sync.adxpremium.services
1 dmx.districtm.io a.vdo.ai
1 vdoai-d.openx.net a.vdo.ai
1 loopme.me a.vdo.ai
1 s.adtelligent.com user-sync.adxpremium.services
1 ads.adpone.com s.eclick.vn
1 eu-ads.adpone.com 1 redirects
1 targeting.vdo.ai a.vdo.ai
1 cc5b498521e182e8f0b783e0dc349d2c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 px.moatads.com
1 z.moatads.com cdn-ssl.vidible.tv
1 acds.prod.vidible.tv player.aniview.com
1 dmp.urekamedia.com vnexpress.net
1 core.polyad.net s.vnecdn.net
1 tag.1rx.io player.aniview.com
1 ads.adaptv.advertising.com player.aniview.com
cdn-ssl.vidible.tv
1 ice.360yield.com player.aniview.com
1 tag.targeting.unrulymedia.com player.aniview.com
1 rtb.gamoshi.io player.aniview.com
1 sync.technoratimedia.com player.aniview.com
1 pixel.advertising.com player.aniview.com
1 sync.aniview.com player.aniview.com
1 s.vnecdn.net www.googletagmanager.com
1 gum.criteo.com static.criteo.net
1 fd9a5d7e6722de8e0614bee05cf8e7b9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 vcdn1-kinhdoanh.vnecdn.net vnexpress.net
1 encrypted-tbn2.gstatic.com 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
1 encrypted-tbn0.gstatic.com 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
1 www.gstatic.com 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 a01a439e6ee0b9dc5f58459ddd2e605e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 gw.vnexpress.net s1.vnecdn.net
1 vcdn1-sohoa.vnecdn.net vnexpress.net
1 vcdn1-giadinh.vnecdn.net vnexpress.net
1 static.eclick.vn vnexpress.net
1 bidder.criteo.com s.eclick.vn
1 prebid-asia.creativecdn.com s.eclick.vn
1 g.eclick.vn scdn.eclick.vn
1 cdn.fuseplatform.net cdn.hbplatform.com
1 scdn.eclick.vn s.eclick.vn
1 cdn.hbplatform.com vnexpress.net
1 la2.vnecdn.net vnexpress.net
1 la.vnecdn.net s1cdn.vnecdn.net
1 ced.sascdn.com storage.googleapis.com
1 ajax.googleapis.com storage.googleapis.com
1 api.ipify.org storage.googleapis.com
1 vcdn1-suckhoe.vnecdn.net vnexpress.net
1 logperf.vnexpress.net vnexpress.net
0 ads.avct.cloud Failed u.openx.net
0 pubads.g.doubleclick.net Failed imasdk.googleapis.com
0 ureka-d.openx.net Failed s.eclick.vn
587 215
Subject Issuer Validity Valid
*.vnexpress.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-01-21 -
2022-02-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.eclick.vn
GlobalSign GCC R3 DV TLS CA 2020		 2021-01-21 -
2022-02-22		 a year crt.sh
*.vnecdn.net
Sectigo RSA Domain Validation Secure Server CA		 2019-12-09 -
2022-03-08		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2021-05-17 -
2021-08-09		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
*.fpt.vn
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-14 -
2022-05-15		 a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2021-01-19 -
2022-02-19		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.sascdn.com
DigiCert Secure Site ECC CA-1		 2020-10-14 -
2021-11-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.cdn.fuseplatform.net
R3		 2021-05-30 -
2021-08-28		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-11 -
2021-07-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.google.cz
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
onetag-sys.com
R3		 2021-05-02 -
2021-07-31		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
rtb.gamoshi.io
R3		 2021-05-01 -
2021-07-30		 3 months crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.360yield.com
Amazon		 2020-08-26 -
2021-09-26		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.polyad.net
Sectigo RSA Domain Validation Secure Server CA		 2021-01-22 -
2022-02-22		 a year crt.sh
dmp.urekamedia.com
R3		 2021-05-08 -
2021-08-06		 3 months crt.sh
acds.prod.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2021-01-26 -
2021-07-20		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
cdn-ycs.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2021-05-17 -
2021-11-10		 6 months crt.sh
trk.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2021-02-09 -
2021-08-03		 6 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.vdo.ai
Go Daddy Secure Certificate Authority - G2		 2019-10-15 -
2021-10-15		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-06-06 -
2021-09-04		 3 months crt.sh
sync.adtelligent.com
R3		 2021-06-05 -
2021-09-03		 3 months crt.sh
loopme.me
R3		 2021-05-12 -
2021-08-10		 3 months crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2021-05-16 -
2022-05-15		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
visitor.fiftyt.com
GTS CA 1D4		 2021-05-01 -
2021-07-30		 3 months crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
ads.us.e-planning.net
R3		 2021-05-24 -
2021-08-22		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.e-planning.net
R3		 2021-06-04 -
2021-09-02		 3 months crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.theadex.com
GeoTrust RSA CA 2018		 2019-10-11 -
2021-10-10		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.redinuid.imrworldwide.com
Amazon		 2021-06-08 -
2022-07-07		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
js.cookieless-data.com
R3		 2021-05-15 -
2021-08-13		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.ib-ibi.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-03-08		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
*.eyeota.net
R3		 2021-04-29 -
2021-07-28		 3 months crt.sh

This page contains 96 frames:

Primary Page: https://vnexpress.net/
Frame ID: 1F102D326ABB0DFE34926D8004959960
Requests: 241 HTTP requests in this frame

Frame: https://g.eclick.vn/delivery/eclookup.html?fosp_aid=fxuh9ku3npevl2ct.1623373603.des&orig_aid=fxuh9ku3npevl2ct.1623373603.des&myvne_user_id=0
Frame ID: 2564AF6597A5FDCF661820D6BAD390CF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDJFCYUxF6vcTPGBYwa0Kx3YNlXMsAJiGGd9_RaH5JJmozu3j495LNvyuC5FixuABPtuLCwHNP8HAojsOv_H1HWhc04LeKjYflXm4lEYI1-YhhsKvZ6NI89Vd3nH8h7UNPn_vC4JekIyvypPm8aaPecIPFzy3QxLVQ5T1IWJVM7s3-HG08mDypogo-nNZRXmn67kRjT_2md9SBUMWSRNTTn9t8rh-QKRAvW4OqOMQbTvVh3ruBUzKTxnLvPlfEgFgXT1yruY5wo52dn9m7fPhzCCvhzpl_CsqB8eXWk69PP6mXvczrx_dSd7aP2kmx4HTDXy9JM9qnqw&sai=AMfl-YQLHVVNnpk3QZBzWs0BWd7gEMfsl0V9tagdlN6G8tEBFGh1pcaHvHs0vQxQ8P1GN_orX4neMjbKJgEa07o09yydMwFJgtJyJaz_1AdcYfr_XMwyzi7u5Popyg_GX2Ed&sig=Cg0ArKJSzNcYp9_6YzzzEAE&urlfix=1&adurl=
Frame ID: 11B0058E0BFB7BC0247AF89D537A536E
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEmqLp8Yk9JDOxj0xBiNB9H64vaq7nNButRybvy_OCZB0855pMt_LfIDMvT_w_dfaXy9lIb5rhzU0vVa8CFb1GvuDLt25rE6RF0p5Xzd7xGP6qWGrYbTMwTfy_KT-tBPO3Zw0W_DCmEqAzD4JtQD9M9Ew2Ea3SNAXC1ahZndn-Z778MkBqZ93ZDWySknAXniwngFsZlHSEGdJllRX4eh8FijZSX0u-XnBmnQenUCgVG1E7Oal9-VxirzagTBU4IpAmgGPyRF--iNEO8vaI8BRR7YUUcjNNMt7dzjJnc4sH9-heU62kzZDPeC35WH5_kec&sai=AMfl-YS6onw2_Rp53WyUwppfPUGNTr0D8h6gIJj7i3IsHVQ-IaQZG9epCCPVyKkg1iNgkdrNIoWdMP3kllZl58vN5KAm_teYJC8_IrGfifrQx84BuDIiMU0DftVQKnt78r-7&sig=Cg0ArKJSzBSDycbXsNytEAE&adurl=
Frame ID: A5C665C7C2A2F4A2BC3E7E052DF1A8B0
Requests: 7 HTTP requests in this frame

Frame: https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CAF93F988539D8BBE8D8C30E61B37AC3
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 17B25B0A4230D403EBD81724B50274F0
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstot3coVado15xYTNQgZkeDf35rb1R2IVm94xFZ_KAB7m4ykKWfLNtEyYlkIy8EoQBl_l28NCvekSPKmtZ9X55Af-Vi3UOInIP8tBe6dquXbmQlVz13q2rXXl6lJL52JzX-B0m2SoBb4aTuVP3k4BOWwsiT7LjS02m-xLFKyohjkWC8MAHN5rgU4NFs6iovQb7P18swAxoir3DhmGrZe7XFWhOfftTHJ5qBMEhmIonlK7G479vCHmacU1RmqTgjUHlDmCtW8PF6CQmNksi4kDh5SDuBOlw_CG4pb0WZJ3ztBpWnc2JTyh2WpQeCHuewNbmp7TmFb0HSu_XypBlOi7dJNKvV&sig=Cg0ArKJSzJ8u59SjXcguEAE&urlfix=1&adurl=
Frame ID: 70864FAB3333B287C5021AA6924DC33C
Requests: 4 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Frame ID: 45E6AB80278F3DE6CBAE8E9E1FD98856
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 6348F2C8275BBBDD652B3500870F7D5D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B732433EA90FA6E1FFA5838B75625145
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 8767DC3660B71D0F52C1836B70F9FB2A
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=vnexpress.net
Frame ID: 082DC2FF3FBFE8FD1C04B75B391BF8C5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 30E7748035617553F33BCE5FE86A929B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D1B781049F8ECF6BA8C8D4CC175753AC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmEc2WRaWhzJiC3rJCLwjLIu2WwFi8GmddMivdNXWxqkcgqXIUGMwRzQbMq0iNFzTaQ5xzVNrbN2RrXriaxJCtq_0xY7wtfgFYsqAaXsidkt-u4N21QdV6MJdqW-v0MHz_V7BETS8PoUQ1DWBe4hgIpmhpT4boGJge9AqYio1csu_mc3Sid_wPCnR67tAro5ZzoNIYoMZxR9bLqn-vd3Ye9pcRAiF4S7XSvhrlYh-lLdRIIcpF3v8mNkJE0LBquN0S1-m4fUGyg8QX3ieu7e_IoPm9IF1B-gazLO3AS1zaVZyxPdCKJ23cCtCQWCoqAW-r1ahpi24Cu33A5Q&sai=AMfl-YSwrk0X_bf1GvypF9LtMwEoqjd57J1qKof_VHP1Nvv-vdqezOXdxiditTK15-rmIxtQEGypeYYMuypCWNEiL6LklblJULRW2kBb1qCQCWkobrRIzwEZKQ9XqmHzU9M&sig=Cg0ArKJSzLb6LQChd0-PEAE&urlfix=1&adurl=
Frame ID: E2A56DF5D03CA0255FB3961DB990BD84
Requests: 3 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1623373606425-943677653332-008752-015-002268&biddername=22&key=ae3f85be-b283-4692-abaa-85d5146e7dc5
Frame ID: 3AF017C2AEDDF233B6BCA57FE7B9BE9F
Requests: 1 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: 680374B8224625659E02F24C1DD929E6
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1623373606425-943677653332-008752-015-002268&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: 54BC8386230370BD2273AA364B2B114A
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D60%26key%3D%5BUID%5D
Frame ID: 381568196522F8CB3CE18E77FCB551A5
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=
Frame ID: 7D5428ADA72D83DFC3541FCBB8B09A26
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: DC88E2DB0EA74C5C83E386FCDFBA331C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D1%26key%3D
Frame ID: 24297CCD2DD05BB0798DBD2D310F2FB9
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D200%26key%3D%5BRX_UUID%5D
Frame ID: 1C18C868E1EFC3ABB50889A72538A9D4
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gamoshi.io/user_sync?bidder=16245&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D71%26pid%3D5ef33c8abcf1750da1720e91%26key%3D%5Bgusr%5D
Frame ID: 9C40CFA54CC49E0BD7A91A7E05DAFCF5
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Frame ID: 775A661F7EE1FED09B104CBD49FBD053
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 4EF4885F7C3803C03B6AC74B1094AF39
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED2F1D6725D27532A01D1FBBE1DA2FB2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 16BB5E998E067F7B88CCB2076A13BD70
Requests: 2 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1245982&orgId=23089&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=http%3A%2F%2Fvnexpress.net&vrid=37f97838-3f30-434f-95bc-cfccb3fc42e3&pblob=
Frame ID: CFCA8A6D8F61C3F6A92C811A4FC237E4
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 0C25C5D3DDC2EFC6B28DCB1AC8A2FD6B
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 5CC729F238C81991FCCFBDDD619B8474
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.464.0_en.html
Frame ID: E8EDBCB4111746098378E3E1AE993DAC
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.464.0_en.html
Frame ID: 95273DD986E2E4E7AF62C4565A21155B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6AE912B4582A9BE6D3DCCF6F396F6536
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 8CC1394DC00857EBAE0585FC4B458FF4
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FD457CFF6946097D78794D56EC4CF43F
Requests: 1 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: B50F4312363F0CCEBE89231BA2A871D5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FC8DBEC2D48BB016374489A53A099727
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0968AC10F196947684EB737A319EA324
Requests: 19 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 74864BDC481082ED8C54D44FABF4DF1E
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF2L5bqG48CIa7L5UE6bx3AdC_lyTaPaLG3-YYZeP2zqoj_Rr3mPqLeW-Byk-M19q2ZDtmOqsuEtbOed0d_vBiRqc4t1sj2rMdYhIJp5ablwPFTczPDHHZxsU-Hp5IOMFyEfbGyLaE3dK6AP7N4Lo45Auet5eDeF2at4ZEjZYqC5PUKbkhhMO81vvph5TQvZVpLFOAel_iJrpOfQqGu4J-S-zBHMstIww_01oNgvYod9vjHsSvJvl8hD7hIWJXwgg3QVaixL2QfHjAwvw0iiou0pWiY2JMAKo8j9Ei6ZhiG987FNRow6G1bWPhdxZk2qwHnAnuyxTs8Nx_ZGBvjtlBOSj1ieotCkSYLF8z2A&sig=Cg0ArKJSzIN0o_frp2BXEAE&urlfix=1&adurl=
Frame ID: 05EA263877FABC9B063F52FB97B8FC38
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 1E6E506329FAD9FCAE22F64762A2E17F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F3CAE2ABE2594CA6C6B8270A7E3B37A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7BE575B3CE4C67C9AFC6CB4A6867BF37
Requests: 5 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Frame ID: F854EEB8806545904CFA115EF8EA536D
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6292D9ED8E7684BC927512F61C11F04D
Requests: 3 HTTP requests in this frame

Frame: https://ads.adpone.com/index.html
Frame ID: FAB1D4E7A66E7578E043769515F9DC94
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: 06CDF2A6E5564EF385176260CE666983
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.464.0_en.html
Frame ID: E6367435B9EC002CE019E6A7726F765B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6785A461ED41FC9529BAB02BC4FC3264
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=601760
Frame ID: E054C185BF48EC65E5438C79FD4AA7FA
Requests: 4 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: AED80D0AF5527512BE12EDB483A7A0DC
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 08926A7DEC79A8549B87C9A3D4C19BDF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 990E476B308FCCEC623CB9A8B8CB8540
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 60F78661907E8094D0E9417A5AEBF1E1
Requests: 14 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398
Frame ID: 7548AF75F9FB16EFF20814ED7AAFA833
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: A6039DD0C66A4335541AC98D398DCA75
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: 7E60C17DC489DE92DA34BFCB3720244B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398
Frame ID: FA284305A079F1AA0B6DF494205A095D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972336564145092756
Frame ID: C1C52D1AD7E34D4E57822319EEEC48D6
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 0148ED8A8184E9C517660C62CA5CDE4B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-69028778-2a49-4435-bd15-78f839ab6793-003
Frame ID: F2AE9C12B5F125A1084C030FC4424297
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 6C5A133BCC211C7C701982E3C18BB6C9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=1MOwp2Jql8R6il4HDSqfW9Mi
Frame ID: 01F88FEA724AF559E9A84EAF884E4AF3
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 9630179B0C3F7948BB290314BA783FD4
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F83ADAD5E6F986CC2BB9718A02F36416
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 0623ED0DBB724BFE3FA5532143AE8AFA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=9SGwjwss4jF1&pid=557219
Frame ID: 153191F0A92BEC9C27324E687A31957F
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=22f8c018-1642-4602-b5d2-07d55df2c297-tuct7bc3caa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: FC16C27E530193B59FA43FAA6FD7376C
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: B7DFFB71AC570CEF3A929EA50617A788
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 6DA1A275B1C7B559B37E52EBE6971C2F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:P4eGaIiY1LRvDk5&gdpr=0&gdpr_consent=
Frame ID: 26A4F581F0DCB824E57DA8233EB33F13
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xGFt7sqtSnFGL-NrA_vURLmcrgQ
Frame ID: B2D3D8FEFFD915622DF59646A4B4B590
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BD38D4AAA0A148DFA4EB53701FA1929D
Frame ID: 0AB63D1DA224C78AA4034823333C92B0
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 9459308BE9F600A7AD4EED56FC5DD0E3
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Frame ID: CD2E33BAA2B35EA43CAA6D89C28321B7
Requests: 22 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 7EFD441C0C88F362A09DB456022B4650
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7365be475a47309e%26uid%3D
Frame ID: B505DA3D500719BCABAD7FC624B5EF74
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F8F1032BD5611BDA3089A06575B6FECB
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=7365be475a47309e&uid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398
Frame ID: E7A09ED834D412BE8B9E216F054C3658
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7365be475a47309e%26uid%3D&s=190243&C=1
Frame ID: A772702FAFBCA6C847CD540A87F2B2B4
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361&cmp=0
Frame ID: 604618DCAD0D28F80797E7BCAF7C0D44
Requests: 30 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: C5CA12891B7A57126663F26F86FABA47
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: 88EE69964A03511CAABC1F392489D4A6
Requests: 9 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AE1rmmt7QUleGmgB
Frame ID: B933B45BB4AB89E1D74D6FA4A189D278
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 75F2D4BF86583F92654D8B39D1C3E6DF
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 80105310D8E3D03925F5CCD6EBAC4040
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 688F808D890056344FDAA2DD054F2329
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: D698C2FCF3E776EF2606E4C10986BD68
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3B73C33D3CCD46AA9DE45FCC982FDB0C
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1623373609504
Frame ID: CC9C5390A2EF001CD6B39F5D58276D2D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4D1AC8EBFB1A4924F521EE70D03B3A25
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 0A2AF35A64ECC38318E2FA32A2ECD159
Requests: 7 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: A37C84E9B41CD8733B4E0B4E51AFD705
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=766769391/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Frame ID: 6090D446B3E369B68A5E55619C609EAC
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Frame ID: D5EC7CC897BA8DBC972B30B7B22F1968
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://vnexpress.net/ HTTP 301
    https://vnexpress.net/ Page URL
  2. https://vnexpress.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • script /2mdn\.net/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i

Page Statistics

587
Requests

95 %
HTTPS

30 %
IPv6

116
Domains

215
Subdomains

135
IPs

16
Countries

8968 kB
Transfer

19118 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vnexpress.net/ HTTP 301
    https://vnexpress.net/ Page URL
  2. https://vnexpress.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://vnexpress.net/ HTTP 301
  • https://vnexpress.net/
Request Chain 67
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9300.R5XiRdQH1sOvXPRm3C1AfCcRqTIEUIz1cd5LGyoPTEZ2naJ3gbhApa1Uz7QrJtYv._8UZLfJu5Sb-61HpYiqOLSlHzGE%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9300.Zw-VAEoh3c9HwrWngGnrTsEm8UD-pa48DTFxuJ3jYkmcXHoEgLBPK6H3vZcJ4rTx3K8F2w9AWEs-MG1QDTTq4A%2C%2C.DYdgyMTEsqa97nsSXfcRb1dF6Y0%2C
Request Chain 90
  • https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=4a0ac85a-ca51-11eb-b89e-1e875f050506
Request Chain 91
  • https://mc.yandex.com/watch/62978707?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A413%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A193113270421%3Ahid%3A845826001%3Az%3A120%3Ai%3A20210611030644%3Aet%3A1623373604%3Ac%3A1%3Arn%3A787026870%3Au%3A1623373604750058336%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623373603294%3Ads%3A0%2C0%2C357%2C26%2C1%2C0%2C%2C114%2C0%2C%2C%2C%2C476%3Adsn%3A0%2C0%2C358%2C26%2C0%2C0%2C%2C90%2C1%2C%2C%2C%2C475%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623373605%3At%3AVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t HTTP 302
  • https://mc.yandex.com/watch/62978707/1?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A413%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A193113270421%3Ahid%3A845826001%3Az%3A120%3Ai%3A20210611030644%3Aet%3A1623373604%3Ac%3A1%3Arn%3A787026870%3Au%3A1623373604750058336%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623373603294%3Ads%3A0%2C0%2C357%2C26%2C1%2C0%2C%2C114%2C0%2C%2C%2C%2C476%3Adsn%3A0%2C0%2C358%2C26%2C0%2C0%2C%2C90%2C1%2C%2C%2C%2C475%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623373605%3At%3AVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t
Request Chain 239
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1623373606425-943677653332-008752-015-002268&biddername=22&key=ae3f85be-b283-4692-abaa-85d5146e7dc5
Request Chain 253
  • https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDNlOWIxNzM3MDAzNDI0ZmU0ZGJjYjBlNTY1Mw==&gdpr=0&gdpr_consent=
Request Chain 255
  • https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1c214a7d18d3d5727461d1e2c7fc8f2&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 344
  • https://eu-ads.adpone.com/ HTTP 301
  • https://ads.adpone.com/index.html
Request Chain 345
  • https://u.openx.net/w/1.0/pd HTTP 302
  • https://u.openx.net/w/1.0/pd?cc=1
Request Chain 363
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8e0160c2-b727-4200-9f59-63eef7ed5593
Request Chain 364
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=slcNFOZQXB6pUA8VtlFDH7RVV0WpBVZC4lEshr7T
Request Chain 365
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5386584769435822460
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHqJJpY-8XgSHntnaXO2Msg&google_cver=1
Request Chain 372
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=fe7fdaf4-fc77-4281-8fe2-0a4926dc9fb3
Request Chain 373
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8957257764456227477
Request Chain 374
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=b176b99e3a530a6d
Request Chain 401
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Request Chain 403
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7r3V8euyQy2q_eX6RZ0zmA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 404
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8e0160c2-b727-4200-9f59-63eef7ed5593
Request Chain 405
  • https://pixel.onaudience.com/?partner=214&mapped=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=5fcf193cb05933b0b37be3d61ca814ec HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=2febde62-1eb8-42a9-b25a-c98646bb342b&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=ac4be97f0b5f0c0f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8b06ff42-ca54-4bc4-64b3-85e78e14f918&zcluid=ac4be97f0b5f0c0f&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGk_GshLyPagvkU1ywEOpSk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8b06ff42-ca54-4bc4-64b3-85e78e14f918&zcluid=ac4be97f0b5f0c0f&zdid=1332
Request Chain 406
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUVCREQ1RjEtRUJCMi00MzJELUFBRkQtRTVGQTQ1OUQzMzk4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 407
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMJ1DwtBaJSATL5KWfutxx8&google_cver=1
Request Chain 409
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8e0160c2-b727-4200-9f59-63eef7ed5593&gdpr=0&gdpr_consent=
Request Chain 410
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5386584769435822460
Request Chain 411
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2febde62-1eb8-42a9-b25a-c98646bb342b
Request Chain 412
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8957257764456227477&gdpr=0&gdpr_consent=
Request Chain 423
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972336564145092756
Request Chain 424
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFERUpVN0JoVzRBQURMODUwSFlyZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 425
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6865043306 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/2febde62-1eb8-42a9-b25a-c98646bb342b HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-69028778-2a49-4435-bd15-78f839ab6793-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-69028778-2a49-4435-bd15-78f839ab6793-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-69028778-2a49-4435-bd15-78f839ab6793-003
Request Chain 426
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 427
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=1MOwp2Jql8R6il4HDSqfW9Mi
Request Chain 430
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 431
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=9SGwjwss4jF1&pid=557219
Request Chain 432
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=22f8c018-1642-4602-b5d2-07d55df2c297-tuct7bc3caa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 434
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 435
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:P4eGaIiY1LRvDk5&gdpr=0&gdpr_consent=
Request Chain 436
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xGFt7sqtSnFGL-NrA_vURLmcrgQ
Request Chain 437
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BD38D4AAA0A148DFA4EB53701FA1929D
Request Chain 439
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&gdpr=&fbounce=1
Request Chain 440
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 442
  • https://loadm.exelator.com/load/?p=204&g=71&buid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 443
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-psJIDmVE2uVLs5lJmbF7bDBvME4hvIM-~A&gdpr=0&gdpr_consent=
Request Chain 444
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4
Request Chain 445
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=11dedd98-6cd3-4cd4-9b3b-97ec7c281083 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=11dedd98-6cd3-4cd4-9b3b-97ec7c281083 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=210c6684-e3c7-4cb2-9fad-9d26aa53bd50&user_group=1&ssp=pubmatic&bsw_param=11dedd98-6cd3-4cd4-9b3b-97ec7c281083 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=11dedd98-6cd3-4cd4-9b3b-97ec7c281083&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 446
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YMK3KwABoefR0QAC HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMK3KwABoefR0QAC&gdpr=0&gdpr_consent=&_test=YMK3KwABoefR0QAC
Request Chain 447
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2878901784113009453&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 449
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2a6c92ca-5c97-4d2c-99ea-7e664810d72e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 450
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 451
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8957257764456227477
Request Chain 452
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_25b9ed0a-55b9-400d-802a-90a3218de5fe
Request Chain 453
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4decd3a0-ca51-11eb-9ce3-4da383785529&gdpr=0&gdpr_consent=
Request Chain 456
  • https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D HTTP 302
  • https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=zh9H8AR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9FcvYWEB HTTP 302
  • https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=8957257764456227477&mpk=zh9H8AR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9FcvYWEB HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=8957257764456227477
Request Chain 459
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Request Chain 461
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398 HTTP 302
  • https://a.audrte.com/p
Request Chain 462
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D7365be475a47309e HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=7365be475a47309e
Request Chain 463
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-69028778-2a49-4435-bd15-78f839ab6793-003&rndcb=8946962466 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=11dedd98-6cd3-4cd4-9b3b-97ec7c281083&google_hm=MTFkZWRkOTgtNmNkMy00Y2Q0LTliM2ItOTdlYzdjMjgxMDgz HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEF3dkDchZdbVT4x7eWoiook&google_cver=1&ssp=adconductor&bsw_param=11dedd98-6cd3-4cd4-9b3b-97ec7c281083 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/11dedd98-6cd3-4cd4-9b3b-97ec7c281083?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-69028778-2a49-4435-bd15-78f839ab6793-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-69028778-2a49-4435-bd15-78f839ab6793-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-69028778-2a49-4435-bd15-78f839ab6793-003&dc=1079cc634ca638f8&iss=1
Request Chain 467
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D7365be475a47309e%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=7365be475a47309e&uid=fe7fdaf4-fc77-4281-8fe2-0a4926dc9fb3
Request Chain 471
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D7365be475a47309e HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 472
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7365be475a47309e%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7365be475a47309e&uid=8957257764456227477
Request Chain 474
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-rC4nEuhE2uEEN_UlrTCJBX7ZI0GZNhG5rDjGcaw-~A
Request Chain 475
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D7365be475a47309e%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=7365be475a47309e&uid=227f1703c8b198928d58cfde8da36d2871834372
Request Chain 476
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3D7365be475a47309e HTTP 302
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=7365be475a47309e&uid=0200000010B7C2601016C07002938B90
Request Chain 478
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 482
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7365be475a47309e%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7365be475a47309e%26uid%3D&s=190243&C=1
Request Chain 486
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ab9a3ff-66ef-460d-762a-77376ac758b7%26reqId%3D8c0a925f-e7aa-4595-5c51-14c2572e7a34%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=a2f10117-620c-429f-a74d-d33fdb6d3367&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Request Chain 488
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ab9a3ff-66ef-460d-762a-77376ac758b7%26reqId%3D8c0a925f-e7aa-4595-5c51-14c2572e7a34%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=2febde62-1eb8-42a9-b25a-c98646bb342b&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Request Chain 492
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=2bfb1813-897d-48ae-ab62-a9a5eafdb82c&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 493
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=4ab9a3ff-66ef-460d-762a-77376ac758b7&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ab9a3ff-66ef-460d-762a-77376ac758b7%26reqId%3D8c0a925f-e7aa-4595-5c51-14c2572e7a34%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=4ab9a3ff-66ef-460d-762a-77376ac758b7&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ab9a3ff-66ef-460d-762a-77376ac758b7%26reqId%3D8c0a925f-e7aa-4595-5c51-14c2572e7a34%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=39371294283092625150768557121653947663&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Request Chain 495
  • https://bn01.er.bemail.it/zeotap.php?_bid=4ab9a3ff-66ef-460d-762a-77376ac758b7&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021061103-54195-0.049239001623373614-e0df979f7e4d397dee1087e8affe099e&zdid=533&env=mWeb
Request Chain 496
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ab9a3ff-66ef-460d-762a-77376ac758b7%26reqId%3D8c0a925f-e7aa-4595-5c51-14c2572e7a34%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6972336564145092756&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Request Chain 498
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=4ab9a3ff-66ef-460d-762a-77376ac758b7&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ab9a3ff-66ef-460d-762a-77376ac758b7%26reqId%3D8c0a925f-e7aa-4595-5c51-14c2572e7a34%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=4ab9a3ff-66ef-460d-762a-77376ac758b7&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ab9a3ff-66ef-460d-762a-77376ac758b7%26reqId%3D8c0a925f-e7aa-4595-5c51-14c2572e7a34%26zdid%3D1361&bounce=1&random=2238606648 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=EG0XpwRSXomal0PeXqElSe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Request Chain 500
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=4ab9a3ff-66ef-460d-762a-77376ac758b7?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=5fcf193cb05933b0b37be3d61ca814ec&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Request Chain 501
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-cgfKE_ZE2oqrUP.oUV9ppJqGNHHjhjSoKA--~A&zpartnerid=570&env=mWeb
Request Chain 502
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ef4PknNLWJCWb3hPpRyJ2ba5pk62UZFF%2BS41iYitP1U%3D
Request Chain 506
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ab9a3ff-66ef-460d-762a-77376ac758b7%26reqId%3D8c0a925f-e7aa-4595-5c51-14c2572e7a34%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ab9a3ff-66ef-460d-762a-77376ac758b7%26reqId%3D8c0a925f-e7aa-4595-5c51-14c2572e7a34%26zdid%3D1361&_test=YMK3KwABeL8RBgBg HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMK3KwABeL8RBgBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361&_test=YMK3KwABeL8RBgBg
Request Chain 507
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ab9a3ff-66ef-460d-762a-77376ac758b7%26reqId%3D8c0a925f-e7aa-4595-5c51-14c2572e7a34%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=8e0160c2-b727-4200-9f59-63eef7ed5593&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Request Chain 508
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Request Chain 509
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4ab9a3ff-66ef-460d-762a-77376ac758b7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4ab9a3ff-66ef-460d-762a-77376ac758b7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361&dcc=t
Request Chain 510
  • https://tags.bluekai.com/site/87734?id=4ab9a3ff-66ef-460d-762a-77376ac758b7&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 517
  • https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AE1rmmt7QUleGmgB
Request Chain 520
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8957257764456227477
Request Chain 521
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8957257764456227477
Request Chain 522
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8957257764456227477
Request Chain 523
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rC4nEuhE2uEEN_UlrTCJBX7ZI0GZNhG5rDjGcaw-~A
Request Chain 525
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=8e6698b5-305d-51a2-9f24-424affe6f578
Request Chain 526
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=227f1703c8b198928d58cfde8da36d2871834372
Request Chain 528
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 538
  • https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2878901784113009453&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 539
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=GPffB-xuyEYCGobrdJ5nhA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 541
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=P4eGaIiY1LRvDk5
Request Chain 542
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
Request Chain 543
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADEJU7BhW4AADL850HYrg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 548
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMK3LI4f45Hfps5IucTAWwAABHMAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJkxKjcIBexJXRmrgrxs3M8&google_cver=1
Request Chain 550
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMK3LI4f45Hfps5IucTAWwAABHMAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMK3LI4f45Hfps5IucTAWwAABHMAAAIB&dcc=t
Request Chain 551
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMK3LI4f45Hfps5IucTAWwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIFL9yEmcloW2HoFKOhl0Q8&google_cver=1&gdpr=1
Request Chain 554
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=hlmN8dJe3PudXo_wgl_D-oBb16CdC9an1l_X9rKZ
Request Chain 555
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623460013&gdpr=1
Request Chain 558
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=8e0160c2-b727-4200-9f59-63eef7ed5593&gdpr=1&gdpr_consent=
Request Chain 561
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2878901784113009453
Request Chain 562
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=P4eGaIiY1LRvDk5&gdpr=1
Request Chain 563
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06562204004c2ca391f4b181&expiration=[EXPIRATION]&gdpr=1
Request Chain 580
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=5fcf193cb05933b0b37be3d61ca814ec&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=5fcf193cb05933b0b37be3d61ca814ec&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=56268590373764666021564210384092450508 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=56268590373764666021564210384092450508
Request Chain 581
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NWZjZjE5M2NiMDU5MzNiMGIzN2JlM2Q2MWNhODE0ZWM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NWZjZjE5M2NiMDU5MzNiMGIzN2JlM2Q2MWNhODE0ZWM&google_tc=
Request Chain 584
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=025a60c2-b732-4f00-8d33-39827f723ec9 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=025a60c2-b732-4f00-8d33-39827f723ec9&ct=y
Request Chain 585
  • https://id5-sync.com/s/19/9.gif?puid=5fcf193cb05933b0b37be3d61ca814ec&gdpr=1 HTTP 302
  • https://id5-sync.com/c/19/19/9/1.gif?puid=5fcf193cb05933b0b37be3d61ca814ec&gdpr=1&gdpr_consent= HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOfSdc2TZhiq9MosKO-oOw_J1I-yJnKpwJMqWctg/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F8%2F2.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/224/8/2.gif?puid=2913728097660396619&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F7%2F3.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://tags.bluekai.com/site/5907?limit=0&id=4ddcd062652e29595f574e9d9f7d580a&redir=https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOfSdc2TZhiq9MosKO-oOw_J1I-yJnKpwJMqWctg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NWZjZjE5M2NiMDU5MzNiMGIzN2JlM2Q2MWNhODE0ZWM&google_redir={xENCODEDURL}&id5id=ID5-ZHMOfSdc2TZhiq9MosKO-oOw_J1I-yJnKpwJMqWctg
Request Chain 588
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=0l2S7-g6u5NR6OaO-Zh0CKFfg&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=0l2S7-g6u5NR6OaO-Zh0CKFfg&gdpr=0&gdpr_consent=&google_gid=CAESEOO4nYTboUSvDj6AGUTbvjI&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 589
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=1183718136248669296 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=0l2S7-g6u5NR6OaO-Zh0CKFfg&gdpr=0&gdpr_consent=

587 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
vnexpress.net/
Redirect Chain
  • http://vnexpress.net/
  • https://vnexpress.net/
181 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
677whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
vnexpress.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
device_env=4; Expires=Fri, 11 Jun 2021 09:06:43; Domain=.vnexpress.net; Path=/
v-cache
VNE4
cache-control
max-age=60, stale-while-revalidate=6, stale-if-error=864000, private
etag
W/"b2525189b331004cca5d77df28844bc0"
server
677whgldd10bf7c7468e873e79ba2ad139
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip

Redirect headers

Date
Fri, 11 Jun 2021 01:06:42 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Keep-Alive
timeout=60
Location
https://vnexpress.net/
Server
877whgldd10bf7c7468e873e79ba2ad139
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
eclick.js
s.eclick.vn/delivery/ 		0
0
gpt.js
www.googletagservices.com/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"899 / 910 of 1000 / last-modified: 1623363054"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21349
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:43 GMT
dfpbrand.js
s.eclick.vn/delivery/dfp/ 		0
0
prebid.js
s.eclick.vn/delivery/dfp/ 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		0
0
ov_pc_vne_home_home.js
s.eclick.vn/delivery/dfp/ 		0
0
1000000.js
s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/blocks/site/ 		0
0
gtm.js
www.googletagmanager.com/ 		0
0
analytics.js
www.google-analytics.com/ 		0
0
Primary Request /
vnexpress.net/ 		181 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vnexpress.net/
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
677whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash
722421dd28b15ea3fa535b59e3be42d770357b16758b77e0c883a485ca2fc29e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
vnexpress.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
device_env=4; sw_version=1; _efr=1623373560000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

date
Fri, 11 Jun 2021 01:06:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
v-cache
VNE4
cache-control
max-age=60, stale-while-revalidate=6, stale-if-error=864000, private
etag
W/"b2525189b331004cca5d77df28844bc0"
server
677whgldd10bf7c7468e873e79ba2ad139
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip
perf
logperf.vnexpress.net/ 		0
0
eclick.js
s.eclick.vn/delivery/ 		537 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eclick.vn/delivery/eclick.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-static_eclick_141_34 /
Resource Hash
59989085c1a3b8a2f0dde501b5226f26af844f4dbf7b5596790aa10db5fafa80

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:43 GMT
content-encoding
gzip
last-modified
Wed, 09 Jun 2021 02:04:38 GMT
server
FPT-static_eclick_141_34
etag
W/"60c021b6-219"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=0, static_eclick_141_34,no-cache
expires
Fri, 11 Jun 2021 01:06:43 GMT
gpt.js
www.googletagservices.com/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
177ebb35a735e9e11c5eb72933843b73e5625ef2dadf80f1a32fefd0817f00d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"899 / 621 of 1000 / last-modified: 1623363152"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21316
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:43 GMT
dfpbrand.js
s.eclick.vn/delivery/dfp/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eclick.vn/delivery/dfp/dfpbrand.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-static_eclick_141_34 /
Resource Hash
50f279761c523938ab4343556f143bb1ac4bd3874aa2c4e95b6d3b4ae5f5fab6

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:43 GMT
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 03:42:25 GMT
server
FPT-static_eclick_141_34
etag
W/"60b84fa1-115c9"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
expires
Fri, 11 Jun 2021 02:06:43 GMT
prebid.js
s.eclick.vn/delivery/dfp/ 		291 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eclick.vn/delivery/dfp/prebid.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-static_eclick_141_34 /
Resource Hash
4b9567f947e6f537c8c6858b78d5f31598d63aeb8e9013709494ce3a22fca803

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:43 GMT
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 03:58:02 GMT
server
FPT-static_eclick_141_34
etag
W/"6046f24a-48d9c"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
expires
Fri, 11 Jun 2021 02:06:43 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
93845c8e01fbf1e9111c164cd508bff9480567310557e22686d876037ce82c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"899 / 598 of 1000 / last-modified: 1623363152"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21350
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:43 GMT
ov_pc_vne_home_home.js
s.eclick.vn/delivery/dfp/ 		106 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-static_eclick_141_34 /
Resource Hash
1099887444e81ab189fd60a517f0142587416f66f3052324c7a49099601706a0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:43 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 05:21:47 GMT
server
FPT-static_eclick_141_34
etag
W/"60befe6b-1a822"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
expires
Fri, 11 Jun 2021 02:06:43 GMT
1000000.js
s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/blocks/site/ 		154 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/blocks/site/1000000.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
95346e98c3799b0a4dcbd652c9cbeac6b95ac0c6f065134bfe81a81497ccdf44

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
gzip
last-modified
Wed, 09 Jun 2021 15:05:07 GMT
etag
W/"60c0d8a3-2685b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:44 GMT
gtm.js
www.googletagmanager.com/ 		312 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a454bcc9437ff9876a65a7b2a8d26d2f02eb845e1ac2800b6fa5bc64f0ff39f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53866
x-xss-protection
0
last-modified
Fri, 11 Jun 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 11 Jun 2021 01:06:43 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3962
date
Fri, 11 Jun 2021 00:00:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 11 Jun 2021 02:00:41 GMT
perf
logperf.vnexpress.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logperf.vnexpress.net/perf?lt=0&dclt=0&sr=0&url=vne_reload&iscache=0&device_env=4&domain=vnexpress.net&timeserver=1623373560000&timecookie=1623373560000&timeclient=1623391603000&action=no_reload
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
180.148.129.21 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
avmLibrary.js
storage.googleapis.com/adasia-ad-network-origin/atm/library/ 		16 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
434762a76dfd6af3bdeeb1f2de8dad923633467deb93e7c15ac71cd87e5b99df

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:21 GMT
content-encoding
age
22
x-guploader-uploadid
ABg5-UwxUTmZO3VuDXUGSM7g7pNWp95xqOs0JgVi-xdGtaQgw3mXbHZtaAgjxyNxA3XecqLBPKDTiPzgZHkQ0zGPS_Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
1
x-goog-stored-content-encoding
content-disposition
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16656
x-goog-meta-
last-modified
Tue, 11 Aug 2020 07:31:10 GMT
server
UploadServer
etag
"9dfc4ebc8c94abdb09c9fb98143eff5e"
x-goog-hash
crc32c=61K1/A==, md5=nfxOvIyUq9sJyfuYFD7/Xg==
content-language
x-goog-generation
1597131070573686
cache-control
public, max-age=60
x-goog-stored-content-length
16656
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 11 Jun 2021 01:07:21 GMT
general-file.css
s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/ 		117 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/general-file.css
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
da08e3c9ffa013580c65b3b8da2f39f3f866a96408b3df35e7d343d149899847

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 04:52:12 GMT
etag
W/"60af257c-1d4d4"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:44 GMT
vod.js
s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/ 		1 KB
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/vod.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
5429c9d50e6222c5a8082411c59146871a585b8eadc84a9d7843ec0953274ef3

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 01:24:32 GMT
etag
W/"60934550-446"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:44 GMT
logo.svg
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/logo.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
cd456e897b78da5e11de8896786c7224774c71b21f46d04bc65ee6f32b040958

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:44 GMT
last-modified
Thu, 06 May 2021 01:23:20 GMT
etag
"60934508-13b6"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5046
expires
Sun, 12 Jun 2022 01:06:44 GMT
banner_tiepsuc_tamdich_home_pc.jpg
s1.vnecdn.net/vnexpress/restruct/i/v391/banner/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.vnecdn.net/vnexpress/restruct/i/v391/banner/banner_tiepsuc_tamdich_home_pc.jpg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
0c84cf92322d1cced22a12ae95bb96fb0758c950f9fde7476934ec5915787005

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:44 GMT
last-modified
Sat, 08 May 2021 07:41:49 GMT
etag
"609640bd-12419"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
74777
expires
Sun, 12 Jun 2022 01:06:44 GMT
icon-vne.svg
s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/images/graphics/ 		57 KB
57 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/images/graphics/icon-vne.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
45b83f6b6a8fc5a941655b074f10b26bc4dfca4035c372326e1dba7307c82c43

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:44 GMT
last-modified
Thu, 06 May 2021 01:23:00 GMT
etag
"609344f4-e3ec"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
58348
expires
Sun, 12 Jun 2022 01:06:44 GMT
category.js
s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/config/ 		46 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/config/category.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
dd9d86263e6d1919435eb92f4d26e08fc4a71fa01cb1b8210f06e8697bbaf0da

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 07:22:31 GMT
etag
W/"60c1bdb7-b7d0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:44 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
fonts.css
s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/webfonts/ 		971 B
521 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/webfonts/fonts.css
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
d54b99754769e4c871583c276d4fae52d6fe493fa188ac09027a9deec6c46c7c

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 01:23:00 GMT
etag
W/"609344f4-3cb"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:44 GMT
SettopQuocHoi01-1623328060-6104-1623334203.jpg
vcdn1-vnexpress.vnecdn.net/2021/06/10/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-vnexpress.vnecdn.net/2021/06/10/SettopQuocHoi01-1623328060-6104-1623334203.jpg?w=680&h=408&q=100&dpr=1&fit=crop&s=e9x6QrZwvskIK3XF0niMCw
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9ec1653dde6d914ae835ee438a1b98eff4dbdac3417c47d55fbb6eed630ef2a7

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:43 GMT
last-modified
Thu, 10 Jun 2021 14:10:11 GMT
server
keycdn-engine
link
<http://i1-vnexpress.vnecdn.net/2021/06/10/SettopQuocHoi01-1623328060-6104-1623334203.jpg?w=680&h=408&q=100&dpr=1&fit=crop&s=e9x6QrZwvskIK3XF0niMCw>; rel="canonical"
x-edge-location
defr
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
x-shield
active
content-length
124064
expires
Sat, 11 Jun 2022 06:55:43 GMT
TranVanPhucpng-1490927036.png
vcdn1-vnexpress.vnecdn.net/2017/03/31/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-vnexpress.vnecdn.net/2017/03/31/TranVanPhucpng-1490927036.png?w=100&h=100&q=100&dpr=1&fit=crop&s=bSd7XIwISyPCOEQsLmZazA
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5869b042f014f2d4e765b8b4b0814979a2d9677614df1336782ab54aa962bd43

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:43 GMT
last-modified
Wed, 09 Jun 2021 23:31:37 GMT
server
keycdn-engine
link
<http://i1-vnexpress.vnecdn.net/2017/03/31/TranVanPhucpng-1490927036.png?w=100&h=100&q=100&dpr=1&fit=crop&s=bSd7XIwISyPCOEQsLmZazA>; rel="canonical"
x-edge-location
defr
x-cache
HIT, HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
x-shield
active
content-length
8252
expires
Sat, 11 Jun 2022 06:55:43 GMT
IMG5425JPG-1623116895-1726-1623123872.jpg
vcdn1-suckhoe.vnecdn.net/2021/06/08/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-suckhoe.vnecdn.net/2021/06/08/IMG5425JPG-1623116895-1726-1623123872.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=0-fvpt1SuU1l3jVAMnZNbQ
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2d6cd0b1b71fe98fadc892f373ca3bb5b944af92b88c217c77eef230dff533c5

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:43 GMT
last-modified
Thu, 10 Jun 2021 22:00:45 GMT
server
keycdn-engine
link
<http://i1-suckhoe.vnecdn.net/2021/06/08/IMG5425JPG-1623116895-1726-1623123872.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=0-fvpt1SuU1l3jVAMnZNbQ>; rel="canonical"
x-edge-location
defr
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
x-shield
active
content-length
22348
expires
Sat, 11 Jun 2022 06:55:43 GMT
pubads_impl_2021060701.js
securepubads.g.doubleclick.net/gpt/ 		318 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
094c1111eeb737673d376e2598c9abfad2c1dadeab91522940bbf5d2ff512a72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Jun 2021 08:45:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114129
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:43 GMT
lazyload.js
s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/lazyload.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
e5235b9bab8f3e03517428422f94e0cfc8f356ce0089cfc60a0a7032af1825c2

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 01:24:31 GMT
etag
W/"6093454f-27d4"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:44 GMT
home.defer.js
s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/modules/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/modules/home.defer.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
6419c8923bcd1a5e445edcbc8b321f47851f1df786aae1b8a337d75d47c79702

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 04:51:15 GMT
etag
W/"60b85fc3-8c43"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:44 GMT
js
www.googletagmanager.com/gtag/ 		120 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fae447a5d17a18f722a82ed5bb897ef1b03b86b343284df2b163df49aa171140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:43 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46913
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:43 GMT
js
www.googletagmanager.com/gtag/ 		120 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
feb017b733b79119e3e7cd79f4bba02ee5eed276736eeb7ef37bf77af899e8c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:43 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46980
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:43 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-50285069-28&cid=29963317.1623373604&jid=1535191771&gjid=1912938012&_gid=248531340.1623373604&_u=aGDAgEABAAAAAE~&z=637245465
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 11 Jun 2021 01:06:43 GMT
content-type
text/plain
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-P5FWR6V&t=gtm9&cid=29963317.1623373604
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8780b1a6e2364266ca186c7cbf8bdaad698cfebb84d63f8d19d5de3744b442cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35591
x-xss-protection
0
last-modified
Fri, 11 Jun 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 11 Jun 2021 01:06:43 GMT
ea3.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
2158f6295fd6de1f85e8230b955e5707d717af210d28722ba3f194e9a07f5b12

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:43 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Wed, 14 Apr 2021 07:38:01 GMT
server
keycdn-engine
etag
W/"60769bd9-8e99"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js>; rel="canonical"
expires
Sat, 11 Jun 2022 06:55:43 GMT
tag.js
mc.yandex.ru/metrika/ 		218 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
c6754c3241a18169afee078352f5e11c9c8eec97b9e2fb173f541ce2d07dd210
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:43 GMT
content-encoding
br
last-modified
Tue, 08 Jun 2021 09:54:37 GMT
etag
"60bf3bc8-114ef"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
70895
expires
Fri, 11 Jun 2021 02:06:43 GMT
cdp.js
octopus-stream01-cads.fpt.vn/ 		128 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://octopus-stream01-cads.fpt.vn/cdp.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software
nginx /
Resource Hash
b476050bd16f18678b3061ad5e0a1181fce5592005cd9f2e632f97bf677de83a

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:44 GMT
Last-Modified
Wed, 19 May 2021 07:24:28 GMT
Server
nginx
ETag
"60a4bd2c-20170"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
131440
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1810308553&t=pageview&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEAB~&jid=1535191771&gjid=1912938012&cid=29963317.1623373604&tid=UA-50285069-28&_gid=248531340.1623373604&gtm=2wg690N3FNJF&cg1=Home&cg4=Home&cd1=1000000&cd8=Home&cd17=No&cd19=Web&cd22=1&cd24=0&cd27=Home&cd37=&cd55=29963317.1623373604&z=1498198225
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 20:23:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17010
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
api.ipify.org/ 		45 B
229 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=jsonp&callback=adAsiaTM.writeIpData
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.226.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-226-23.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
041364c2eaa14402c5d37ff2827d22d05ed11152dab24801e8cdff2a0588a3c7

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:44 GMT
Via
1.1 vegur
Server
Cowboy
Connection
keep-alive
Content-Length
45
Vary
Origin
Content-Type
application/javascript
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 14:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33495
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jun 2022 14:20:02 GMT
smart.js
ced.sascdn.com/tag/2060/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/2060/smart.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f4a1f2dfe79b751c36aca5e01379145e3842614d4363b6384267f0b514abd133

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:44 GMT
Content-Encoding
gzip
Cache-Control
public, max-age=165
Content-Length
12553
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
atmSticky.js
storage.googleapis.com/adasia-ad-network-origin/atm/library/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/adasia-ad-network-origin/atm/library/atmSticky.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
57b34107b8f7999e55b91489c92d84cb8b966dc48efaf173ea6e3333b39ef1c9

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 00:36:28 GMT
age
1815
x-guploader-uploadid
ABg5-UyBejgkSNj76MM_DFsWhDZvStc--PrtyEg9GUs9YrkudSJS3bBWJsbHrDm5_XRbdVVRSQKGx1311rhGEv9IpWs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
last-modified
Fri, 24 Aug 2018 08:30:39 GMT
server
UploadServer
etag
"0f158b74b82b73279189624ff4bee981"
x-goog-hash
crc32c=HUYPNw==, md5=DxWLdLgrcyeRiWJP9L7pgQ==
x-goog-generation
1535099439593447
cache-control
public, max-age=31536000
x-goog-stored-content-length
6232
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 11 Jun 2022 00:36:28 GMT
domain.js
storage.googleapis.com/adasia-ad-network-origin/atm/config/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/adasia-ad-network-origin/atm/config/domain.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
693fbd0ab5fc53069137459b79a060d087dc2a1ce0c5e13277297799a38ce621

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:05:45 GMT
age
58
x-guploader-uploadid
ABg5-UwcG0K0ZAE37QwuxajET6pJHlEpSalB7-DCnCzzTF6jg-5lcCRiSLBFtpKIa8qeJNOUJcS3iXGFNokhOYOgP-w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11525
last-modified
Tue, 27 Oct 2020 09:28:39 GMT
server
UploadServer
etag
"9ea740f3ffa53339fa0a55540ed53fd8"
x-goog-hash
crc32c=IZZ5fQ==, md5=nqdA8/+lMzn6ClVUDtU/2A==
x-goog-generation
1603790919481748
cache-control
public, max-age=3600
x-goog-stored-content-length
11525
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 11 Jun 2021 02:05:45 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-50285069-28&cid=29963317.1623373604&jid=1535191771&_u=aGDAgEABAAAAAE~&z=903411396
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-50285069-28&cid=29963317.1623373604&jid=1535191771&_u=aGDAgEABAAAAAE~&z=903411396
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-DQJ7NF9DN2&gtm=2oe690&_p=1810308553&sr=1600x1200&_gaz=1&ul=en-us&cid=29963317.1623373604&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&dr=https%3A%2F%2Fvnexpress.net%2F&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sid=1623373603&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DQJ7NF9DN2&cid=29963317.1623373604&gtm=2oe690&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-57577CKS2C&gtm=2oe690&_p=1810308553&sr=1600x1200&_gaz=1&ul=en-us&cid=29963317.1623373604&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&dr=https%3A%2F%2Fvnexpress.net%2F&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sid=1623373603&sct=1&seg=0&en=page_view&_fv=2&_ss=1&_c=1&ep.vn_segment=%7Bvn_segment%7D%7D&up.page_category=Home&up.page_category_id=1000000&up.page_subcategory_id=&up.page_type=Home&up.page_platform=Web&up.user_logged_in=No
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-57577CKS2C&cid=29963317.1623373604&gtm=2oe690&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DQJ7NF9DN2&cid=29963317.1623373604&gtm=2oe690&aip=1&z=1626447522
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-57577CKS2C&cid=29963317.1623373604&gtm=2oe690&aip=1&z=33417734
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bad.js
s.eclick.vn/ 		17 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eclick.vn/bad.js
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-static_eclick_141_34 /
Resource Hash
ed4ef2139cd317225ee317868a334ddb6218915eeb808fa9d8017ab6e9dbabdc

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
gzip
last-modified
Sun, 09 Aug 2020 14:01:42 GMT
server
FPT-static_eclick_141_34
etag
W/"5f3001c6-11"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
expires
Sat, 12 Jun 2021 01:06:44 GMT
syncuser
adp.vnecdn.net/ 		110 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adp.vnecdn.net/syncuser?fosp_aid=fxuh9ku3npevl2ct.1623373603.des&orig_aid=fxuh9ku3npevl2ct.1623373603.des&myvne_user_id=0
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.226 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
9f04075a8f74c386680f9f68ddfa07f4d237f2d12453e5b438adefaac9f8d1fd

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 11 Jun 2021 08:06:44 GMT
Server
nginx/1.12.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://vnexpress.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
get
la.vnecdn.net/ 		288 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://la.vnecdn.net/get?action_name=vnexpress.net%2FVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&idsite=6&rec=1&r=211806&h=3&m=6&s=43&url=https%3A%2F%2Fvnexpress.net%2F&urlref=https%3A%2F%2Fvnexpress.net%2F&_id=59a6c7c47f4be08b&_idts=1623373604&_idvc=1&_idn=1&_refts=0&_viewts=1623373604&cvar=%7B%222%22%3A%5B%22tt_category_id%22%2C%221000000%22%5D%2C%223%22%3A%5B%22tt_article_id%22%2C%221000000%22%5D%2C%226%22%3A%5B%22keyword%22%2C%22VnExpress%2C%20tin%20t%E1%BB%A9c%2C%20tin%20the%20gioi%2C%20tin%20nhanh%2C%20tin%20tuc%20viet%20nam%2C%20doc%20bao%20VnExpress%20tin%20t%E1%BB%A9c%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20-%20Th%C3%B4ng%20tin%20nhanh%20%26%20ch%C3%ADnh%20x%C3%A1c%20%C4%91%C6%B0%E1%BB%A3c%20c%E1%BA%ADp%20nh%E1%BA%ADt%20h%C3%A0ng%20gi%E1%BB%9D.%20%C4%90%E1%BB%8Dc%20b%C3%A1o%20tin%20t%E1%BB%A9c%20online%20Vi%E1%BB%87t%20Nam%20%26%20Th%E1%BA%BF%20gi%E1%BB%9Bi%20n%C3%B3ng%20%22%5D%7D&cookie=1&res=1600x1200&_cvar=%7B%224%22%3A%5B%22fosp_aid%22%2C%22fxuh9ku3npevl2ct.1623373603.des%22%5D%7D&gt_ms=383&fosp_id=fxuh9ku3npevl2ct.1623373603.des
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
180.148.141.233 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
/
Resource Hash
2da11667e58e95ebe2ae796b3dadd0a6f9f7e396f2c0cdad994943b05650d7ec

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/javascript
Content-Length
288
P3P
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE IND PHY ONL COM NAV OTC NOI DSP COR IDC'
get
la2.vnecdn.net/ 		0
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://la2.vnecdn.net/get?app_id=100&ss_id=0&pg_id=3269559df5dfedbecfa6ccb2a65d9115&site_id=1000000&page_type=1&idsite=1000000&type=site&fid=1000000&aid=1000000&fosp_aid=fxuh9ku3npevl2ct.1623373603.des&orig_aid=fxuh9ku3npevl2ct.1623373603.des&fosp_country=&fosp_gender=&fosp_ip=&fosp_isp=&fosp_zone=&fosp_location=&adblock=0&myvne_user_id=0&referrer=https%3A%2F%2Fvnexpress.net%2F&url=https%3A%2F%2Fvnexpress.net%2F&publication=&author=&article_type=&wordcount=&list_folder=1000000&vn_source=&vn_medium=&vn_campaign=&vn_term=&vn_content=&utm_source=&utm_medium=&utm_campaign=&utm_term=&utm_content=&index_topic=0&index_format=0&index_type=&r=0.8632564169663992&v=0809&action=pv
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
180.148.132.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FT /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Jun 2021 01:06:45 GMT
Cache-Control
no-cache
Server
FT
Connection
keep-alive
Expires
Fri, 11 Jun 2021 01:06:44 GMT
vn_block_keywords.js
storage.googleapis.com/adasia-ad-network-origin/atm/config/ 		97 B
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/adasia-ad-network-origin/atm/config/vn_block_keywords.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bbfab80d791a853415a874777184fa442df7d5f61e4da3171bfb5278e16cc6bf

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 00:08:51 GMT
age
3472
x-guploader-uploadid
ABg5-UxxGcNqaJ2t8wUfT8_wsgXu2OWvEmgl8DZCj64weHibO3tBJz3a_5hE4m_n7y-8vXCGVs4DFQnv292YeQEoJg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97
last-modified
Tue, 20 Aug 2019 03:10:31 GMT
server
UploadServer
etag
"9ab805e8e5990ef2f6e5490772bebde8"
x-goog-hash
crc32c=yqWvcg==, md5=mrgF6OWZDvL25UkHcr696A==
x-goog-generation
1566270631279906
cache-control
public, max-age=3600
x-goog-stored-content-length
97
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 11 Jun 2021 01:08:51 GMT
gtm.js
www.googletagmanager.com/ 		104 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJGNLDW&l=adAsiaDataLayer
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
767c43e9a6452ee93f57eccbe8f847745bd6f3c358418837ce7c81fce59e152a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39435
x-xss-protection
0
last-modified
Fri, 11 Jun 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 11 Jun 2021 01:06:43 GMT
adasia.js
cdn.hbplatform.com/adasia/tags/2/1121/ 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hbplatform.com/adasia/tags/2/1121/adasia.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:98f7:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8327b8e8cf877b87688ffc35ac6117b1632c0916e128ee022a8a97a8f53017b1

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 00:59:00 GMT
content-encoding
gzip
age
464
x-guploader-uploadid
ABg5-UwP7fx2Si2xKbj49axd-oUz0JIUpPhdPmjCx5pO4j1dj_tf7W_LsAOdJJNut8V_nl-arFelyVxlHz0CZ5RSOeU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
15806
last-modified
Wed, 02 Jun 2021 03:51:13 GMT
server
UploadServer
etag
"2cc0fc6e4711fb90a33fd00f5ac57395"
vary
Accept-Encoding
x-goog-hash
crc32c=p/At9g==, md5=LMD8bkcR+5CjP9APWsVzlQ==
x-goog-generation
1622605873646236
cache-control
public, max-age=1800
x-goog-stored-content-length
15806
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
cross-origin-resource-policy
cross-origin
expires
Fri, 11 Jun 2021 01:29:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-169340704-1&cid=29963317.1623373604&jid=1467908023&gjid=727986353&_gid=248531340.1623373604&_u=aGDAgEADQAAAAE~&z=1430851666
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 11 Jun 2021 01:06:43 GMT
content-type
text/plain
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1810308553&t=pageview&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQAAAAE~&jid=1467908023&gjid=727986353&cid=29963317.1623373604&tid=UA-169340704-1&_gid=248531340.1623373604&gtm=2wg690N3FNJF&cg1=Home&cg4=Home&cd1=1000000&cd2=Home&cd3=&cd5=Home&cd6=Web&cd55=29963317.1623373604&z=1419056716
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 20:23:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17010
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbyeclick.js
scdn.eclick.vn/delivery/asset/324640834/ 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scdn.eclick.vn/delivery/asset/324640834/adsbyeclick.js
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/eclick.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3b9cd6acc4156213e43f68d0cadc72e4791e9c605084439207a3cc6de146bd01

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
FOL
date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
gzip
last-modified
Wed, 09 Jun 2021 02:03:14 GMT
server
keycdn-engine
link
<http://s.eclick.vn/delivery/asset/324640834/adsbyeclick.js>; rel="canonical"
x-edge-location
defr
etag
W/"60c02162-621f"
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
x-shield
active
expires
Fri, 11 Jun 2021 02:06:44 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9300.R5XiRdQH1sOvXPRm3C1AfCcRqTIEUIz1cd5LGyoPTEZ2naJ3gbhApa1Uz7QrJtYv._8UZLfJu5Sb-61HpYiqOLSlHzGE%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9300.Zw-VAEoh3c9HwrWngGnrTsEm8UD-pa48DTFxuJ3jYkmcXHoEgLBPK6H3vZcJ4rTx3K8F2w9AWEs-MG1QDTTq4A%2C%2C.DYdgyMTEsqa97nsSXfcRb1dF6Y0%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9300.Zw-VAEoh3c9HwrWngGnrTsEm8UD-pa48DTFxuJ3jYkmcXHoEgLBPK6H3vZcJ4rTx3K8F2w9AWEs-MG1QDTTq4A%2C%2C.DYdgyMTEsqa97nsSXfcRb1dF6Y0%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:44 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9300.Zw-VAEoh3c9HwrWngGnrTsEm8UD-pa48DTFxuJ3jYkmcXHoEgLBPK6H3vZcJ4rTx3K8F2w9AWEs-MG1QDTTq4A%2C%2C.DYdgyMTEsqa97nsSXfcRb1dF6Y0%2C
date
Fri, 11 Jun 2021 01:06:44 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:44 GMT
last-modified
Tue, 08 Jun 2021 09:54:37 GMT
etag
"60bf3bc8-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 11 Jun 2021 02:06:44 GMT
Merriweather-Bold.woff2
s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/fonts/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/fonts/Merriweather-Bold.woff2
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/webfonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
119ec1d9a42611e9ff521ffd50a5a8b85df6006c9c19ce856ebcef1ea373f506

Request headers

Origin
https://vnexpress.net
Referer
https://s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/webfonts/fonts.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:44 GMT
last-modified
Thu, 06 May 2021 01:23:00 GMT
etag
"609344f4-ed40"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
60736
expires
Sun, 12 Jun 2022 01:06:44 GMT
Merriweather-Regular.woff2
s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/fonts/ 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/fonts/Merriweather-Regular.woff2
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/webfonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
92482f69cf8b488f4e0364ce1ead48d89a0bac67ae2d147e7028fd14afb42aae

Request headers

Origin
https://vnexpress.net
Referer
https://s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/webfonts/fonts.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:44 GMT
last-modified
Thu, 06 May 2021 01:23:00 GMT
etag
"609344f4-f2a8"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
62120
expires
Sun, 12 Jun 2022 01:06:44 GMT
hls.js
s1.vnecdn.net/vnexpress/restruct/j/v1768/v2/helper/vod/ 		239 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v2/helper/vod/hls.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
e31abfba9498eb99c83e4d738058db4f316f1a3ef6d33e8dbb2cd5cf077096cd

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 01:24:27 GMT
etag
W/"6093454b-3bc3b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:44 GMT
embed_vod.js
s1.vnecdn.net/vnexpress/restruct/j/v1768/v2/helper/ 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v2/helper/embed_vod.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
a6fd348793c16aaf8ad37966e528325582aad94ffbe93729bc6ab51fe9c639f5

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 01:24:27 GMT
etag
W/"6093454b-dcbf"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:44 GMT
video-js.css
s1.vnecdn.net/vnexpress/restruct/j/v1768/v2/helper/vod/ 		75 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v2/helper/vod/video-js.css
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/vod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
cce58d4c04c5bc1c3c6cf3687222a843bc8f65c7425d10cb3ade72a7912e49c8

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 01:24:27 GMT
etag
W/"6093454b-12c5c"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:44 GMT
ads.js
s1.vnecdn.net/vnexpress/restruct/j/v1768/v2/helper/vod/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v2/helper/vod/ads.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
9742ad08db82dedf33acd2fe9bea9390d6197e672ccc2a6d3f40d87ed964824c

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 01:24:27 GMT
etag
W/"6093454b-7595"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:44 GMT
prebid.js
cdn.fuseplatform.net/adasia/tags/2/1121/ 		249 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fuseplatform.net/adasia/tags/2/1121/prebid.js
Requested by
Host: cdn.hbplatform.com
URL: https://cdn.hbplatform.com/adasia/tags/2/1121/adasia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:98f7:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
13791f74085348e02137240ad8a3fa0f5b85c92c2b04867b064f2e8bda4733a0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 00:36:51 GMT
content-encoding
gzip
age
1793
x-guploader-uploadid
ABg5-Uw3V3o-4gdE824VY-Cgp8o3Fz_qRQ4jX6QY3hoMIOBLyr1MNu-V5xLbfH2SkPI1qNuWAaRjXw6DzoMru2w9PA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
79353
last-modified
Wed, 02 Jun 2021 03:51:13 GMT
server
UploadServer
etag
"3a55bf7e0d0dcf5840cafc850adf7d3f"
vary
Accept-Encoding
x-goog-hash
crc32c=4Cx9rw==, md5=OlW/fg0Nz1hAyvyFCt99Pw==
x-goog-generation
1622605873642954
cache-control
public, max-age=1800
x-goog-stored-content-length
79353
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
cross-origin-resource-policy
cross-origin
expires
Fri, 11 Jun 2021 01:06:51 GMT
eclookup.html
g.eclick.vn/delivery/ Frame 2564 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g.eclick.vn/delivery/eclookup.html?fosp_aid=fxuh9ku3npevl2ct.1623373603.des&orig_aid=fxuh9ku3npevl2ct.1623373603.des&myvne_user_id=0
Requested by
Host: scdn.eclick.vn
URL: https://scdn.eclick.vn/delivery/asset/324640834/adsbyeclick.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.224 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
c4d10214d66669b2cc88ea8affa688376b10bce29d513a0401f4e44b3b187710

Request headers

Host
g.eclick.vn
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://vnexpress.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

Server
nginx/1.12.2
Date
Fri, 11 Jun 2021 01:06:45 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
fopt.js
adp.vnecdn.net/ 		139 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adp.vnecdn.net/fopt.js?aid=fxuh9ku3npevl2ct.1623373603.des
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.226 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
cb17305d1e2a40e9ad673aa940019676c4a200753ec1b71b50513d6fa73732bd

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 11 Jun 2021 08:06:44 GMT
Server
nginx/1.12.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=86400, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Expires
Sat, 12 Jun 2021 09:06:44 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16600b031f7e2e59efe4b96a23e07fb4a56b411833e73070c1c8b60bc7116cf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 00:29:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2261
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5871
x-xss-protection
0
server
cafe
etag
12272712123306252075
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 11 Jun 2021 01:29:03 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Fri, 11 Jun 2021 01:06:45 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
arj
ureka-d.openx.net/w/1.0/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Fri, 11 Jun 2021 01:06:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
rtb.adpone.com/ 		729 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=1201181228390
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
239c953d2fa7b27207f1840a11cb93dec7ce0c49a71a9729f511662b5be9753b

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3aF2pZRdfA3ecLWCDqTbJt6gmHbAPDPnCMWlx9jlrE7lsJOgosqI9mUldRQVoDpR8NY3XuNRSLPhm0wEZ0oBa25ErHzFsQpnKEGGXfIOTl2EkitlyrqGsPc3%2BxMHcc%2BZoo8FyRUIYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
cf-ray
65d6f0454dd74e4a-FRA
cf-request-id
0a9a347f4800004e4a90bf3000000001
bid-request
rtb.adpone.com/ 		765 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=120118122658647
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4502544b0f9392899bbadbe1a27f5bbfbb61062e923c62ade252fd6f06c4cf2

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kop%2FqsqVqX5pbEI1jTIYXWgc97lXQZDeRrqJ6Ucq0TO6deDU7wwg%2F6Wh5e9iHm2xWZ6DhzaCG7vOqJpjilNMgokk9kyBr%2Becx73Yavqxu6KQXK51gKzf7P8Aac%2F85aBOqyz8aXTLfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
cf-ray
65d6f0454dda4e4a-FRA
cf-request-id
0a9a347f4900004e4abeb97000000001
bid-request
rtb.adpone.com/ 		765 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=120118122658647
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40413613e174b4a82cbf34c5a985a8415314c391d54fcc036a237fa65ebb8a15

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7UiU8RNTAWCOMNuFnXZ34gYIyyCAKBCX6g6dDj3NncYxzyeVBXT2VQOLWu%2FK2EITMIAVCi22xtrzAJiH3%2Fr8MmoS5UVoKI9FGxkW6y1LYirdQMd2W9T6mXDgYCect8qUYnqEleF4Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
cf-ray
65d6f0454ddc4e4a-FRA
cf-request-id
0a9a347f4900004e4a68936000000001
bid-request
rtb.adpone.com/ 		765 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=120118122658647
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4fc849a380369d205028b7c6e076f934e44c34b8245f0ca3c4055bce9e556e6

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c3REBYIZFw5ECMfgTYETLn2o2GTtl1PJfZlDl6sexMsXCTy4Ps06XPDOCJYkF5tXFMFJFNSPyzkD4SktsOrwCoksQpcFyfENaeK9vy9rjM4Lg4Bl%2Bq40thVgetg1Wf1hkZdhyY0SAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
cf-ray
65d6f0454ddd4e4a-FRA
cf-request-id
0a9a347f4900004e4abb2da000000001
bid-request
rtb.adpone.com/ 		732 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=120118122658647
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c72a0385dd3de1a3b9408c21fe294dd7a7e1b5c890c9f8d591758bb501c307b

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ltyzsTbodGeoHLXl8KA%2B9pXxlocMrfz4sqCrz7jY6I8KJ9PGSbEgPBQV9Qj6xMiIP5Utf6pCIQywDqu7CHlNSBhEwQFOBkiqyk5yZQ7ADAU69EimX6GilKzXeGIjeAvbKalQOBG1dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
cf-ray
65d6f0454dde4e4a-FRA
cf-request-id
0a9a347f4900004e4aac0f0000000001
auction
rtb.adxpremium.services/openrtb2/ 		325 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:621d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee59d38a0b6e22516ff9096fd0508ce0f7a371cbfecbc0fce155d596f6b1100

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Jun 2021 01:06:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9a347f4d0000d70d250e8000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Om2oaebRN%2BSVibV87Z1rqPxaO1z1f74VmW3qzBOqeBrOVqHT78qHwBE6ZbJtSvrFZoScp8tG8FGFJ8A%2B8E2grH9QOBLN7q9ltPH%2FRoJUNZcocDoTTkvsBRhbn3YE3prU2%2BD35DVwivcGpRG0lZB9kf0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
65d6f0454fd2d70d-FRA
expires
0
prebid
ib.adnxs.com/ut/v3/ 		71 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2bcfd666de44d15622d077fdb8bafb5bc9d44bf361734774517a0b645845b7d2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:44 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.53:80
AN-X-Request-Uuid
cbd4f7e0-04b1-461b-a406-900bd4fc014c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
71
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=18455075741
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Fri, 11 Jun 2021 01:06:43 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5
  • https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=4a0ac85a-ca51-11eb-b89e-1e875f050506
0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=4a0ac85a-ca51-11eb-b89e-1e875f050506
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Fri, 11 Jun 2021 01:06:44 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
73
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Fri, 11 Jun 2021 01:06:44 GMT
Server
nginx
Location
/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=4a0ac85a-ca51-11eb-b89e-1e875f050506
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
74
Connection
keep-alive
Content-Length
0
1
mc.yandex.com/watch/62978707/
Redirect Chain
  • https://mc.yandex.com/watch/62978707?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A413%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen...
  • https://mc.yandex.com/watch/62978707/1?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A413%3Afu%3A1%3Aen%3Autf-8%3Ala%3A...
236 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/62978707/1?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A413%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A193113270421%3Ahid%3A845826001%3Az%3A120%3Ai%3A20210611030644%3Aet%3A1623373604%3Ac%3A1%3Arn%3A787026870%3Au%3A1623373604750058336%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623373603294%3Ads%3A0%2C0%2C357%2C26%2C1%2C0%2C%2C114%2C0%2C%2C%2C%2C476%3Adsn%3A0%2C0%2C358%2C26%2C0%2C0%2C%2C90%2C1%2C%2C%2C%2C475%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623373605%3At%3AVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
c24ed4ecefc330034306015d331ef8c362cad5198df653f7e323966e1b329043
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:44 GMT
x-content-type-options
nosniff
last-modified
Fri, 11-Jun-2021 01:06:44 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vnexpress.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
236
x-xss-protection
1; mode=block
expires
Fri, 11-Jun-2021 01:06:44 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:44 GMT
last-modified
Fri, 11-Jun-2021 01:06:44 GMT
location
/watch/62978707/1?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A413%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A193113270421%3Ahid%3A845826001%3Az%3A120%3Ai%3A20210611030644%3Aet%3A1623373604%3Ac%3A1%3Arn%3A787026870%3Au%3A1623373604750058336%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623373603294%3Ads%3A0%2C0%2C357%2C26%2C1%2C0%2C%2C114%2C0%2C%2C%2C%2C476%3Adsn%3A0%2C0%2C358%2C26%2C0%2C0%2C%2C90%2C1%2C%2C%2C%2C475%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623373605%3At%3AVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t
strict-transport-security
max-age=31536000
access-control-allow-origin
https://vnexpress.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 11-Jun-2021 01:06:44 GMT
zepto.js
s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/libs/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/libs/zepto.js
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/modules/home.defer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
464afcd8128470af2c00e32101a2df60a792586747321dd5afa9a21816a385ba

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 01:24:31 GMT
etag
W/"6093454f-9c7d"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:45 GMT
simple-scrollbar.min.js
s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/libs/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/libs/simple-scrollbar.min.js
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/modules/home.defer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
1601c1cfc82d718d46138f6a4205cae60449697b94e6abf7586735ec2e05c3d0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 01:24:31 GMT
etag
W/"6093454f-10a7"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:45 GMT
usi.js
s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/usi.js
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/modules/home.defer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
47e46f426dd625027d7377f8ee62113bec0b6e8b39c2987a82d291a6d37bb29c

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 08:57:06 GMT
etag
W/"60c1d3e2-2cd9"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:45 GMT
eclick_logo.png
static.eclick.vn/delivery/css/images/graphics/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.eclick.vn/delivery/css/images/graphics/eclick_logo.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.131 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-static_eclick_141_43 /
Resource Hash
28c34d137ec2cc383f7177e97e1d0d1855ec48e45536b9ae395b6ac1f26ee3f5

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
last-modified
Tue, 28 Apr 2020 05:02:00 GMT
server
FPT-static_eclick_141_43
etag
"5ea7b8c8-76a"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1898
expires
Sun, 11 Jul 2021 01:06:45 GMT
a10-1623208772-4875-1623228285.jpg
vcdn1-giadinh.vnecdn.net/2021/06/09/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-giadinh.vnecdn.net/2021/06/09/a10-1623208772-4875-1623228285.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=bnqtnyeNWIT9XtvTcRViXg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
306992531af884f2b6b9f2225ce9b8d7bde2de547318db0f2ae954375abd93ab

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
last-modified
Wed, 09 Jun 2021 08:45:07 GMT
server
keycdn-engine
link
<http://i1-giadinh.vnecdn.net/2021/06/09/a10-1623208772-4875-1623228285.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=bnqtnyeNWIT9XtvTcRViXg>; rel="canonical"
x-edge-location
defr
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
x-shield
active
content-length
39850
expires
Sat, 11 Jun 2022 06:55:45 GMT
huukhoa17of161623055248-162321-4432-6689-1623212710.jpg
vcdn1-vnexpress.vnecdn.net/2021/06/09/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-vnexpress.vnecdn.net/2021/06/09/huukhoa17of161623055248-162321-4432-6689-1623212710.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=wwOLRLa7S8ybVDHR5Pzinw
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
61788ab6e5520e7be2f63cbfd958f5f31aadbd8c887c8d44a6d77f06e5f83c1b

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
last-modified
Wed, 09 Jun 2021 04:25:56 GMT
server
keycdn-engine
link
<http://i1-vnexpress.vnecdn.net/2021/06/09/huukhoa17of161623055248-162321-4432-6689-1623212710.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=wwOLRLa7S8ybVDHR5Pzinw>; rel="canonical"
x-edge-location
defr
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
x-shield
active
content-length
49625
expires
Sat, 11 Jun 2022 06:55:45 GMT
saliva1800x1260l-1623316986-3841-1623317032.png
vcdn1-sohoa.vnecdn.net/2021/06/10/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-sohoa.vnecdn.net/2021/06/10/saliva1800x1260l-1623316986-3841-1623317032.png?w=220&h=132&q=100&dpr=1&fit=crop&s=-bB65aH5Ax75A_ZDCIc0lw
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5bccba449f381b293246b8e45d6c3598c8833eeae555a26d01a61a3ca95b6c09

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
last-modified
Thu, 10 Jun 2021 09:25:47 GMT
server
keycdn-engine
link
<http://i1-sohoa.vnecdn.net/2021/06/10/saliva1800x1260l-1623316986-3841-1623317032.png?w=220&h=132&q=100&dpr=1&fit=crop&s=-bB65aH5Ax75A_ZDCIc0lw>; rel="canonical"
x-edge-location
defr
x-cache
HIT, HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
x-shield
active
content-length
58452
expires
Sat, 11 Jun 2022 06:55:45 GMT
namanhtop-1623337407-5876-1623337490.jpg
vcdn1-giaitri.vnecdn.net/2021/06/10/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-giaitri.vnecdn.net/2021/06/10/namanhtop-1623337407-5876-1623337490.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=zJwMaHVLBKEccX4NTo-9rg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c1aaa55814285881f3a1c66c81ffb6dc823f9baf956b4cdc424b7c33abb306af

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
last-modified
Thu, 10 Jun 2021 15:05:01 GMT
server
keycdn-engine
link
<http://i1-giaitri.vnecdn.net/2021/06/10/namanhtop-1623337407-5876-1623337490.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=zJwMaHVLBKEccX4NTo-9rg>; rel="canonical"
x-edge-location
defr
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
x-shield
active
content-length
31196
expires
Sat, 11 Jun 2022 06:55:45 GMT
forex-1623322935-9375-1623322975.jpg
vcdn1-vnexpress.vnecdn.net/2021/06/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-vnexpress.vnecdn.net/2021/06/10/forex-1623322935-9375-1623322975.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=nJM41iM6lgt8eBlJ-HeBcA
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
386a97504e4c614c13ab722494bddd53cfa47c2f078cf374a5ec835bd37ff5c6

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
last-modified
Thu, 10 Jun 2021 11:03:10 GMT
server
keycdn-engine
link
<http://i1-vnexpress.vnecdn.net/2021/06/10/forex-1623322935-9375-1623322975.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=nJM41iM6lgt8eBlJ-HeBcA>; rel="canonical"
x-edge-location
defr
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
x-shield
active
content-length
15227
expires
Sat, 11 Jun 2022 06:55:45 GMT
60ba43c7e459cb0018a2c35d-16233-1170-7091-1623319803.jpg
vcdn1-vnexpress.vnecdn.net/2021/06/10/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-vnexpress.vnecdn.net/2021/06/10/60ba43c7e459cb0018a2c35d-16233-1170-7091-1623319803.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=ZC8sH6miLxvkEwJi9uYjrg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
27610fd6dda8a79497ba1e3828c838ef01de6e898813020324bf1248ac5271fc

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
last-modified
Thu, 10 Jun 2021 10:10:33 GMT
server
keycdn-engine
link
<http://i1-vnexpress.vnecdn.net/2021/06/10/60ba43c7e459cb0018a2c35d-16233-1170-7091-1623319803.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=ZC8sH6miLxvkEwJi9uYjrg>; rel="canonical"
x-edge-location
defr
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
x-shield
active
content-length
23683
expires
Sat, 11 Jun 2022 06:55:45 GMT
nm5-1623232465-1623314313.jpg
vcdn1-vnexpress.vnecdn.net/2021/06/10/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-vnexpress.vnecdn.net/2021/06/10/nm5-1623232465-1623314313.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=f7I2nuBJtpSXiTIKkxvXBA
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
42ca0818657afad8f93b95bde68d46220e2f9437f4f93f1d7a0ef22697becada

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
last-modified
Thu, 10 Jun 2021 08:40:08 GMT
server
keycdn-engine
link
<http://i1-vnexpress.vnecdn.net/2021/06/10/nm5-1623232465-1623314313.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=f7I2nuBJtpSXiTIKkxvXBA>; rel="canonical"
x-edge-location
defr
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
x-shield
active
content-length
49494
expires
Sat, 11 Jun 2022 06:55:45 GMT
Sequence0100000123Still002-162-7131-1896-1623339280.jpg
vcdn1-vnexpress.vnecdn.net/2021/06/10/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-vnexpress.vnecdn.net/2021/06/10/Sequence0100000123Still002-162-7131-1896-1623339280.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=-udgZIZbvrb0EzP3UZqU3Q
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c40a16e0f41f6e30f803e859e3f825d987e1a66a0081f7428697268c47ede09d

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
last-modified
Thu, 10 Jun 2021 15:34:56 GMT
server
keycdn-engine
link
<http://i1-vnexpress.vnecdn.net/2021/06/10/Sequence0100000123Still002-162-7131-1896-1623339280.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=-udgZIZbvrb0EzP3UZqU3Q>; rel="canonical"
x-edge-location
defr
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
x-shield
active
content-length
37120
expires
Sat, 11 Jun 2022 06:55:45 GMT
video.lib.js
s1.vnecdn.net/vnexpress/restruct/j/v1768/v2/helper/vod/ 		461 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v2/helper/vod/video.lib.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
765afd4fecb7007452c0ca77ea09b9c06da6b5ca5717025d7fd3ade66affb18d

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 01:24:27 GMT
etag
W/"6093454b-73376"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:45 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		130 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2196795129091666&correlator=605576604529369&output=ldjh&impl=fifs&eid=31061433%2C31061354&vrg=2021060701&ptt=17&sc=1&sfv=1-0-38&ecs=20210611&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CMasthead%2CHome%2CLarge1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F5%2F4&prev_iu_szs=320x50%7C1x1%7C728x90%7C900x225%7C970x250%7C1200x150%7C1800x180%7C1920x270%2C320x50%7C1x1%7C300x500%7C300x450&fluid=height%2Cheight&eri=1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dvnexpress.net%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB12%26inskin_yes%3Dtrue%26article_type%3D1%26article%3D1000000%26category%3D1000000%26cpd%3D6%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dnone&cookie_enabled=1&bc=31&abxe=1&lmt=1623373605&dt=1623373605191&dlt=1623373603656&idt=251&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C-9&adys=1%2C-9&adks=1832943895%2C1680299014&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvnexpress.net%2F&ref=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x270%7C0x-1&msz=1600x0%7C0x-1&ga_vid=29963317.1623373604&ga_sid=1623373605&ga_hid=1810308553&ga_fc=false&ga_cid=248531340.1623373604&fws=4%2C2&ohw=1600%2C0&btvi=0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
cb05db2074e85effa58188f0ca4f09827c0aec1d6d1ad0e320495029f31209ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29415
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2196795129091666&correlator=1709667354581714&output=ldjh&impl=fifs&eid=31061433%2C31061354&vrg=2021060701&ptt=17&sc=1&sfv=1-0-38&ecs=20210611&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CLarge2%2CHome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C300x250%7C300x300%7C300x500%7C300x540%7C300x600&fluid=height&eri=1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dvnexpress.net%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB12%26inskin_yes%3Dtrue%26article_type%3D1%26article%3D1000000%26category%3D1000000%26cpd%3D6%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dnone&cookie_enabled=1&bc=31&abxe=1&lmt=1623373605&dt=1623373605196&dlt=1623373603656&idt=251&frm=20&biw=1600&bih=1200&oid=3&adxs=1030&adys=3334&adks=4260787118&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvnexpress.net%2F&ref=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x0&msz=340x250&ga_vid=29963317.1623373604&ga_sid=1623373605&ga_hid=1810308553&ga_fc=false&ga_cid=248531340.1623373604&fws=516&ohw=340&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
5b69cf62e19fbb21159314d29076e81d8cfc025c27dc7da0b48384c7f93c425e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7919
x-xss-protection
0
google-lineitem-id
5261359346
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138299408415
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2196795129091666&correlator=3790262778602208&output=ldjh&impl=fifs&eid=31061433%2C31061354&vrg=2021060701&ptt=17&sc=1&sfv=1-0-38&ecs=20210611&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CRichmedia%2CHome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1&fluid=height&eri=1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dvnexpress.net%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB12%26inskin_yes%3Dtrue%26article_type%3D1%26article%3D1000000%26category%3D1000000%26cpd%3D6%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dnone&cookie_enabled=1&bc=31&abxe=1&lmt=1623373605&dt=1623373605198&dlt=1623373603656&idt=251&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=3781&adks=3988550624&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvnexpress.net%2F&ref=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&ga_vid=29963317.1623373604&ga_sid=1623373605&ga_hid=1810308553&ga_fc=false&ga_cid=248531340.1623373604&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
99dbb9172793f46b0040538838e27cbd9126db6df8dc890c486747d6b00c8ade
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5490
x-xss-protection
0
google-lineitem-id
5632170936
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138341523710
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
covid.js
s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/widget/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/widget/covid.js
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/blocks/site/1000000.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
5b17c23278ae0ab76fb2b6ab5307cf419799906e3b5701f6a21597c3e3dec77d

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 14:13:09 GMT
etag
W/"60c21df5-a897"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:45 GMT
home
vnexpress.net/microservice/ 		384 KB
63 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vnexpress.net/microservice/home
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/blocks/site/1000000.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
677whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash
4058b5f40b738fec397114829f6de02dbc2617699081d8ed644b7abad6cc7345
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/microservice/home
pragma
no-cache
cookie
device_env=4; sw_version=1; _efr=1623373560000; _gid=GA1.2.248531340.1623373604; _dc_gtm_UA-50285069-28=1; _ga_DQJ7NF9DN2=GS1.1.1623373603.1.0.1623373603.60; _ga_57577CKS2C=GS1.1.1623373603.1.0.1623373603.60; fosp_aid=fxuh9ku3npevl2ct.1623373603.des; orig_aid=fxuh9ku3npevl2ct.1623373603.des; _pk_cvar=%7B%224%22%3A%5B%22fosp_aid%22%2C%22fxuh9ku3npevl2ct.1623373603.des%22%5D%7D; _pk_id=59a6c7c47f4be08b.1623373604.1.1623373604.1623373604.; _pk_ses=*; _ga=GA1.2.29963317.1623373604; _dc_gtm_UA-169340704-1=1; _ym_uid=1623373604750058336; _ym_d=1623373604; adAsiaUserIp=185.156.174.4; _ym_isad=2; display_cpd=6; _ym_visorc=b; f_opt=a%257B%2522id%2522%253bA%2522fxuh9ku3ncpevl2ct.16233d73603.des%2522%25e2C%2522utime%25221%253A16233736042%257D; fosp_loc=0-0-; fosp_country=; fosp_location=0; fosp_location_zone=0; fosp_isp=0; fosp_gender=3
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
vnexpress.net
referer
https://vnexpress.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
677whgldd10bf7c7468e873e79ba2ad139
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=60, no-cache
x-xss-protection
1; mode=block
v-cache
VNE4
th
gw.vnexpress.net/ 		38 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gw.vnexpress.net/th?types=gia_vang_v2,ty_gia_vcb,data_shop_v2_home_vne_160,data_egift,data_shop_v2_home,rao_vat_v2,ewiki,bank_rate_offline,bank_rate_online
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/blocks/site/1000000.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.148.132.75 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-ams_global_139_54 /
Resource Hash
327a47c788480c9218317e7b9319654949d9c81fbe83b939de78976f0c54bf0e

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
server
FPT-ams_global_139_54
x-kong-server
kong_api_139_55
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
via
kong/1.2.1
4245034
vnexpress.net/microservice/getconsultants/aid/ 		33 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vnexpress.net/microservice/getconsultants/aid/4245034
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/blocks/site/1000000.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
677whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash
d7a18af60149d105e1df041653f4306ba534e6d39ec10c1886ee31644e9306a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/microservice/getconsultants/aid/4245034
pragma
no-cache
cookie
device_env=4; sw_version=1; _efr=1623373560000; _gid=GA1.2.248531340.1623373604; _dc_gtm_UA-50285069-28=1; _ga_DQJ7NF9DN2=GS1.1.1623373603.1.0.1623373603.60; _ga_57577CKS2C=GS1.1.1623373603.1.0.1623373603.60; fosp_aid=fxuh9ku3npevl2ct.1623373603.des; orig_aid=fxuh9ku3npevl2ct.1623373603.des; _pk_cvar=%7B%224%22%3A%5B%22fosp_aid%22%2C%22fxuh9ku3npevl2ct.1623373603.des%22%5D%7D; _pk_id=59a6c7c47f4be08b.1623373604.1.1623373604.1623373604.; _pk_ses=*; _ga=GA1.2.29963317.1623373604; _dc_gtm_UA-169340704-1=1; _ym_uid=1623373604750058336; _ym_d=1623373604; adAsiaUserIp=185.156.174.4; _ym_isad=2; display_cpd=6; _ym_visorc=b; f_opt=a%257B%2522id%2522%253bA%2522fxuh9ku3ncpevl2ct.16233d73603.des%2522%25e2C%2522utime%25221%253A16233736042%257D; fosp_loc=0-0-; fosp_country=; fosp_location=0; fosp_location_zone=0; fosp_isp=0; fosp_gender=3
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
vnexpress.net
referer
https://vnexpress.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
677whgldd10bf7c7468e873e79ba2ad139
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=60, no-cache
x-xss-protection
1; mode=block
v-cache
VNE4
sync_user
octopus-stream01-cads.fpt.vn/analytics/ 		51 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=e4392c99-34e4-436f-a271-b064fdff57e0
Requested by
Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software
nginx /
Resource Hash
5a2a2f24c639410a4fd5c593bf36a582f6b0dbf810820169205564a6fa4d689b

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://vnexpress.net
Date
Fri, 11 Jun 2021 01:06:45 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Content-Length
51
Content-Type
application/json
sync_user
octopus-stream01-cads.fpt.vn/analytics/ 		51 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=e4392c99-34e4-436f-a271-b064fdff57e0
Requested by
Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software
nginx /
Resource Hash
5a2a2f24c639410a4fd5c593bf36a582f6b0dbf810820169205564a6fa4d689b

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://vnexpress.net
Date
Fri, 11 Jun 2021 01:06:45 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Content-Length
51
Content-Type
application/json
p
octopus-stream01-cads.fpt.vn/analytics/ 		17 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://octopus-stream01-cads.fpt.vn/analytics/p
Requested by
Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software
nginx /
Resource Hash
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Jun 2021 01:06:46 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/octet-stream
view
securepubads.g.doubleclick.net/pcs/ Frame 11B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDJFCYUxF6vcTPGBYwa0Kx3YNlXMsAJiGGd9_RaH5JJmozu3j495LNvyuC5FixuABPtuLCwHNP8HAojsOv_H1HWhc04LeKjYflXm4lEYI1-YhhsKvZ6NI89Vd3nH8h7UNPn_vC4JekIyvypPm8aaPecIPFzy3QxLVQ5T1IWJVM7s3-HG08mDypogo-nNZRXmn67kRjT_2md9SBUMWSRNTTn9t8rh-QKRAvW4OqOMQbTvVh3ruBUzKTxnLvPlfEgFgXT1yruY5wo52dn9m7fPhzCCvhzpl_CsqB8eXWk69PP6mXvczrx_dSd7aP2kmx4HTDXy9JM9qnqw&sai=AMfl-YQLHVVNnpk3QZBzWs0BWd7gEMfsl0V9tagdlN6G8tEBFGh1pcaHvHs0vQxQ8P1GN_orX4neMjbKJgEa07o09yydMwFJgtJyJaz_1AdcYfr_XMwyzi7u5Popyg_GX2Ed&sig=Cg0ArKJSzNcYp9_6YzzzEAE&urlfix=1&adurl=
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 11 Jun 2021 01:06:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 11B0 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
ed2746ea3b16938fb6bc3ac5543c6c97cb979480aa3f594b669095468649c157
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"899 / 217 of 1000 / last-modified: 1623363152"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21316
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 11B0 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623263560240521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37945
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:45 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34e9a619897b9223115c6588f352612268c90c3d83990829768973759b0d1a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623263566164500"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28162
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:45 GMT
/
usi-saas.vnexpress.net/widget/index/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usi-saas.vnexpress.net/widget/index/?cid=4283118-1;4292373-1;4292294-1;4292299-1;4290132-1;4291248-1;4291415-1;4291692-1;4291531-1;4292260-1;4292033-1;4291626-3;4292333-1;4292119-3;4292134-1;4291891-3;4292073-1;4292329-1;4292298-1;4292262-1;4292222-1;4292302-1;4292290-1;4292331-1&
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/usi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.248.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
10077inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash
8ee9cda94cba89922d98afd5814c8c5502f71ff2ae88235d9ffaacd3c00f7f6e

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
cache-control
max-age=30
last-modified
Fri, 11 Jun 2021 01:06:22 GMT
server
10077inhcdd10bf7c7468e873e79ba2ad134
etag
"fqxBCfDZn3Gms2RsxpVfAg=="
content-length
1138
content-type
text/javascript; charset=utf-8
myvne_users_redesign.js
s1cdn.vnecdn.net/myvne/j/v5/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/myvne/j/v5/myvne_users_redesign.js
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/modules/home.defer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
98299e7fdaea04de37a4a123fd9cef3055d82d786c7d1b31aac0f5d695c81143

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Fri, 23 Apr 2021 08:24:44 GMT
server
keycdn-engine
etag
W/"6082844c-a31f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/myvne/j/v5/myvne_users_redesign.js>; rel="canonical"
expires
Sat, 11 Jun 2022 06:55:45 GMT
truncated
/ Frame 11B0 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e8914e6dd92c219070cdde625d806573b173fc3940952916fb175478f4086b2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A5C6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEmqLp8Yk9JDOxj0xBiNB9H64vaq7nNButRybvy_OCZB0855pMt_LfIDMvT_w_dfaXy9lIb5rhzU0vVa8CFb1GvuDLt25rE6RF0p5Xzd7xGP6qWGrYbTMwTfy_KT-tBPO3Zw0W_DCmEqAzD4JtQD9M9Ew2Ea3SNAXC1ahZndn-Z778MkBqZ93ZDWySknAXniwngFsZlHSEGdJllRX4eh8FijZSX0u-XnBmnQenUCgVG1E7Oal9-VxirzagTBU4IpAmgGPyRF--iNEO8vaI8BRR7YUUcjNNMt7dzjJnc4sH9-heU62kzZDPeC35WH5_kec&sai=AMfl-YS6onw2_Rp53WyUwppfPUGNTr0D8h6gIJj7i3IsHVQ-IaQZG9epCCPVyKkg1iNgkdrNIoWdMP3kllZl58vN5KAm_teYJC8_IrGfifrQx84BuDIiMU0DftVQKnt78r-7&sig=Cg0ArKJSzBSDycbXsNytEAE&adurl=
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame A5C6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:01:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 01:01:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A5C6 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623263560240521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37945
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:45 GMT
l
www.google.com/ads/measurement/ Frame A5C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTuBnJ1MCeOxX541hopoeRiSxLzU6PyJn7ZCBX1mfzv1crfznaX0_ScD0EJmZaXqKGO0e_R
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
16092957854326099514
tpc.googlesyndication.com/simgad/ Frame A5C6 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16092957854326099514
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f967365a2897b82414b800af0b6aeece9e965025c5a71784308ee7dfe32214eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 21:38:17 GMT
x-content-type-options
nosniff
age
185308
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90930
x-xss-protection
0
last-modified
Fri, 03 Jan 2020 07:38:47 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 21:38:17 GMT
pubads_impl_2021060801.js
securepubads.g.doubleclick.net/gpt/ Frame 11B0 		318 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 08:38:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114129
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A5C6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGajbzcHpbhN6Gbb0FJY-l9ElMpREmW1Pq-oEWmAHERLefQt1F2MYfcWyWw3viW7iYQqeu657UsCg1sn8GmfhM38aKkGqooB8l4xPIVjvLxLXwoh75PK73laBpc2eL_ePG2b1rMBP2BqKZnqGGHEjmd-4RbWjGH7G8f74DS42ZF5fzd46X7CXq408ah5JRUOshdjlkYwXu1ZMrWjrWTD8-y1Zla3ya3w7yDGwvYdL86fCZFdMdZlo0g2ZDZhiV0ZVPWfVyqBNnxnju1EaVYfFMZFtD5shKjcaKQHPBf5gultrwwCrL_nUegrrRhtq8tx-EPA&sai=AMfl-YSu2J-cDCMSPxPynko_KcmpLhD8yyRh5SM5koFCpw2fBZZFHjHFtfmeYgzOVZrOnh0PvsU_ow0Bgva73AnmAD3G_qrklT0ipVH39-2ZzVxPwlZoDkRCavxoFnVl8ZO4&sig=Cg0ArKJSzBDbAmEkimUAEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 11 Jun 2021 01:06:45 GMT
truncated
/ Frame A5C6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f35b8d4226543a73f9d27d49fa952120af16bd60cda49342480bf73380f1c88

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
covid19_2021_by_location
vnexpress.net/microservice/sheet/type/ 		14 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vnexpress.net/microservice/sheet/type/covid19_2021_by_location
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/widget/covid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
677whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash
2660b79db5a096e34a0be96461599f4e73e044fc1605936ef3bdf30cef1154db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/microservice/sheet/type/covid19_2021_by_location
pragma
no-cache
cookie
device_env=4; sw_version=1; _efr=1623373560000; _gid=GA1.2.248531340.1623373604; _dc_gtm_UA-50285069-28=1; _ga_DQJ7NF9DN2=GS1.1.1623373603.1.0.1623373603.60; _ga_57577CKS2C=GS1.1.1623373603.1.0.1623373603.60; fosp_aid=fxuh9ku3npevl2ct.1623373603.des; orig_aid=fxuh9ku3npevl2ct.1623373603.des; _pk_cvar=%7B%224%22%3A%5B%22fosp_aid%22%2C%22fxuh9ku3npevl2ct.1623373603.des%22%5D%7D; _pk_id=59a6c7c47f4be08b.1623373604.1.1623373604.1623373604.; _pk_ses=*; _ga=GA1.2.29963317.1623373604; _dc_gtm_UA-169340704-1=1; _ym_uid=1623373604750058336; _ym_d=1623373604; adAsiaUserIp=185.156.174.4; _ym_isad=2; display_cpd=6; _ym_visorc=b; f_opt=a%257B%2522id%2522%253bA%2522fxuh9ku3ncpevl2ct.16233d73603.des%2522%25e2C%2522utime%25221%253A16233736042%257D; fosp_loc=0-0-; fosp_country=; fosp_location=0; fosp_location_zone=0; fosp_isp=0; fosp_gender=3; fpt_uuid=%22e4392c99-34e4-436f-a271-b064fdff57e0%22; ajs_group_id=null; __gads=ID=f061f9380331a244-22d4cfdb5dc80075:T=1623373605:S=ALNI_MYpC_uKZIiFxtdiB6KjJG2uBcPBUw; login_system=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
vnexpress.net
referer
https://vnexpress.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
677whgldd10bf7c7468e873e79ba2ad139
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=60, no-cache
x-xss-protection
1; mode=block
v-cache
VNE4
a0ba01b8-ebe0-4447-99ec-c15318f4fb79
https://vnexpress.net/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://vnexpress.net/a0ba01b8-ebe0-4447-99ec-c15318f4fb79
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
integrator.js
adservice.google.cz/adsid/ Frame 11B0 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.cz/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 11B0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 11B0 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1388420292217733&correlator=1318028138580297&output=ldjh&impl=fif&eid=31061040%2C31061394%2C21064370%2C31061354%2C31061410&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210611&iu_parts=2627062%2CUreka_Supply_ov.vnexpress.net_SliderPC_1x1_230221&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3Df061f9380331a244-22d4cfdb5dc80075%3AT%3D1623373605%3AS%3DALNI_MYpC_uKZIiFxtdiB6KjJG2uBcPBUw&cdm=vnexpress.net&bc=31&abxe=1&lmt=1623373605&dt=1623373605611&dlt=1623373605336&idt=258&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=3&adxs=800&adys=4146&adks=2652662923&ucis=b72p4hblwi4a&ifi=1&ifk=1452496933&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fvnexpress.net%2F&top=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x1&msz=1x-1&ga_vid=248531340.1623373604&ga_sid=1623373606&ga_hid=1917569052&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
fdae7aa3d6cc6b55e2d58c02b2656789a7b8d4b63f33d847209142c68f3089b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4151
x-xss-protection
0
google-lineitem-id
5655933059
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138344979505
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a01a439e6ee0b9dc5f58459ddd2e605e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 11B0 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a01a439e6ee0b9dc5f58459ddd2e605e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CAF9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 11 Jun 2021 01:06:45 GMT
expires
Sat, 11 Jun 2022 01:06:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012105281634000/ Frame 17B2 		191 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
100593
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55221
x-xss-protection
0
server
sffe
date
Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8af8bfef65693cad"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jun 2022 21:10:12 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 17B2 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
100593
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4567
x-xss-protection
0
server
sffe
date
Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ca56b057322a8584"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jun 2022 21:10:12 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 17B2 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
100593
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27321
x-xss-protection
0
server
sffe
date
Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3f2374642481d921"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jun 2022 21:10:12 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 17B2 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
100593
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1522
x-xss-protection
0
server
sffe
date
Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"514585efdf5d56f0"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jun 2022 21:10:12 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 17B2 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
100593
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13144
x-xss-protection
0
server
sffe
date
Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"db4e8fd655d0c88e"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jun 2022 21:10:12 GMT
css
fonts.googleapis.com/ Frame 17B2 		6 KB
765 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Jun 2021 23:18:30 GMT
server
ESF
date
Fri, 11 Jun 2021 01:06:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 11 Jun 2021 01:06:45 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/1333592020148043257/ Frame 17B2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1333592020148043257/2076313506083323656
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
720c489cf3c99750479c3f665efaf1da3521b5487807fd46e85352726eabdd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 17:46:15 GMT
x-content-type-options
nosniff
age
199230
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3149
x-xss-protection
0
last-modified
Sat, 10 Apr 2021 14:34:01 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 17:46:15 GMT
truncated
/ Frame 17B2 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 17B2 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa0d9012f20be3af5983d14a5107e2d2c0d60b1f4f6a13a14d53f6e3b8cc84ba

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 17B2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/vi.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 15:46:25 GMT
x-content-type-options
nosniff
server
cafe
age
33620
etag
10932518847931040692
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3099
x-xss-protection
0
expires
Fri, 11 Jun 2021 15:46:25 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 17B2 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 19:19:35 GMT
x-content-type-options
nosniff
server
cafe
age
20830
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 11 Jun 2021 19:19:35 GMT
l
www.google.com/ads/measurement/ Frame 17B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQm_5BNiiZtgsautYEfPGisLpdavxWbyRuwnWpMpf8uHdr5FW_FRbt2OMtU9n8-FcVRuqA3
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 17B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2ndEJbfCYK7TEoj4-gaP8K6wAu-h9shiv6aS29ANloLNhYgWEAEgx8efI2DM4e2B_C6gAcXlx78ByAEJqQIzWP43P8W3PuACAKgDAcgDCqoE0gFP0PqTBxn-gNKC25CWIcTY8HyQfKMvWLxq3vVo_KvcKM2kRmVxXEONCOwOhVy_p5Yo1IJXjqtJjNaTPJ8jcF_upyCjL6kLVFsB5jdgtpqO0VgNhVTAqMmSBEDFGdx-NeBJX_xuSJS9FL_3JwFvxPOvIj3HaHPcWQfwCK7ZXvqwt9ANrIutwvCKz32ss6eCwG_K9V0ERtlDdO8zd6SRsxXP1mPiKleeVDBianCFUXZLqUrj9JcKzOqymvZW-7e_RH-qSh_PZ738oeu3KqlOgdqodznABKPC2PjAA-AEAZIFBAgEGAGSBQQIBRgEoAYugAejmrjAAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHAxDwLtIICQiI4YBwEAEYHYAKA8gLAdgTDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi0xNDgxMDE5NzU0MTg0OTU1&sigh=HIwA5sM6sb4&template_id=484
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
icon-eclick.svg
s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/images/graphics/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/images/graphics/icon-eclick.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
last-modified
Thu, 06 May 2021 01:23:00 GMT
etag
"609344f4-757"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1879
expires
Sun, 12 Jun 2022 01:06:45 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 17B2 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://vnexpress.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 21:48:36 GMT
x-content-type-options
nosniff
age
184689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 21:48:36 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 17B2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://vnexpress.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 22:53:23 GMT
x-content-type-options
nosniff
age
180802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 22:53:23 GMT
jquery.magnific-popup.min.js
s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/libs/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/libs/jquery.magnific-popup.min.js
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/modules/home.defer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 01:24:31 GMT
etag
W/"6093454f-4ef8"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:45 GMT
Download_Huawei.png
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/Download_Huawei.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
713aa0cabaa57ebe333b3069a6975bd48987b8f3d1fe7da9f5fd52b5b626b017

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
last-modified
Thu, 06 May 2021 01:23:20 GMT
etag
"60934508-1c11"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
7185
expires
Sun, 12 Jun 2022 01:06:45 GMT
Download_AppStore.png
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/Download_AppStore.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
5a7360ce5db7ebcecb6a673d3a64c46fd55d474486ce305119c9a126bfb26ed7

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
last-modified
Thu, 06 May 2021 01:23:20 GMT
etag
"60934508-11d9"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
4569
expires
Sun, 12 Jun 2022 01:06:45 GMT
Download_PlayStore.png
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/Download_PlayStore.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
8f1310c655588faf022662db268ce663d4e320266162b2f8bc84a687a91232f1

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
last-modified
Thu, 06 May 2021 01:23:20 GMT
etag
"60934508-1b18"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
6936
expires
Sun, 12 Jun 2022 01:06:45 GMT
qr_app.svg
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/qr_app.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
1f66620f7dae42af4a6a3d1217e1e15a05090cac7bba5828b69e6d3321e5f924

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
last-modified
Thu, 06 May 2021 01:23:20 GMT
etag
"60934508-104d3"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
66771
expires
Sun, 12 Jun 2022 01:06:45 GMT
qr_app_en.svg
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/qr_app_en.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
aca4f78f6565cf5c888ff9101625789895680f616dd9c2daf62f8396c54a5152

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
last-modified
Thu, 06 May 2021 01:23:20 GMT
etag
"60934508-1110a"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
69898
expires
Sun, 12 Jun 2022 01:06:45 GMT
icon-eclick.svg
s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/images/graphics/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/images/graphics/icon-eclick.svg
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/general-file.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768

Request headers

Referer
https://s1.vnecdn.net/vnexpress/restruct/c/v662/v2_2019/pc/general-file.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:45 GMT
last-modified
Thu, 06 May 2021 01:23:00 GMT
etag
"609344f4-757"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1879
expires
Sun, 12 Jun 2022 01:06:45 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:09:58 GMT
server
nginx
etag
W/"60b79136-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 12 Jun 2021 01:06:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7086 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstot3coVado15xYTNQgZkeDf35rb1R2IVm94xFZ_KAB7m4ykKWfLNtEyYlkIy8EoQBl_l28NCvekSPKmtZ9X55Af-Vi3UOInIP8tBe6dquXbmQlVz13q2rXXl6lJL52JzX-B0m2SoBb4aTuVP3k4BOWwsiT7LjS02m-xLFKyohjkWC8MAHN5rgU4NFs6iovQb7P18swAxoir3DhmGrZe7XFWhOfftTHJ5qBMEhmIonlK7G479vCHmacU1RmqTgjUHlDmCtW8PF6CQmNksi4kDh5SDuBOlw_CG4pb0WZJ3ztBpWnc2JTyh2WpQeCHuewNbmp7TmFb0HSu_XypBlOi7dJNKvV&sig=Cg0ArKJSzJ8u59SjXcguEAE&urlfix=1&adurl=
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ani-uk-slider-vnexpress.js
solution.urekamedia.com/vnexpress.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://solution.urekamedia.com/vnexpress.net/ani-uk-slider-vnexpress.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:593f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfd4123ab2a2a83c90fd333cd848570b353105c9764cfdecb729db92849fe21b

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6110
cf-polished
origSize=9355
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9a34838500001f1996b35000000001
last-modified
Mon, 12 Apr 2021 08:28:01 GMT
server
cloudflare
etag
W/"248b-5bfc24aad8640"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7guun%2F%2Fa49D3TCt49sAToPCiHVYAqL5ICV4g8mofseBUDDg%2Be9B4z4%2Fn9gPZ1cM8HOMxx8OvUSDGlBMHKuw0ZLAtGy%2B4cWdUb5Ds8ExgSjL3qFF5ieG7QTdUxxzw6QU3slGK%2BiKCi1IdPEszk%2FZ9Fi4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
65d6f04c0a4d1f19-FRA
cf-bgj
minify
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7086 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623263560240521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37945
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:45 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 11B0 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34e9a619897b9223115c6588f352612268c90c3d83990829768973759b0d1a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623263566164500"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28162
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:45 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame CAF9 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
URL: https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 00:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 00:04:48 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame CAF9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHJEHJbfCYK3TEoj4-gaP8K6wAtnhm9pivM3Bkv8M2dP4vPggEAEgx8efI2DM4e2B_C6gAdzt0b8CyAEJqQIliRnU8clpPuACAKgDAcgDmwSqBMoBT9BnmjUoTaCdB62pjPKgDUlXU2ShdZrhYQe9ajUqk1c440YFbsn3eBs4PWUpllSETswxbEBrWCkluBryePP-aIR0pdVNUEn5gVDWZyZOWLAoSbcgGYNYOK8UHnnuDy3aFUSf6KDUpc_eEFVijCcbUp0ejcbU-i3rMkUjtGdQYIEADRlvpEqXN7MkeKdFvFgX0V7CT-EsogmcErHaK9NhoQYbc-Kw_aiazt22w4z1_-zXnTBPyW6g8n36bDRrdRg6YFCyCl_nUQW6JsAEy8GrwLID4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4ySrsABqAeKnLECqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHAxDwLtIICQiI4YBwEAEYHYAKA8gLAdgTDtAVAZgWAYAXAbIXGgoYCAASFHB1Yi0xNDgxMDE5NzU0MTg0OTU1&sigh=AeGkgo1QK_4&template_id=494
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame CAF9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js
Requested by
Host: 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
URL: https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 00:00:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3990
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7010
x-xss-protection
0
server
cafe
etag
16168581138844513892
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 00:00:15 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame CAF9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js
Requested by
Host: 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
URL: https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:01:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1316
x-xss-protection
0
server
cafe
etag
797314601362473214
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 01:01:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CAF9 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
URL: https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623263560240521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37945
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:45 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame CAF9 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
URL: https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
server
cafe
etag
16788636151609896382
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Jun 2021 01:00:42 GMT
l
www.google.com/ads/measurement/ Frame CAF9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2Udr50gxMLB-WF1Qftc7qHrwQTUSjnKw2Sg2jnPwdSrnxwhqtsfHB_OL-kV92Q6100ite
Requested by
Host: 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
URL: https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ef1eb58ff665bb7a112fcf12029c3c9f.js
www.gstatic.com/mysidia/ Frame CAF9 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef1eb58ff665bb7a112fcf12029c3c9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
URL: https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6abc2434abfe8bbfe104529364729f23d4de16bcf260ff1513d6f6a1937d3fa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 09:22:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10553
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 11:40:21 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 08 Sep 2021 09:22:19 GMT
vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 17B2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/vi.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 15:46:25 GMT
x-content-type-options
nosniff
server
cafe
age
33620
etag
10932518847931040692
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3099
x-xss-protection
0
expires
Fri, 11 Jun 2021 15:46:25 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 17B2 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 Jun 2021 19:19:35 GMT
x-content-type-options
nosniff
server
cafe
age
20830
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 11 Jun 2021 19:19:35 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame CAF9 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTbYrHQCnY-xRK5PEwcZQX9B84HAwPeXXdOYs0Z5ys4yJn3YCM&usqp=CAI
Requested by
Host: 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
URL: https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3790cbf905ad6e0d7a40201d4bd88b27abfe3ca257021514448238ab76048f02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 21:59:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 11 Feb 2020 10:45:03 GMT
server
sffe
age
184034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18942
x-xss-protection
0
expires
Wed, 08 Jun 2022 21:59:31 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame CAF9 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQwikjP4mlkhIce5CCSQQQdLoSe6BhNvGOME8rWn1wTqCW_UcqurmwsFNjYJag&usqp=CAI
Requested by
Host: 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
URL: https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
506c98450840987a8c887e24ccea34e9893af345d7df8aacedbe9aa5085f594a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 07:18:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 24 Jan 2021 03:39:02 GMT
server
sffe
age
236882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21755
x-xss-protection
0
expires
Wed, 08 Jun 2022 07:18:43 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame CAF9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTRZsv0ThtKOMwh0PzUpEVDT3Y97Ecw4ivn5TBVakVispo1J1Sx8QajjV5Yzw&usqp=CAI
Requested by
Host: 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
URL: https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83556e374a8532bd416337334025d17a893977ba869925e7a6d027e89ca8ee0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 16:22:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Oct 2020 13:46:11 GMT
server
sffe
age
204227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13324
x-xss-protection
0
expires
Wed, 08 Jun 2022 16:22:58 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame CAF9 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTGypH0ONcS9BxnpkZYkKp03zeXnqRkeev9CeLde0pye-EZwCqF0bmVHVr_kg&usqp=CAI
Requested by
Host: 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
URL: https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6f2aa870878e958ac32046864decbef2b2dfbbc6ff7461b41e5d8d9cd653c04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 15:13:31 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Oct 2020 14:46:40 GMT
server
sffe
age
208394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14694
x-xss-protection
0
expires
Wed, 08 Jun 2022 15:13:31 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame CAF9 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRnOrqN97lYptwEeE81j2KarGlP2Q1ic0su4SWEpxzq8xuxHcDSEafnE0cBQg&usqp=CAI
Requested by
Host: 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
URL: https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdbff22433fc544b6b59137c52403166a36b718bb79d4ceefdf541b1cba95b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 06 Dec 2020 01:30:36 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15355
x-xss-protection
0
expires
Sat, 11 Jun 2022 01:06:45 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame CAF9 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTbB9uNsYxtn9bm8ZTtEFPA3-gQsspbBDY8TV3jJmvRy1PKQPe6&usqp=CAI
Requested by
Host: 7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
URL: https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0396d073f8e5cf0819d22a3b03cc97a4dd4db494976b2354d7f10b808c6bff34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:01:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 18 Nov 2020 14:16:31 GMT
server
sffe
age
191086
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12076
x-xss-protection
0
expires
Wed, 08 Jun 2022 20:01:59 GMT
truncated
/ Frame 7086 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a78c4567f3c559f0c9cf1b697ca875fbe45d0abc9534e3fbecf4226d73304bc9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 7086 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthKLHhBqaBfviC8y9h3qZ3R7Yd8psd8Oou0rAi5xasYWZlzJFLQDmnGluZNRxDQeeFLBFnBINzcc3aWeadzMQAEFdy7-XhbLXpvAhL5i7V3wSuXSLclC5bdkD625Yfm2N_vdNf2m1Xw8KI9ofSZ0XQD1XSRZPz42bCeavbfc4mQCtGx1-HsfClQ600xCXhCtiA6k22dLzSBbmMThxmNtKJtZoZb2FvzvG6zR4d4AYtygO0c82FaiLzWAXgHCka2H-vcGd7gBvzqlddGdYz5m50fZPihEZHaz15rPYZUcS_1JvLO7d5RsKbz99nYg5EZCSSScVzv_9ECrifO2rZI67AQ-8Igcs&sig=Cg0ArKJSzChgv5vyjfUDEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 11 Jun 2021 01:06:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 11B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuurRDgkJnHyLtPe-UV8_miHEHhOR-4TxG_pU0agX9-fkPzdbfti8Dhe4fpSOJGidFOvA2cRsxuOPmm3149edjUvw1o-yhDlGmy0OKVbsjxK62ZUvhMwAfbnbLYIB0_CV-YOruQmJOnZfWddPtlnEnQQZzmw1oZmdokmDJ_0MVI4iLCRZ_0Lj71nih20f9BN9eicqSDLMHVm7m25WqSsvSWV9LLCg5-aE2CyTDIIut-qsPIIRd1AXNapiE4dnr1m4lA8ENArwMyuquGTgV-cDIjkmFa44maGevMJqv6Oy3Vg__eHwjeobSDCyF7GyTFWqXlAw8b0ZrVvhG7&sai=AMfl-YTuHu1bTWjVsRevBtuW5sFgSbqdH7-rqsEndqOL4K8KDvkI0B1n4YWtFE_nVgZ570T71-ArXEzPfIV1PGKAi_oAZbFPp_xS8E1bX6eYvFpG0QAX0whIaamuwnlmCl9Q&sig=Cg0ArKJSzHsCjwTVsIWvEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 11 Jun 2021 01:06:45 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 11B0 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f147d51ca1828989e34d52c0f1353fa5de941a990f82a06635c541276cb3f7d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7795
x-xss-protection
0
player.js
player.aniview.com/script/6.1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js
Requested by
Host: solution.urekamedia.com
URL: https://solution.urekamedia.com/vnexpress.net/ani-uk-slider-vnexpress.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5eb763740d8b0da04a2b24ae137d482593148ba1aa6110291309e57597d9e14d

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UxrPEz596XuC3fg1Ij-ozkgRohE-xeAuBbBUdhR28-zAc_n2-9sKRISyZ3Un6VmRM0PGzSnAGQ68QkrBia_bg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9068
last-modified
Wed, 09 Jun 2021 09:43:33 GMT
server
UploadServer
etag
"e59a1ece5647a71e24e521b29a149545"
vary
Accept-Encoding
x-goog-hash
crc32c=VdrZgA==, md5=5ZoezlZHpx4k5SGymhSVRQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1623231813619966
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9068
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 11 Jun 2021 01:11:45 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e63d10e28a0614d2b01395e&cid=5ea26963e792ea55c7264da7&e=playerLoaded&cb=1623373605872
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:09:58 GMT
server
nginx
etag
W/"60b79136-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 12 Jun 2021 01:06:45 GMT
covid19_2021_hanoi
vnexpress.net/microservice/sheet/type/ 		3 KB
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vnexpress.net/microservice/sheet/type/covid19_2021_hanoi
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/widget/covid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
677whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash
de172aa4488f78ff6970fb9d8f7b9ae9130312c7ffb49d2e18647f9d563cf464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/microservice/sheet/type/covid19_2021_hanoi
pragma
no-cache
cookie
device_env=4; sw_version=1; _efr=1623373560000; _gid=GA1.2.248531340.1623373604; _dc_gtm_UA-50285069-28=1; _ga_DQJ7NF9DN2=GS1.1.1623373603.1.0.1623373603.60; _ga_57577CKS2C=GS1.1.1623373603.1.0.1623373603.60; fosp_aid=fxuh9ku3npevl2ct.1623373603.des; orig_aid=fxuh9ku3npevl2ct.1623373603.des; _pk_cvar=%7B%224%22%3A%5B%22fosp_aid%22%2C%22fxuh9ku3npevl2ct.1623373603.des%22%5D%7D; _pk_id=59a6c7c47f4be08b.1623373604.1.1623373604.1623373604.; _pk_ses=*; _ga=GA1.2.29963317.1623373604; _dc_gtm_UA-169340704-1=1; _ym_uid=1623373604750058336; _ym_d=1623373604; adAsiaUserIp=185.156.174.4; _ym_isad=2; display_cpd=6; _ym_visorc=b; f_opt=a%257B%2522id%2522%253bA%2522fxuh9ku3ncpevl2ct.16233d73603.des%2522%25e2C%2522utime%25221%253A16233736042%257D; fosp_loc=0-0-; fosp_country=; fosp_location=0; fosp_location_zone=0; fosp_isp=0; fosp_gender=3; fpt_uuid=%22e4392c99-34e4-436f-a271-b064fdff57e0%22; ajs_group_id=null; login_system=1; __gads=ID=f061f9380331a244:T=1623373605:S=ALNI_MY0D5_bodmFQijJ7fMxVBohZkYelw; is_adsblock=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
vnexpress.net
referer
https://vnexpress.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
677whgldd10bf7c7468e873e79ba2ad139
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=60, no-cache
x-xss-protection
1; mode=block
v-cache
VNE4
truncated
/ Frame CAF9 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33fb41d35aefbc4e339e6adfef2b1df1f71781071fdcf872d9635c54d415fd41

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 11B0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:45 GMT
/
usi-saas.vnexpress.net/widget/index/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usi-saas.vnexpress.net/widget/index/?cid=4284138-1;4292402-1;4292343-1;4292329-1;4292288-1;4292353-4;4292391-1;4292369-3;4292298-1;4292305-1;4288378-1;4289764-1;4292104-1;4292306-1;4290992-1;4292357-1;4292383-1;4291834-1;4292317-1;4291780-1;4292364-1;4292277-1;4291852-1;4291783-1;4291630-1&
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/usi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.248.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
10077inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash
65eb49afbd07314a1a4cf6051900abfe1223e12a239850cfac13825aad060639

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
cache-control
max-age=30
last-modified
Fri, 11 Jun 2021 01:06:36 GMT
server
10077inhcdd10bf7c7468e873e79ba2ad134
etag
"K5OAfW5NVtSC3+xpneVb0A=="
content-length
1185
content-type
text/javascript; charset=utf-8
AVmanager.js
player.aniview.com/script/6.1/ Frame 45E6 		338 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
afb24970f48d7aae6cc543dfed6a1a3df272e2dea2d013eea31110d83db82a19

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uzwup-dEXM4RLp0PRDTC4QItcRStLlLIfjSNTc8AJw9HxIEEfacPIBn0GpnHnPPzaI6C03yk5utYNuU6Gc-KVQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
97882
last-modified
Wed, 09 Jun 2021 09:42:50 GMT
server
UploadServer
etag
"aec4c9ea027060fcb58f41c810c0c693"
vary
Accept-Encoding
x-goog-hash
crc32c=prPvIw==, md5=rsTJ6gJwYPy1j0HIEMDGkw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1623231770120475
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
97882
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 11 Jun 2021 01:11:46 GMT
/
usi-saas.vnexpress.net/widget/index/ 		471 B
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usi-saas.vnexpress.net/widget/index/?cid=4291691-1;4291814-1;4291252-1;4292179-1;4291291-1;4292246-1;4292332-1;4291974-1;4291910-1;4292163-1&
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/usi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.248.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
10077inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash
924c1858e7c0e8ccd848ff5842d73f4fe5f1ba197a8dd245b62e76980f0636d5

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
cache-control
max-age=30
last-modified
Fri, 11 Jun 2021 01:06:46 GMT
server
10077inhcdd10bf7c7468e873e79ba2ad134
etag
"Bd7hz85XJihyYirlKVJ8rg=="
content-length
471
content-type
text/javascript; charset=utf-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 6348 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Fri, 11 Jun 2021 00:45:13 GMT
expires
Sat, 11 Jun 2022 00:45:13 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1293
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B732 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7769c9b4112d1e148c888f982320cf2aea0f57caa002f26ac5e13138920b66a2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gXvILBuuGA43bsC0opyZSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

expires
Fri, 11 Jun 2021 01:06:46 GMT
date
Fri, 11 Jun 2021 01:06:46 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-gXvILBuuGA43bsC0opyZSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
settopKD01thay-1623331319-2295-1623331456.jpg
vcdn1-kinhdoanh.vnecdn.net/2021/06/10/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-kinhdoanh.vnecdn.net/2021/06/10/settopKD01thay-1623331319-2295-1623331456.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=tTCMn3iGb5oP4TZy0Vw5rg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
454bf94f0aa5a953934e691ba3d56b3ebbf11756574856404428f24727ef3fb4

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:46 GMT
last-modified
Thu, 10 Jun 2021 13:24:27 GMT
server
keycdn-engine
link
<http://i1-kinhdoanh.vnecdn.net/2021/06/10/settopKD01thay-1623331319-2295-1623331456.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=tTCMn3iGb5oP4TZy0Vw5rg>; rel="canonical"
x-edge-location
defr
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
x-shield
active
content-length
82355
expires
Sat, 11 Jun 2022 06:55:46 GMT
Settop-Viet-Nam-Malaysia-jpeg.jpg
vcdn1-vnexpress.vnecdn.net/2021/06/10/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-vnexpress.vnecdn.net/2021/06/10/Settop-Viet-Nam-Malaysia-jpeg.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=_aQLfBJttBJppzvkWzspVw
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5510a24a68541fae68f7e5be52a61e9f447de8ed9ac5f11ea5fa17e7395877bd

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:46 GMT
last-modified
Thu, 10 Jun 2021 16:47:30 GMT
server
keycdn-engine
link
<http://i1-vnexpress.vnecdn.net/2021/06/10/Settop-Viet-Nam-Malaysia-jpeg.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=_aQLfBJttBJppzvkWzspVw>; rel="canonical"
x-edge-location
defr
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
x-shield
active
content-length
78509
expires
Sat, 11 Jun 2022 06:55:46 GMT
vo-tan-phat-3-jpeg-1623135005-5759-1623135333.jpg
vcdn1-giaitri.vnecdn.net/2021/06/08/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-giaitri.vnecdn.net/2021/06/08/vo-tan-phat-3-jpeg-1623135005-5759-1623135333.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=iNL-OSuHX1dCiS3WhA96Gw
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c77a25dbbade2ec24c03f4324157444e2a05ded901bc13176ce3b9fe559718b2

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:46 GMT
last-modified
Fri, 11 Jun 2021 00:42:52 GMT
server
keycdn-engine
link
<http://i1-giaitri.vnecdn.net/2021/06/08/vo-tan-phat-3-jpeg-1623135005-5759-1623135333.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=iNL-OSuHX1dCiS3WhA96Gw>; rel="canonical"
x-edge-location
defr
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
x-shield
active
content-length
47333
expires
Sat, 11 Jun 2022 06:55:46 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=vnexpress.net&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=4&apppkg=&fv=3&proto=https&pid=5e63d10e28a0614d2b01395e&cid=5ea26963e792ea55c7264da7&e=inventory&vi=100&cb=1623373606089
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
Ureka_Supply_vnexpress.net_Slider_passback_Aniview.js
bd.urekamedia.com/publishers/code/vnexpress.net/ 		1 KB
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bd.urekamedia.com/publishers/code/vnexpress.net/Ureka_Supply_vnexpress.net_Slider_passback_Aniview.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:593f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad29f2f1dd0f3e65be64c8c50673b20671760d7251811b8362da31193aba7625

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
402405
cf-polished
origSize=1072
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9a3484e100001f19b5a3f000000001
last-modified
Wed, 12 Aug 2020 08:34:21 GMT
server
cloudflare
etag
W/"5f33a98d-430"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RmdadWvL29iVYIn6T%2BHVLuX5lfrnbH%2FMDDQU8AeyDMIi6tDrsjAbxXZfWtpzNThXgYudOwFagbbA2O43xw0edP5XaaDtphxdFBI9DLCKzSw85WtQB8VJegXgGa9Lvq7G6CJNuRW8P3I4LQs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
65d6f04e3c9e1f19-FRA
expires
Tue, 06 Jul 2021 09:20:01 GMT
/
go1.aniview.com/api/adserver/tag/4/ 		24 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/4/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fvnexpress.net%2F&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&AV_CHANNELID=5ea26963e792ea55c7264da7&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=4&pce=1&npx=1&AV_DETDOMAIN=vnexpress.net&AV_DADPOS=3&AV_PLACEMENT=5&v=6.1.1.243&avtoken=606089&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1623373606113
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.93.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
3835fee216cae83b87ffa3b38bbdafb098b465f0d4b51944c1c31b7b3ccbc4d8

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache
access-control-allow-credentials
true
expires
Sun, 30 May 2021 11:20:06 GMT
Tracking.svg
s1.vnecdn.net/vnexpress/restruct/c/v583/images/graphics/ 		870 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.vnecdn.net/vnexpress/restruct/c/v583/images/graphics/Tracking.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
f09769d783a6f6cd0be02b874c4b7fedfbafbc50b7bfc3438725c459cb127961

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:46 GMT
last-modified
Thu, 11 Feb 2021 01:51:47 GMT
etag
"60248db3-366"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
870
expires
Sun, 12 Jun 2022 01:06:46 GMT
News.svg
s1.vnecdn.net/vnexpress/restruct/c/v583/images/graphics/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.vnecdn.net/vnexpress/restruct/c/v583/images/graphics/News.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
68d2cc4486c92a0541f96c95d990873464c25dfc943cc9eb573b60b32044f673

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:46 GMT
last-modified
Thu, 11 Feb 2021 01:51:47 GMT
etag
"60248db3-665"
x-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1637
expires
Sun, 12 Jun 2022 01:06:46 GMT
covid19_2021_by_day
vnexpress.net/microservice/sheet/type/ 		9 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vnexpress.net/microservice/sheet/type/covid19_2021_by_day
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/widget/covid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
677whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash
3025c771b0e5d02ae41131f2d026f505732c7c9b9411fecf1f2a265befc4611e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/microservice/sheet/type/covid19_2021_by_day
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
vnexpress.net
referer
https://vnexpress.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
677whgldd10bf7c7468e873e79ba2ad139
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=60, no-cache
v-type
1
set-cookie
device_env=4; Expires=Fri, 11 Jun 2021 09:06:46; Domain=.vnexpress.net; Path=/
x-xss-protection
1; mode=block
v-cache
VNE4
6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js
pagead2.googlesyndication.com/bg/ Frame 6348 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 19:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
18696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5749
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jun 2022 19:55:10 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8767 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bd.urekamedia.com
URL: https://bd.urekamedia.com/publishers/code/vnexpress.net/Ureka_Supply_vnexpress.net_Slider_passback_Aniview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
3d03a95be8e5be9ae60bed968907fccbb64eb0190e8c85ba668b928b501e13f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"899 / 774 of 1000 / last-modified: 1623363054"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21349
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:46 GMT
pubads_impl_2021060301.js
securepubads.g.doubleclick.net/gpt/ Frame 8767 		312 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Jun 2021 08:37:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112073
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:46 GMT
integrator.js
adservice.google.cz/adsid/ Frame 8767 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.cz/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8767 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8767 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=487458167947544&correlator=150632046112869&output=ldjh&impl=fif&eid=31061018%2C31061223%2C31061422%2C21064370&vrg=2021060301&ptt=17&sc=1&sfv=1-0-38&ecs=20210611&iu_parts=2627062%2Can.passback_ov.vnexpress.net_SliderPC_240420&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie_enabled=1&cdm=vnexpress.net&bc=31&abxe=1&lmt=1623373606&dt=1623373606369&dlt=1623373606202&idt=151&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=984466752&ucis=e7covu2894w&ifi=1&ifk=901199412&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fvnexpress.net%2F&top=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=366692706.1623373606&ga_sid=1623373606&ga_hid=441870540&ga_fc=false&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8da016b06200293e16824fc3902a1635bdb162d8993a6033c7fb044f0b52c2b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4331
x-xss-protection
0
google-lineitem-id
5416437550
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138316342509
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fd9a5d7e6722de8e0614bee05cf8e7b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8767 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://fd9a5d7e6722de8e0614bee05cf8e7b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 11B0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=1388420292217733&bg=!XF-lXxvNAAY6sG-_OrA7ACkAdvg8WhLcpECrPj17wnUf_Rs-INT9j1bwDuNE3_-_yfChttM6ycKpFgIAAACBUgAAAA1oAQcKACZwv5e05CQX4K2ddbIQThER-ui-9LXqlKIGJaC74R0v_AxWQubxfpkCiKWVRFVwFU5UVOiFxVh-AXTCsozzpCTLIeZ5AEF4ra8jBMn2YGwLPH2Yuvf2HGKAnRtGAbPQobQ--hCry_42Com5O1X4PfRL4T1Qv4tym8OOhY1FkKgJ0tB76NrQOkBgxXuIDmZ8Bj5pKKvpThqVS4IaOF9PzlQ4cA5NmofQv2WyDQhdOjhYA-qHsUW7TMS2wnmoeNUEAekKSSvQ9fWP05JO2isMYj54AHDiX62Mu2xdJws1ttuyiolTx582WcyIahw6f6G8jMIvnWdtXAiS9ESjUg-9iEH5iIZDHWdw6z76Y4Mj9uw8H9_mQ39u0X_dotLjpjS8XF2SvEwd13I1JYsTsQVjQcTwbzCibCVmUvDpF_Qzvj9FT3UvTl-csq__ma8NsjW9R0c3b1fnNzLzpeKOKPD1MlAuidHg6LJ4EcT5ISuDCDMuShutug8mvbpeuPin-txhEKfSB-YRZkjE0LhpWSnrRK7myPmluiF90zJDkjKz74MQ8oJwdO3GRbDgMB5RdM-R-eHNz9fKQxbDS1zSh5vQCW9f12foK4ner5Lr1Y8MMnNVCuICH7dvHRhoJt52qAXy2UANqCeR8WDJvyfKaQbIVAF5NFFgYxb4gXO2rmiStDyWA8l7Gd45Jq7OUT2V6yyAIywOH5yUqM2eK9KmK0sP9_IgUw2f5yWz20OdYkzr8HNOakszxmk7gIQujqWtagG1Y3CVfelYfKUS-3JtNNglHi66l-rfs7nihHevddBjAwf3_yv2ZwJxG3f7nrsBeI6MGOVpdLFWajCzE_Hk9FgaFChfjfhVqvD43ZvWItsps4s8xW-iaMd4V9uTKPIogs7SEKNZx-DaScOsRLDMCr1DAB5GKA
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
010d9ca6cbe766f0f4f717826c03fc6ef993af8e20822db77c4bb58c3a518a85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7784
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 082D 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=vnexpress.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=vnexpress.net
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1622
set-cookie
uid=efcc811b-8d51-4dd4-8231-c0eaf3c29242; expires=Sat, 11 Jun 2022 01:06:45 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Fri, 11 Jun 2021 01:06:46 GMT
content-length
1129
jquery.3.2.1.min.js
s.vnecdn.net/vnexpress/restruct/j/v575/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.vnecdn.net/vnexpress/restruct/j/v575/jquery.3.2.1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
last-modified
Tue, 26 Nov 2019 07:22:26 GMT
etag
W/"5ddcd2b2-15283"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Sun, 12 Jun 2022 01:06:46 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060701.js?31061433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 30E7 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Fri, 11 Jun 2021 00:45:13 GMT
expires
Sat, 11 Jun 2022 00:45:13 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1293
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D1B7 		783 B
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
daebd145157d7ca1556565519c6dde0a2a5a83987996cf8c6a485b1177a48483
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yBxomccfGe3AIYYtAcvuug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

expires
Fri, 11 Jun 2021 01:06:46 GMT
date
Fri, 11 Jun 2021 01:06:46 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-yBxomccfGe3AIYYtAcvuug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame E2A5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmEc2WRaWhzJiC3rJCLwjLIu2WwFi8GmddMivdNXWxqkcgqXIUGMwRzQbMq0iNFzTaQ5xzVNrbN2RrXriaxJCtq_0xY7wtfgFYsqAaXsidkt-u4N21QdV6MJdqW-v0MHz_V7BETS8PoUQ1DWBe4hgIpmhpT4boGJge9AqYio1csu_mc3Sid_wPCnR67tAro5ZzoNIYoMZxR9bLqn-vd3Ye9pcRAiF4S7XSvhrlYh-lLdRIIcpF3v8mNkJE0LBquN0S1-m4fUGyg8QX3ieu7e_IoPm9IF1B-gazLO3AS1zaVZyxPdCKJ23cCtCQWCoqAW-r1ahpi24Cu33A5Q&sai=AMfl-YSwrk0X_bf1GvypF9LtMwEoqjd57J1qKof_VHP1Nvv-vdqezOXdxiditTK15-rmIxtQEGypeYYMuypCWNEiL6LklblJULRW2kBb1qCQCWkobrRIzwEZKQ9XqmHzU9M&sig=Cg0ArKJSzLb6LQChd0-PEAE&urlfix=1&adurl=
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 11 Jun 2021 01:06:46 GMT
ani-uk-slider-vnexpress.net-avantis.js
solution.urekamedia.com/vnexpress.net/avantis/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://solution.urekamedia.com/vnexpress.net/avantis/ani-uk-slider-vnexpress.net-avantis.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:593f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448bbb82769ac61ff51ab6584fce6baf1cd44e60927c21a35106b2fb8c48475b

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6109
cf-polished
origSize=9754
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9a34865f00001f19cf286000000001
last-modified
Mon, 12 Apr 2021 08:30:38 GMT
server
cloudflare
etag
W/"261a-5bfc254092780"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NES7c4LIRTTA52ClhZAqGz40vTgfrDBF%2BaEdZrNWNTqJ5f1WWvzdaTx5yl6B1j%2FPJCwzthW8km%2Fr8fc22AdTQVICNOInOyUnTK2CjDdLJIjdFz%2BqyLpUZYd2C7abqDPVEmYbH0XWRzcH9Ju%2BdZF9UJc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
65d6f0509f141f19-FRA
cf-bgj
minify
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E2A5 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623263560240521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37945
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:46 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 8767 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34e9a619897b9223115c6588f352612268c90c3d83990829768973759b0d1a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623263566164500"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28162
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8767 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
029b5be677d8f08575523fef0376bc0f9ab1a67c9a88d9482ae2f7f302c15bf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7847
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8767 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:46 GMT
player.js
player.aniview.com/script/6.1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js
Requested by
Host: solution.urekamedia.com
URL: https://solution.urekamedia.com/vnexpress.net/avantis/ani-uk-slider-vnexpress.net-avantis.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5eb763740d8b0da04a2b24ae137d482593148ba1aa6110291309e57597d9e14d

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UxrPEz596XuC3fg1Ij-ozkgRohE-xeAuBbBUdhR28-zAc_n2-9sKRISyZ3Un6VmRM0PGzSnAGQ68QkrBia_bg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9068
last-modified
Wed, 09 Jun 2021 09:43:33 GMT
server
UploadServer
etag
"e59a1ece5647a71e24e521b29a149545"
vary
Accept-Encoding
x-goog-hash
crc32c=VdrZgA==, md5=5ZoezlZHpx4k5SGymhSVRQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1623231813619966
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9068
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 11 Jun 2021 01:11:46 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5d81ec9228a0610a0033fe67&cid=5d81ed7928a06164620898f0&e=playerLoaded&cb=1623373606521
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js
pagead2.googlesyndication.com/bg/ Frame 30E7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 19:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
18696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5749
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jun 2022 19:55:10 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 3AF0
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D22%26key%3D%7BPUB_USE...
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D22%26key%3D%7BP...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1623373606425-943677653332-008752-015-002268&biddername=22&key=ae3f85be-b283-4692-abaa-85d5146e7dc5
0
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1623373606425-943677653332-008752-015-002268&biddername=22&key=ae3f85be-b283-4692-abaa-85d5146e7dc5
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.164.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1623373606425-943677653332-008752-015-002268&biddername=22&key=ae3f85be-b283-4692-abaa-85d5146e7dc5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aniC=1623373606425-943677653332-008752-015-002268
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-length
0
set-cookie
2_C_22=ae3f85be-b283-4692-abaa-85d5146e7dc5; Path=/; Domain=aniview.com; Expires=Sat, 12 Jun 2021 01:06:46 GMT; Secure; SameSite=None 2_C_22=ae3f85be-b283-4692-abaa-85d5146e7dc5; Path=/; Expires=Sat, 12 Jun 2021 01:06:46 GMT; Secure; SameSite=None

Redirect headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-type
text/plain
content-length
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1623373606425-943677653332-008752-015-002268&biddername=22&key=ae3f85be-b283-4692-abaa-85d5146e7dc5
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
pixel.advertising.com/ups/58246/ Frame 6803 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.10.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.advertising.com
:scheme
https
:path
/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security
max-age=31536000
services
sync.technoratimedia.com/ Frame 54BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1623373606425-943677653332-008752-015-002268&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
sync.technoratimedia.com
:scheme
https
:path
/services?srv=cs&pid=70&uid=1623373606425-943677653332-008752-015-002268&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D3%26key%3D%5BUSER_ID%5D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

server
nginx
date
Fri, 11 Jun 2021 01:06:46 GMT
set-cookie
tads_uid=GDPR; Max-Age=157680000; Expires=Wed, 10 Jun 2026 01:06:46 GMT; Path=/; Domain=.technoratimedia.com; Secure; SameSite=None
access-control-allow-origin
https://vnexpress.net/
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
814387347
age
0
via
1.1 varnish
Cookie set us
sync.go.sonobi.com/ Frame 3815 		0
474 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D60%26key%3D%5BUID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://vnexpress.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

Date
Fri, 11 Jun 2021 01:06:46 GMT
Content-Type
text/plain; charset=utf8
Content-Length
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YMK3K; path=/; domain=.go.sonobi.com
Cookie set uc.html
sync.go.sonobi.com/ Frame 7D54 		571 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
7308a2c8fc393c0af6acae7a1069ddb3e8a80439658d2eb130da76aaae010291

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://vnexpress.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

Date
Fri, 11 Jun 2021 01:06:46 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YMK3K; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame DC88 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2429 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D1%26key%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=107322
expires
Sat, 12 Jun 2021 06:55:28 GMT
date
Fri, 11 Jun 2021 01:06:46 GMT
vary
Accept-Encoding
rmpssp
sync.1rx.io/usersync2/ Frame 1C18 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D200%26key%3D%5BRX_UUID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

:method
GET
:authority
sync.1rx.io
:scheme
https
:path
/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D200%26key%3D%5BRX_UUID%5D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

server
Tengine
date
Fri, 11 Jun 2021 01:06:46 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
user_sync
rtb.gamoshi.io/ Frame 9C40 		42 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gamoshi.io/user_sync?bidder=16245&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D71%26pid%3D5ef33c8abcf1750da1720e91%26key%3D%5Bgusr%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.58.174.102 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-58-174-102.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host
rtb.gamoshi.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://vnexpress.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

Date
Fri, 11 Jun 2021 01:06:46 GMT
Content-Type
image/gif
Content-Length
42
Connection
keep-alive
x-gcontroller-pod
gcontroller-stable-68f49ddc5-ksznl
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
content-encoding
identity
vast2
tag.targeting.unrulymedia.com/rmp/212158/0/ 		168 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1623373606&cbb=3373606542
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:46 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://vnexpress.net
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
ptv
secure.adnxs.com/ 		27 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?id=20544214&cbb=3373606548
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:46 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.111:80
AN-X-Request-Uuid
afb4ea9a-038c-4c81-b15d-36a7d9ed2ede
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
27
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
advast
ice.360yield.com/ 		27 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22286072&w=16&h=9&minduration=1&maxduration=120&player_width=400&player_height=225&referrer=https%3A%2F%2Fvnexpress.net%2F&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!urekamedia.com,5e63d10e28a0614d2b01395e,1,,Vnexpress.net,vnexpress.net!aniview.com,5e4d2a2d2a62e7166c1db7a5,1,,Ureka%20Media,urekamedia.com&us_privacy=1---&GDPR=&cbb=3373606548
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.14.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-14-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://vnexpress.net
date
Fri, 11 Jun 2021 01:06:46 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
0SzYvAqqJfH4Pvhp5l0RGQ==
ads.adaptv.advertising.com/a/h/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=3373606549&gdpr=1&gdpr_consent=&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=185.156.174.4&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lat=50.08040&lon=14.50450&us_privacy=1---&scpid=5e4d2a2d2a62e7166c1db7a5&eov=eov&hp=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-110-9.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
8f32cf48f76572cff6f8a4d3b625fe0cb6d636171d62f36c4efcabe35d8c64e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
1070
expires
0
avpb3.js
player.aniview.com/script/6.1/ Frame 45E6 		265 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
253e39dfca65dfd3662eef68dbb38575cfaeaebfdc479ac4c2ddc16d9ac803a0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uwf6Wm0M8eZms5qSL9-Ofyb62-ype1LO6ep_zGBfZiRgTXwRVXfHVwJbxL48SnZRGn8ES0FdrL872HjU9LLAxjr3vWsog
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
85371
last-modified
Wed, 09 Jun 2021 09:42:05 GMT
server
UploadServer
etag
"761bbf0f52447a7ba57e59f43494c6c8"
vary
Accept-Encoding
x-goog-hash
crc32c=tnnUwQ==, md5=dhu/D1JEenulfln0NJTGyA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1623231725639029
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
85371
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 11 Jun 2021 01:11:46 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDNlOWIxNzM3MDAzNDI0ZmU0ZGJjYjBlNTY1Mw==&gdpr=0&gdpr_consent=
170 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDNlOWIxNzM3MDAzNDI0ZmU0ZGJjYjBlNTY1Mw==&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:46 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDNlOWIxNzM3MDAzNDI0ZmU0ZGJjYjBlNTY1Mw==&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1623373605405093-401
Expires
Fri, 11 Jun 2021 01:06:46 GMT
auto-user-sync
ads.stickyadstv.com/ 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:46 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1623373606628014-96
Expires
Fri, 11 Jun 2021 01:06:46 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545
  • https://s.amazon-adsystem.com/ecm3?id=1c214a7d18d3d5727461d1e2c7fc8f2&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=1c214a7d18d3d5727461d1e2c7fc8f2&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:47 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:46 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=1c214a7d18d3d5727461d1e2c7fc8f2&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1623373606485086-161
Expires
Fri, 11 Jun 2021 01:06:46 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CZ&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=46052&t=1623373606&cip=185.156.174.4&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=4&aafaid=&proto=https&uid=1623373606425-943677653332-008752-015-002268&cha=0.7&stagid=&stplid=&cb=40363733693&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1623373606551&asid=5fb766e909e8a7781132bf27%2C603f38f09b9e2133d66bc06b%2C5f0e87a3db73b9083a397ae5%2C603f3845a58ab3069815987b%2C60113c4787994135422aa996%2C60506bdaaf1c271e961fe515%2C5f310027fc32916fcd7c5765&ofpr=3%2C1%2C%2C1%2C0.8%2C%2C1.5&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CZ&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=46052&t=1623373606&cip=185.156.174.4&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=4&aafaid=&proto=https&uid=1623373606425-943677653332-008752-015-002268&cha=0.7&stagid=&stplid=&cb=40363733693&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&copid=5e4d2a2d2a62e7166c1db7a5&nid=59c9148628a0612da3689288&cocid=5e97fece3706f1266619c969&ncid=5ea84900c94b8975a9508d38&coasid=5ea84ae409a41a723a209314&e=request&cb=1623373606551&asid=60938ff57621683c2c6776a3%2C60802fa7bda96b4f7761daec%2C5ec3ee2e9f7a6030e060c241%2C5e5e346c28a0613c6a54f5b4&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame E2A5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshBUcgoat6KIPH3UFx5enr8x-AONsQpMD_CPRtj9zXhvDLXJimrGqKz3dkpx0KAVD96NTZYPz_-LVGv8myQqtKlg4zvw_9a0VM7UZqx9SMN5YsegYpUvJWpKNsSM0Gzns3Wjb-43AXFuiRaR6_0eSRwrTvLHRTsxkLYYWOamuaAZxsQ92J0xl7GEEqr86njrcyIFJrYC40ZV5RDJ9BEiYinUfMKvk8Sg3edGhbauHJlhrEU31dUGFRUClNvnmJO1rCssveRFFMV-kGIocUfj8sLyACBE4Gv-WZU5q3kbSxbfDuDdFEgor5nT4RVHoRQAs2O-C1jkGiz0ArrKq_&sai=AMfl-YTXEPI62tjoH8d-qaF2ogmi58In46HcjASEWxbUd0NpPsI-03HJOKyCGTo-74x27N0sB2LRcZL0VwmLk-j-DuiD2PKJ1lJpITjK50XZ6PtGUoQPuT60w2Ky3ZWMgb8&sig=Cg0ArKJSzOW20ghIpyRIEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 11 Jun 2021 01:06:46 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 775A 		338 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
afb24970f48d7aae6cc543dfed6a1a3df272e2dea2d013eea31110d83db82a19

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uzwup-dEXM4RLp0PRDTC4QItcRStLlLIfjSNTc8AJw9HxIEEfacPIBn0GpnHnPPzaI6C03yk5utYNuU6Gc-KVQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
97882
last-modified
Wed, 09 Jun 2021 09:42:50 GMT
server
UploadServer
etag
"aec4c9ea027060fcb58f41c810c0c693"
vary
Accept-Encoding
x-goog-hash
crc32c=prPvIw==, md5=rsTJ6gJwYPy1j0HIEMDGkw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1623231770120475
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
97882
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 11 Jun 2021 01:11:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 4EF4 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Fri, 11 Jun 2021 00:45:13 GMT
expires
Sat, 11 Jun 2022 00:45:13 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1293
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame ED2F 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fbe5b18cc265b48f99162c9eef709b443deef937b546d81666812d9215cdad57
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-T1kU363VphxUIa8r+dw1Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

expires
Fri, 11 Jun 2021 01:06:46 GMT
date
Fri, 11 Jun 2021 01:06:46 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-T1kU363VphxUIa8r+dw1Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
prebid
ib.adnxs.com/ut/v3/ 		138 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
60db5803979fb5421405dc7aefa50e13ab40291b930155f3df513858fe530043
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:46 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.119:80
AN-X-Request-Uuid
b0c895d2-0a2d-451e-8710-7af49d3623cf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Fri, 11 Jun 2021 01:06:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/211377/0/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Fri, 11 Jun 2021 01:06:46 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.54.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-54-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c6c70bed7988058d1392f5087760bdd959376ef56d9321a0b2c38fa06ca1b1b9

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.54.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-54-206.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f68f022727f62a1ab9f65add90c9cd182ac485636a913b0a7b2bf373298e3ccd

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
bad.js
core.polyad.net/ 		272 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://core.polyad.net/bad.js
Requested by
Host: s.vnecdn.net
URL: https://s.vnecdn.net/vnexpress/restruct/j/v575/jquery.3.2.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.248.227 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
cache_polyad_hcm_249_11 /
Resource Hash
edbb94901d3cec29434d8f6437a16a07a545c54c27cbb2e90a4f8c9dfff946db

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy
242-18
date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
gzip
last-modified
Thu, 14 Nov 2019 09:38:26 GMT
server
cache_polyad_hcm_249_11
etag
W/"72c42544cf9ad51:b5e"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
x-status
HIT
expires
Sat, 12 Jun 2021 01:06:47 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=vnexpress.net&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=3&apppkg=&fv=3&proto=https&pid=5d81ec9228a0610a0033fe67&cid=5d81ed7928a06164620898f0&e=inventory&vi=100&cb=1623373606790
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/3/ 		957 B
838 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/3/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fvnexpress.net%2F&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&AV_CHANNELID=5d81ed7928a06164620898f0&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=3&pce=1&npx=1&AV_DETDOMAIN=vnexpress.net&AV_DADPOS=3&AV_PLACEMENT=5&v=6.1.1.243&avtoken=606790&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1623373606829
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.93.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a5eb51b5d415cb723251bb4fe4632e82437a176a51152f071d3cec99e1ba99df

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache
access-control-allow-credentials
true
expires
Sun, 30 May 2021 11:20:06 GMT
Ureka-png--white.png
dmp.urekamedia.com/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.urekamedia.com/Ureka-png--white.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
125.212.217.46 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
52c93e3062d05ac961d93f0dcb33e826673778109ee29bb1c3ec82e3ccddcde3

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:48 GMT
Last-Modified
Tue, 08 Sep 2020 14:23:45 GMT
Server
nginx/1.10.2
ETag
"5f5793f1-5de9"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24041
Expires
Sun, 11 Jul 2021 01:06:48 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 16BB 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D1%26key%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1623373606425-943677653332-008752-015-002268%26biddername%3D1%26key%3D

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=106306
expires
Sat, 12 Jun 2021 06:38:32 GMT
date
Fri, 11 Jun 2021 01:06:46 GMT
vary
Accept-Encoding
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CZ&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=46052&t=1623373606&cip=185.156.174.4&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=4&aafaid=&proto=https&uid=1623373606425-943677653332-008752-015-002268&cha=0.7&stagid=&stplid=&cb=40363733693&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&copid=5e4d2a2d2a62e7166c1db7a5&nid=59c9148628a0612da3689288&cocid=5e97fece3706f1266619c969&ncid=5ea84900c94b8975a9508d38&coasid=5ea84ae409a41a723a209314&e=bid&cb=1623373606853&asid=60938ff57621683c2c6776a3%2C60802fa7bda96b4f7761daec%2C5e5e346c28a0613c6a54f5b4&ofpr=%2C%2C&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
o2shim
acds.prod.vidible.tv/ Frame CFCA 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1245982&orgId=23089&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=http%3A%2F%2Fvnexpress.net&vrid=37f97838-3f30-434f-95bc-cfccb3fc42e3&pblob=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.94.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-94-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
419c28a2c1d6b35d0fc6ffbe2b6632bcd02e01b79be1cfa3ea624d17b7ab773a

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
gzip
access-control-max-age
3600
access-control-allow-methods
POST, GET, HEAD, PUT, PATCH, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-headers
content-length
6630
syncuser
adp.vnecdn.net/ 		110 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adp.vnecdn.net/syncuser?fosp_aid=fxuh9ku3npevl2ct.1623373603.des&orig_aid=fxuh9ku3npevl2ct.1623373603.des&myvne_user_id=0
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.226 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
9f04075a8f74c386680f9f68ddfa07f4d237f2d12453e5b438adefaac9f8d1fd

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:47 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Fri, 11 Jun 2021 08:06:47 GMT
Server
nginx/1.12.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://vnexpress.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0C25 		338 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dab395a64d1a6cba64d52ecd6524989fe041021e28556459c01bdad4123ce60f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118262
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:46 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5CC7 		338 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dab395a64d1a6cba64d52ecd6524989fe041021e28556459c01bdad4123ce60f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118262
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:46 GMT
6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js
pagead2.googlesyndication.com/bg/ Frame 4EF4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 19:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
18696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5749
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jun 2022 19:55:10 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 17B2 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRzBv1m31fYHiGcKaQwGGRjlvQwgrLXDGtyrUqRmQ9-h5zAaIL-E4L4vz_avPyyyFsew_X9Z3HBFFG9XMik7-YChtcGNOwIZF_ifGVygUtfOfJd3Z-PhfacmoyPw&sai=AMfl-YTivkp2bbpQxp6oKexaQb22YLIFwGe8XcjkmU1MQLy2ZmzH40byDre8uNTukEPDqkJXTz5XdSwkmWl5vDe9s_4b_icQH54M0V7uR6H20oERQ-XdqXNjIBUngv_O6ew&sig=Cg0ArKJSzIvXdCCGU8h7EAE&cid=CAASPeRoFMIRNeTqN550rrVMryde5mwtRwc2izitPwHuUx5Bo-oPhaCQJzFGEFUNtRhuROg7SVXbf8eqLJoBNmU&id=ampim&o=1050,391&d=300,500&ss=1600,1200&bs=1600,1200&mcvt=1012&mtos=0,0,1012,1012,1012&tos=0,0,1012,0,0&tfs=175&tls=1187&g=100&h=100&tt=1187&r=v&avms=ampa&adk=1680299014
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 16BB 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=99389815&p=157742&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:45 GMT
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame CAF9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0U8qKAjdqRMoHEEjnOuW_A9Xqv3Aof1BBnv37OJ6lPxchYJkjeIs5dsPSj_77djpPX09I-OSz90i0WW_2dKchM12puX7U7b9G1kO6EITTIhQL7wqYEStxTJRurw&sai=AMfl-YQiPInTfqw8jSOxABiIIV09l6WvdLI5FAaZP1ijZ1w9CfYCOhfgzSuCZewfETO7QiTqougQofZMoPMlptSlR61km85cdQF5TEf41EDXMaLtqJ-GQKLgV0KUWdcRbzg&sig=Cg0ArKJSzPrCqoElxq8HEAE&cid=CAASPeRoMA33gmHMPRRD_atmOSkUvI3TuPPg1uq81SvX6wgCIvynV10TyNk4nWpxn7svVHsisToWRfc_ib1hO4M&id=lidar2&mcvt=1042&p=10,0,260,1600&mtos=1042,1042,1042,1042,1042&tos=1042,0,0,0,0&v=20210609&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1832943895&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623373605646&dlt=67&rpt=15&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.464.0_en.html
imasdk.googleapis.com/js/core/ Frame E8ED 		575 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.464.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9d5e09558279565ec0682c25b6e19e7ba308333de0d5f4b50ca21e8dc6ce83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.464.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192661
date
Tue, 08 Jun 2021 21:37:53 GMT
expires
Wed, 08 Jun 2022 21:37:53 GMT
last-modified
Tue, 08 Jun 2021 16:24:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
185334
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 5CC7 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:47 GMT
integrator.js
adservice.google.com/adsid/ Frame 5CC7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
Ureka_Supply_vnexpress.net_Outstream_passback_Avantics.js
bd.urekamedia.com/publishers/code/vnexpress.net/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bd.urekamedia.com/publishers/code/vnexpress.net/Ureka_Supply_vnexpress.net_Outstream_passback_Avantics.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:593f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12927b85c095cc89c174883aa90c0237337f596166dd9ba33753bcb8d1d0bbf

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
402430
cf-polished
origSize=6391
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9a3488fc00001f19b2a4a000000001
last-modified
Tue, 13 Oct 2020 03:07:11 GMT
server
cloudflare
etag
W/"5f8519df-18f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yNA3Wy0m7FHbTI8%2Flu0HatDE%2Bo8TCY%2BuanJ4FSHGBh9k48uDF9L6WAsm8Q2mwcQ2Xt2tqTZ3R22gCa%2BqoMsLa1yAeQEXzF2dXdTTABq7KfSs%2FhxspjTPL6gPv0DqJ2BEsYNToFcJDbz9kMc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
65d6f054cace1f19-FRA
expires
Tue, 06 Jul 2021 09:19:37 GMT
bridge3.464.0_en.html
imasdk.googleapis.com/js/core/ Frame 9527 		575 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.464.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9d5e09558279565ec0682c25b6e19e7ba308333de0d5f4b50ca21e8dc6ce83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.464.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192661
date
Tue, 08 Jun 2021 21:37:53 GMT
expires
Wed, 08 Jun 2022 21:37:53 GMT
last-modified
Tue, 08 Jun 2021 16:24:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
185334
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 0C25 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:47 GMT
integrator.js
adservice.google.com/adsid/ Frame 0C25 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
0.js
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/ Frame CFCA 		317 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js
Requested by
Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1245982&orgId=23089&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=http%3A%2F%2Fvnexpress.net&vrid=37f97838-3f30-434f-95bc-cfccb3fc42e3&pblob=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 09 Jun 2021 08:11:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
147339
x-amz-server-side-encryption
AES256
x-amz-storage-class
STANDARD_IA
vary
Accept-Encoding
content-length
104243
x-amz-id-2
txMJCt/5UHwRZt3lTIvVzsaCqBUQHKW9Thy4NTXQuuHm/GEhlZEenwNxj8HNhqupi0WRlNq0v94=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 31 Mar 2021 05:09:03 GMT
server
ATS
etag
"ce274b08c0547a727a3ff76c208f4a16-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-request-id
X4KQ8TY2NFWNNHXV
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
x-amz-version-id
null
accept-ranges
bytes
content-type
application/javascript
impression.gif
trk.vidible.tv/trk/ Frame CFCA 		43 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=59ae8acf7cdce04271395139&s=true&pv=10.2.63&ifr=true&cb=0.0206601701811846&pt=o2unit&sid=2c3c51e4-8b70-468c-aac7-37991866c352&r=https%3A%2F%2Fvnexpress.net%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.4 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.19.4
content-type
image/gif
content-length
43
expires
Fri, 11 Jun 2021 01:06:47 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6AE9 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 00:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 11 Jun 2021 01:59:23 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8CC1 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bd.urekamedia.com
URL: https://bd.urekamedia.com/publishers/code/vnexpress.net/Ureka_Supply_vnexpress.net_Outstream_passback_Avantics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
07bcfbebdba3f802bc9489847c3334fd5269b753d2390c9ff67e022c68255464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"899 / 33 of 1000 / last-modified: 1623363054"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21344
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:47 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FD45 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 00:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 11 Jun 2021 01:59:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060701&jk=2196795129091666&bg=!xMelx4PNAAY6sG-_OrA7ACkAdvg8Wq_nPoK8QOZSNdQROvNK8aQp6I3buwZrZV_S5S1i0PTDpqI7PAIAAAHsUgAAADxoAQeZAmrIN74aAbmhbCMC7yX-gMIwSJoNVK6iRulBIVk_SB96D8yNeXfVD1TpYl2pVHMFVL_IAqF6Yfmc8hh04H5YNaAPxN68of-BXc8LPHYMajCXHTw9BWDGM_i_jK3Fn29SBVMCQHbBjJqZo7ZBLzeQpqM4TpoQ0w6niVR7Jt-MUejjk3ntcfLgrgfgU37dPSnbkkIaPx_d1KdXtGpD0-TthTDVSiZJNI5eQY-u4KJQchYvCIKjam1yR9wjKHxrtt_L-qI1RGEP_AQ8fWWAdovkxb46HYbdRr-Kx4U14KAI77znxKIoOU6ppF7abHOLIujYMRO-MYv7Ks_O2sp4J_xCd9aROY36lHgx4kBjDFQlAp-bezOtXVkLquMP2kutVLAjEF4eRqHBCDLXVexU5aCvvMPGHMqJk_HAwt6EL3iWx_UWsnk0_l_FCvoJBmid2vWXv51MurbKtLUTrkU7t1s7ZRQn-t4b1wVCIVkVqgVT4EwzQTuMKCCwILQQoYggP5Nj9RfWkZfveCPEpewFukxrY28piTsoSkOdwbH5auTrcJe234muULATsoDxVcjkyQAv-F69YtG_2SIhwplmRCmvtvCDPxLXc5ZOicVFV67gzvyFXDCdynGxMcU8bTBWpFCSWEIKrxYZsZ-jPrV11fIlwubeHI0_REZo9nAb8Ia4x9CvHWHCeN4SjxWYzj0GBtAw8-qk6c-ixnl1aH1LlOdkCwWJpW_ui4ZipD5PTxxTgBGefXmXgjCdhLlX83PmdHeN0q4-5o-7iikx6k1TAfqEYM8OvQBVuaiOax8jvOtWRYMuupkRQYum-v6pIcA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
moatapi.js
z.moatads.com/aolvidibleapi29384728347/ 		133 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by
Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
gzip
last-modified
Tue, 25 Feb 2020 18:37:38 GMT
server
AmazonS3
x-amz-request-id
844FF664DE0AB17A
etag
"d678022569896f7b7293494e3a69c8c7"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=56228
accept-ranges
bytes
content-length
44266
x-amz-id-2
KrpVRZD3M0T4g9xUncS5g3siU6Z/qnTuCp2KYOKEtN/tCl8UaA8yn/9PP1OCFx0nXyimfljs5VQ=
local-storage.html
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame B50F 		2 KB
782 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
cdn-ssl.vidible.tv
:scheme
https
:path
/prod/player/ad-time/local-storage.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

x-amz-id-2
3dNKcdVZTMeXjaZpIedgvgHwXJzMS7x9l7kOzPuzpOXHi+mV4AnTBHrXhOIF0x/kfWJDMQoRm+8=
x-amz-request-id
ATY663V0W6BNTT4C
date
Thu, 03 Jun 2021 14:51:26 GMT
last-modified
Wed, 19 Feb 2020 12:29:18 GMT
etag
"3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption
AES256
x-amz-version-id
null
accept-ranges
bytes
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade
cache-control
max-age=1209600
age
641722
ats-carp-promotion
1
access-control-allow-methods
GET
access-control-allow-origin
*
content-encoding
gzip
vary
Accept-Encoding
content-length
557
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
0SzYvAqqJfH4Pvhp5l0RGQ==
ads.adaptv.advertising.com/a/h/ Frame CFCA 		0
0
display.gif
trk.vidible.tv/trk/ Frame CFCA 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/display.gif?bcid=59ae8acf7cdce04271395139&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fvnexpress.net%2F&s=true&sid=2c3c51e4-8b70-468c-aac7-37991866c352&vvuid=b8c8be31-4c27-4dd1-80cd-6ee0025edef2&orgId=23089&plcid=1245982&vrid=37f97838-3f30-434f-95bc-cfccb3fc42e3&ab=0&dt=139&h=225&spaceid=793604934&w=400&cb=0.8845143418605954
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.4 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.19.4
content-type
image/gif
content-length
43
expires
Fri, 11 Jun 2021 01:06:47 GMT
ad-request.gif
trk.vidible.tv/trk/ Frame CFCA 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-request.gif?bcid=59ae8acf7cdce04271395139&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fvnexpress.net%2F&s=true&sid=2c3c51e4-8b70-468c-aac7-37991866c352&vvuid=b8c8be31-4c27-4dd1-80cd-6ee0025edef2&orgId=23089&plcid=1245982&vrid=37f97838-3f30-434f-95bc-cfccb3fc42e3&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.11402862257337554
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.4 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.19.4
content-type
image/gif
content-length
43
expires
Fri, 11 Jun 2021 01:06:47 GMT
ad-engine-request.gif
trk.vidible.tv/trk/ Frame CFCA 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=59ae8acf7cdce04271395139&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fvnexpress.net%2F&s=true&sid=2c3c51e4-8b70-468c-aac7-37991866c352&vvuid=b8c8be31-4c27-4dd1-80cd-6ee0025edef2&orgId=23089&plcid=1245982&vrid=37f97838-3f30-434f-95bc-cfccb3fc42e3&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=400&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=225&cb=0.30074998160670097
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.4 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.19.4
content-type
image/gif
content-length
43
expires
Fri, 11 Jun 2021 01:06:47 GMT
usync.html
eus.rubiconproject.com/ Frame FC8D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://vnexpress.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 11 Jun 2021 01:06:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0968 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=106305
expires
Sat, 12 Jun 2021 06:38:32 GMT
date
Fri, 11 Jun 2021 01:06:47 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7486 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://vnexpress.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
anj=dTM7k!M4/8CxrEQF']wIg2E?chM@rZ!@wnf-Te9(>wL5L!!'E]$`161; icu=ChgIuKdzEAoYASABKAEwpu6KhgY4AUABSAEQpu6KhgYYAA..; uuid2=8957257764456227477
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 07 Jun 2021 05:03:25 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 11 Jun 2021 01:06:47 GMT
Age
73785
X-Served-By
cache-lga21963-LGA, cache-fra19122-FRA
X-Cache
HIT, HIT
X-Cache-Hits
2, 418705
X-Timer
S1623373607.482647,VS0,VE0
Vary
Accept-Encoding
pubads_impl_2021060301.js
securepubads.g.doubleclick.net/gpt/ Frame 8CC1 		312 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Jun 2021 08:37:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112073
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:47 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1623373607647&de=799471057829&d=240%3A-%3A-%3A-&bo=vnexpress.net&bd=vnexpress.net&f=0&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Jun 2021 01:06:47 GMT
integrator.js
adservice.google.cz/adsid/ Frame 8CC1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.cz/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8CC1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8CC1 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3078083063543811&correlator=4113757175692609&output=ldjh&impl=fif&eid=31061039%2C31061357%2C31061423&vrg=2021060301&ptt=17&sc=1&sfv=1-0-38&ecs=20210611&iu_parts=2627062%2CUreka_Supply_vnexpress.net_Outstream_passback_Avantics_3102019&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3D2c064322724f0633-22d809655dc8009b%3AT%3D1623373606%3AS%3DALNI_Mbh-e6rZwalq0SZo7K1_dL8jdjNEQ&cdm=vnexpress.net&bc=31&abxe=1&lmt=1623373607&dt=1623373607656&dlt=1623373607264&idt=387&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=985706536&ucis=e19q19g7pobx&ifi=1&ifk=901199412&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fvnexpress.net%2F&top=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=687983483.1623373608&ga_sid=1623373608&ga_hid=1157883834&ga_fc=false&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8e243c93e05650e30b9a0452a43e0a2a36010ccffa590c96c2917a2f518e715c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4223
x-xss-protection
0
google-lineitem-id
5270339472
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138300419813
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cc5b498521e182e8f0b783e0dc349d2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8CC1 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://cc5b498521e182e8f0b783e0dc349d2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
pubads.g.doubleclick.net/gampad/ Frame E8ED 		0
0
async_usersync
ib.adnxs.com/ Frame 7486 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:47 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.12:80
AN-X-Request-Uuid
2877fc94-5cff-4911-8006-6baf4ac8d417
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame FC8D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c34427a72c83454517d14b31a7ad99d35cd96bd62c69e8e68aa06de14b6858fc

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 21:12:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30407
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9302
Expires
Fri, 11 Jun 2021 09:33:34 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 9527 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8767 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060301&jk=487458167947544&bg=!m5ilmNzNAAY6sG-_OrA7ACkAdvg8WuqOnImPSWhmWOSczQavL416LBp3qauz9arFirTqzzay7WPQRwIAAAHmUgAAAGJoAQeZAoUYpArKALELdu9h-pRee0qUhDITp9kuUgD1uPxFOkeyQ5rkdPpnx3gKPthFXaF6soj1rSnPlIVObWM6YOpUrJDG0BByd4wlars8FpKbtYTQRQdN6vYDcHooxsdt_qdV5bKt64bQ4PGKAlP395ZBaJDCu9v79iG5ZnHWbiRXfjM53uAlbxXjl_ZuE8tC1yl72lJ2wN1cbNqAUf7IGcEofa3XK4rhSLt6VJxwVdjlhtX2L0szBDFQOn66_TKwK1wtAgEwitu-11s_6cV5PED4HoUiw54nDzmXwM5hn-LSkwdkBXsR1TISxeo_KI1DI3N5JCPlGMDRbbGa9rDMyVaJqweG2hcyQkSHnQZ5hB6dWMQDj4bb-Vm1bibdCUVoQ88nMhq5j3RQOlEG0k_h8i63gbRuSHkS-RHh6UdY46YloAmnRxyMT2m7HNfO_jBvBN8KjUrvA5EOa7KgW9wJniRj3zdpr46NTmwZHyfhOVANv5Uja4JVaWOXhUQlNFLk0a613p3dIDC5fYF_v8cbrdxzSRd7etcKars8p5zuB2BtlCfTq6wvjD5rQVbEn32yM8FT_QQ2W10s_oSDu8Ff1lyhKi0YqPdiJNss3M8j8zr63IBL_-apyVKSxGpXX9Z582e9tRhu3o4Gh4Lmyc8w85GWt8jiNknxBRUUOlmU9l8m8-GQFa9B0iqwXJUOGMuDjLVBsmsb0OFShsRuwUZIwt-DJQnE6nfPGWd6Vc2ehTOAvBaE_BMXDOr2UeoSRgZSMo7gc-nUHPep5M7IFy3nX1T_M6YLcroZqsjTqYTM8h9GQWUJ5yVXk2Pt4Gh_bi8G30P7vRLemt8BCiAQL56vRgRsx35sBQ5L5oA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame FC8D 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
view
securepubads.g.doubleclick.net/pcs/ Frame 05EA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF2L5bqG48CIa7L5UE6bx3AdC_lyTaPaLG3-YYZeP2zqoj_Rr3mPqLeW-Byk-M19q2ZDtmOqsuEtbOed0d_vBiRqc4t1sj2rMdYhIJp5ablwPFTczPDHHZxsU-Hp5IOMFyEfbGyLaE3dK6AP7N4Lo45Auet5eDeF2at4ZEjZYqC5PUKbkhhMO81vvph5TQvZVpLFOAel_iJrpOfQqGu4J-S-zBHMstIww_01oNgvYod9vjHsSvJvl8hD7hIWJXwgg3QVaixL2QfHjAwvw0iiou0pWiY2JMAKo8j9Ei6ZhiG987FNRow6G1bWPhdxZk2qwHnAnuyxTs8Nx_ZGBvjtlBOSj1ieotCkSYLF8z2A&sig=Cg0ArKJSzIN0o_frp2BXEAE&urlfix=1&adurl=
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
vdo.ai.js
a.vdo.ai/core/vnexpress/ Frame 05EA 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/vnexpress/vdo.ai.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2384 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.30
Resource Hash
ac343b25f7d83b692cef6d00c10063585d5ce700dc20732ced701de9d643b043

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
397
x-powered-by
PHP/7.2.30
x-cache
MISS
vdo-server
Tag3
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9a348bb300004e798698e000000001
content-type
text/javascript;charset=UTF-8
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FSMjweLPz4Mpi%2FcP2rEFtuO6Id%2FBlJ%2Fc2NJKFc88w2TOXgDSK2F7NzEzyxccVmv4U44Gpx6wp0TCbe2025epZ%2Fob5c%2BpRaRIfuCNtZjMGbR2O9Pax6pQSE8qUKSdiGBATi0%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
344611
access-control-allow-credentials
true
cf-ray
65d6f0591e544e79-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 05EA 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623263560240521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37945
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:47 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 8CC1 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34e9a619897b9223115c6588f352612268c90c3d83990829768973759b0d1a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623263566164500"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28162
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8CC1 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
510b0974ca6692dc3a22902492bd0913c7b201d63bff9c35f5099ea74a018219
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7908
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8CC1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622653785071769"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:47 GMT
js
www.googletagmanager.com/gtag/ Frame 05EA 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113932176-33
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/vnexpress/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c5018d4b7000cc685a9a98a4b4ff1b1c60c365718bc9d839215373d78be23b50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36039
x-xss-protection
0
last-modified
Fri, 11 Jun 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 11 Jun 2021 01:06:47 GMT
vdo.min.js
a.vdo.ai/core/dependencies_hbv4/ 		353 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/vnexpress/vdo.ai.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2384 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc5b6285200a4ad876a007b56df59a28638bc6462711033260101d5184f6bc8

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
399
cf-ray
65d6f059790e4eaf-FRA
x-cache
HIT
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9a348bef00004eaffa02d000000001
last-modified
Thu, 10 Jun 2021 20:09:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4q2s48AgCKIM%2FBpX0aw5TjQCIjcftHPWcIzRL4Ek6a4KIoZgbjJ00q8VwGtxoHuq3anujfcJmCcmJpafIKQy%2BSBTsnQhV7u4F%2Fq%2B3hRdSSMPFUv0F2xCxwg3C%2F6Eeh67snc%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
970237 599772
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		338 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/vnexpress/vdo.ai.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dab395a64d1a6cba64d52ecd6524989fe041021e28556459c01bdad4123ce60f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118262
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 1E6E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/223/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Fri, 11 Jun 2021 00:45:13 GMT
expires
Sat, 11 Jun 2022 00:45:13 GMT
last-modified
Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1294
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7F3C 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b290faf8254387bdc79ff5096d2e13ab4420efb6f4b369325caed85fdd70543c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NdQA0DpX99cDQxP5RltO+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

expires
Fri, 11 Jun 2021 01:06:47 GMT
date
Fri, 11 Jun 2021 01:06:47 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-NdQA0DpX99cDQxP5RltO+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js
pagead2.googlesyndication.com/bg/ Frame 1E6E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 19:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
18697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5749
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jun 2022 19:55:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 05EA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfEhQLRi3uYbvOYPNhlKWBlhNVq2FDm8gwlgupane56Z0ZFQvqtMU09pzJANt78XWgqzAAcbTFCLF3KHJjR9JSolbd3rwwc9U5RkW6Tw2Vlq3sKLjwF3lctLBD9s7YZLtFmslG1W97kzort-YDv4E-dxhVKJXBk0PhGzoJv3BdFJqf_mYD7i8nv-sfp0q_I39VpfAtjJpwo85IYYfMzLJFng-U7SLpOJo0QGwaJ0HLfViEpWxFrFz2d6xqOPaxz1fdNAl-E8QGDekq4PIL3L8b9FIbJ_6YJ-k1Ro4Ppwdhjjy9I_IWR1IP97tQgB3X5yLxutafVyFCYXgQkJ-pjxYTCwv0V0Ju2ED7Ry1q-oRH&sig=Cg0ArKJSzJMu4ukXQ2TjEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 11 Jun 2021 01:06:47 GMT
analytics.js
www.google-analytics.com/ Frame 05EA 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113932176-33
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3966
date
Fri, 11 Jun 2021 00:00:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 11 Jun 2021 02:00:41 GMT
collect
www.google-analytics.com/j/ Frame 05EA 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1296600952&t=event&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=vdoaijs&ea=loaded&el=vnexpress&_u=YEBAAUABAAAAAC~&jid=1739853747&gjid=766449422&cid=34183821.1623373608&tid=UA-113932176-33&_gid=1932844818.1623373608&_r=1&gtm=2ou690&z=249816257
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113932176-33
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f5c37d4957cd70f74f9db7b782be34909970e433bf4d2eb85d97b04bb89e88c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36039
x-xss-protection
0
last-modified
Fri, 11 Jun 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 11 Jun 2021 01:06:48 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113932176-33&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dbeab631703e1b23d7decf6db30a400d75bf9e828200079453fe68ea0b7cbfda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36072
x-xss-protection
0
last-modified
Fri, 11 Jun 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 11 Jun 2021 01:06:48 GMT
allowed_url.php
targeting.vdo.ai/ 		99 B
897 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.vdo.ai/allowed_url.php?type=json&url=vnexpress.net%2F&tag=vnexpress&domain=vnexpress.net
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2384 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75ace966726add1583567ab2520409b8f0518c16bda739e5e736450a02c1458d

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bcpEFQoWtXYt8WSTg7tCeOeI1Fi786PyM8eYkXlmkczYbSTUQHvbewtbYUlfVapiZGVCUP1pBghcf1kFha4gO4V7J2odzwjX5S4brfn3mR7vcquV%2FxP2jJiTWr2ubFu5oCjO0wtADpyUBg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
65d6f05a7e8c05bb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9a348c88000005bbce39c000000001
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 11 Jun 2021 01:06:48 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 11 Jun 2021 01:06:48 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
vdo.player.js
a.vdo.ai/core/assets/ 		575 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/assets/vdo.player.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2384 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3d3d99ec2d1da823e792b3024b24ae723c89a29d46d9cffe4b1d4ba935c0da

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:48 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
398
cf-ray
65d6f05b2abc4eaf-FRA
x-cache
HIT
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9a348cf700004eaf53bc9000000001
last-modified
Mon, 14 Sep 2020 22:24:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hDr9Yu%2BFphddzd2MvQPq8Zo0u0OV3yDVBo5e1CxQZNaLVK8B%2FwJpaxJWzvbWsBQAlp5Kcd9Hk8DE0V%2B7drymF2qOXK6QomgmMD1RkRH66xUXGJkWBkzVlywrOYpyU%2FCQg5I%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
970342 599792
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
rtb.js
a.vdo.ai/core/assets/ 		404 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.vdo.ai/core/assets/rtb.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2384 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa643a5b66acbe2786ef53b666e30d03dc07944b8bbb2aa1a19a7b55c81f0691

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:48 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
398
cf-ray
65d6f05b2abe4eaf-FRA
x-cache
HIT
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9a348cf700004eaf34b9c000000001
last-modified
Thu, 03 Jun 2021 08:38:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dYz%2BgHyJeOzleYIrLSynXqcDDQ0DEsRnTb6xmCaTzSmcf2TQr%2BxfrIUETvauHR7gDLTWY2qBZnZyyq1onvuxRiU3s%2FU2N94kiNuR%2Fg7o9GwfLwMb%2BP3KHe6LrXqhXjuvjYw%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
602342 280127
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113932176-33
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3967
date
Fri, 11 Jun 2021 00:00:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 11 Jun 2021 02:00:41 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1810308553&t=pageview&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADQAAAAE~&jid=&gjid=&cid=34183821.1623373608&tid=UA-113932176-33&_gid=1932844818.1623373608&gtm=2ou690&z=1174836785
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 20:23:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17015
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1810308553&t=event&_s=2&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=initVdo&el=vnexpress&_u=aGDAAUADQAAAAE~&jid=&gjid=&cid=34183821.1623373608&tid=UA-113932176-33&_gid=1932844818.1623373608&gtm=2ou690&z=376415243
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 20:23:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17015
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1810308553&t=event&_s=3&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=banner_blocked_size&el=vnexpress&_u=aGDAAUADQAAAAE~&jid=&gjid=&cid=34183821.1623373608&tid=UA-113932176-33&_gid=1932844818.1623373608&gtm=2ou690&z=1072122523
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 20:23:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17015
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7BE5 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=106304
expires
Sat, 12 Jun 2021 06:38:32 GMT
date
Fri, 11 Jun 2021 01:06:48 GMT
vary
Accept-Encoding
load-cookie.html
user-sync.adxpremium.services/ Frame F854 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:621d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876

Request headers

:method
GET
:authority
user-sync.adxpremium.services
:scheme
https
:path
/load-cookie.html?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

date
Fri, 11 Jun 2021 01:06:48 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
expires
0
last-modified
Fri, 26 Feb 2021 09:17:16 GMT
pragma
no-cache
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
0a9a348d2b0000d70d5c9ae000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=y%2BTyfFCgGWIIrJlUan20osdLTB8SOTpDLhDrMBwNUf%2FONysDJuFM6mlJsgrNvC8tKSnFD2JLy8tTJCbjdJ6lLhfEvWf4gowjVyhIdWe3Fly3VlLPTsGpPdHIz6F76JAd5%2BjgpdLe8JRRCEAgiik%2BltrPk7dIBpk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65d6f05b7c11d70d-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6292 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://vnexpress.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
anj=dTM7k!M4/8CxrEQF']wIg2E?chM@rZ!@wnf-Te9(>wL5L!!'E]$`161; icu=ChgIuKdzEAoYASABKAEwpu6KhgY4AUABSAEQpu6KhgYYAA..; uuid2=8957257764456227477
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 07 Jun 2021 05:03:25 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 11 Jun 2021 01:06:48 GMT
Age
73786
X-Served-By
cache-lga21963-LGA, cache-fra19122-FRA
X-Cache
HIT, HIT
X-Cache-Hits
2, 418707
X-Timer
S1623373608.247339,VS0,VE0
Vary
Accept-Encoding
index.html
ads.adpone.com/ Frame FAB1
Redirect Chain
  • https://eu-ads.adpone.com/
  • https://ads.adpone.com/index.html
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adpone.com/index.html
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47f377c3555535581c28d43c044f2b5395b53273142b865b7f1e1fc0dc4e17c9

Request headers

:method
GET
:authority
ads.adpone.com
:scheme
https
:path
/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

date
Fri, 11 Jun 2021 01:06:48 GMT
content-type
text/html
x-amz-id-2
ffNP83VIKXmhy78dH5AfxJsP78NkOVMAJ5aS/W8TyRzhyAp58CijN5XxqbbGbvNxCOoG+Gy+iVI=
x-amz-request-id
6PQV8S5JDMSPZ4FZ
last-modified
Tue, 24 Mar 2020 15:22:42 GMT
cf-cache-status
DYNAMIC
cf-request-id
0a9a348d4200004e4a83931000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JPmLw%2Fm2fgvyOEUOS0w4tSwD%2BSuqBsSQtFu4tw1UL7xvYzzzdq74r4InU77pdtvvyIP0fGqT4EMLRjZzfGyD%2FjoWluh36PKYa%2BHcD75ICwhNpFMfyxNMrBTyGDS1U8zJA95X9EVjcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65d6f05b9c4f4e4a-FRA
content-encoding
br

Redirect headers

date
Fri, 11 Jun 2021 01:06:48 GMT
cache-control
max-age=3600
expires
Fri, 11 Jun 2021 02:06:48 GMT
location
https://ads.adpone.com/index.html
cf-request-id
0a9a348d2b00004e4a7b892000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NMo4iNduVf0sR6mbxIv3v2PzUXdB6TAMmdGdvK3dVwwGFE61mfEn4y23mSL%2BEy%2FctjKrhqFJAs8KQRbU85gkYxnS7zry0RwJ86m4pfxceyOPaULTmDsUZO67d1CgHfVW3DvfpV9G3LHjXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
65d6f05b7c094e4a-FRA
pd
u.openx.net/w/1.0/ Frame 06CD
Redirect Chain
  • https://u.openx.net/w/1.0/pd
  • https://u.openx.net/w/1.0/pd?cc=1
668 B
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?cc=1
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
fccf89e81758062302f831090978d5a9617276eba4655e7d55e8304d09a7790e

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=140d6a62-ec6f-4e9f-beb8-02b4c3a06ec3|1623373608
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=140d6a62-ec6f-4e9f-beb8-02b4c3a06ec3|1623373608; Version=1; Expires=Sat, 11-Jun-2022 01:06:48 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1623373608|gekin0vNiygu; Version=1; Expires=Sat, 26-Jun-2021 01:06:48 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.208.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 11 Jun 2021 01:06:48 GMT
content-type
text/html
content-length
419
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=140d6a62-ec6f-4e9f-beb8-02b4c3a06ec3|1623373608; Version=1; Expires=Sat, 11-Jun-2022 01:06:48 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.208.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/pd?cc=1
date
Fri, 11 Jun 2021 01:06:48 GMT
content-length
0
via
1.1 google
alt-svc
clear
fbde91a6-2158-4023-a1f3-85faab07ec94
https://vnexpress.net/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://vnexpress.net/fbde91a6-2158-4023-a1f3-85faab07ec94
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
161466572356603dd7fb31a1a.m3u8
h.vdo.ai/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.m3u8
Protocol
HTTP/1.1
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
vdoai
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.16.1
Date
Fri, 11 Jun 2021 01:06:48 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Content-Length
0
161466572356603dd7fb31a1a.m3u8
h.vdo.ai/uploads/videos/ 		10 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.m3u8
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
29bdfdc0a7ced1bb9fe2ef4ef8ed398fda68230e32ce738ca2dbf4b62d0b7545

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
vdoai
true

Response headers

Date
Fri, 11 Jun 2021 01:06:48 GMT
Last-Modified
Tue, 02 Mar 2021 06:16:32 GMT
Server
nginx/1.16.1
ETag
"603dd840-2703"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9987
e0d77bea-99ce-469a-9392-271f66d9d922
https://vnexpress.net/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://vnexpress.net/e0d77bea-99ce-469a-9392-271f66d9d922
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0d2bb46c68e084f258f3728375c0351cb47075647142ba7df6f0059ae0b2581

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
5409
Content-Type
application/javascript
bridge3.464.0_en.html
imasdk.googleapis.com/js/core/ Frame E636 		575 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.464.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9d5e09558279565ec0682c25b6e19e7ba308333de0d5f4b50ca21e8dc6ce83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.464.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192661
date
Tue, 08 Jun 2021 21:37:53 GMT
expires
Wed, 08 Jun 2022 21:37:53 GMT
last-modified
Tue, 08 Jun 2021 16:24:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
185335
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 11 Jun 2021 01:06:48 GMT
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 11 Jun 2021 01:06:48 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
logo.svg
a.vdo.ai/core/assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vdo.ai/core/assets/img/logo.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2384 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:48 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
397
x-cache
HIT
content-type
image/svg+xml
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9a348dca00004eaf03bca000000001
last-modified
Mon, 02 Mar 2020 08:12:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hThIAnf6NfjMVGNksTOFWLSUU02aNKpehwfehLIcMLMO5NxxzA426LHFZ3iFMXblr413I9yXvPOM4M5NYTdVtaSskMAm0%2FFvaVRl%2FRo%2FhMLU8SN2BRRXx5S5bKs7Ejz6%2FEY%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
970393 599775
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
cf-ray
65d6f05c7c214eaf-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
async_usersync
ib.adnxs.com/ Frame 6292 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:48 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.51:80
AN-X-Request-Uuid
5dc6c8db-a948-460b-9be4-c9ac202a6c41
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_sync
user-sync.adxpremium.services/ Frame F854 		2 KB
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/cookie_sync
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:621d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2380f180199a4e2e4f231e34f97ac82949a84042e792ef5532be2956b99f563d

Request headers

Referer
https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Jun 2021 01:06:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a9a348f180000d70dfe838000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cWHlOgT2qaG6Q4kg8d%2B4LLXJ0%2BTLfp3dB%2F0R8xZ9zuiTkGrb5bWnXjwYfRGRpA51pxEh1sEzdinHTbbdfu4K%2F0FxS86mZj59DDzh2NyaYZWVMD7jtdrmSJ5JZ8C5%2BrJGUTrOo9F2wUJ2EDTzvP9qcZw0l18aEyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://user-sync.adxpremium.services
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
65d6f05e8f3bd70d-FRA
expires
0
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 11 Jun 2021 01:06:48 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 11 Jun 2021 01:06:48 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 11 Jun 2021 01:06:48 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1810308553&t=event&_s=4&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview&el=vnexpress&_u=aGDAAUADQAAAAE~&jid=&gjid=&cid=34183821.1623373608&tid=UA-113932176-33&_gid=1932844818.1623373608&gtm=2ou690&z=1663392775
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 20:23:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17015
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1810308553&t=event&_s=5&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview&el=vnexpress&_u=aGDAAUADQAAAAE~&jid=&gjid=&cid=34183821.1623373608&tid=UA-113932176-33&_gid=1932844818.1623373608&gtm=2ou690&z=1690636923
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 20:23:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17015
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1810308553&t=event&_s=6&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=began_atf&el=vnexpress&_u=aGDAAUADQAAAAE~&jid=&gjid=&cid=34183821.1623373608&tid=UA-113932176-33&_gid=1932844818.1623373608&gtm=2ou690&z=862998534
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Jun 2021 20:23:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17015
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6785 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 00:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 11 Jun 2021 01:59:23 GMT
sd
eu-u.openx.net/w/1.0/ Frame 06CD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8e0160c2-b727-4200-9f59-63eef7ed5593
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8e0160c2-b727-4200-9f59-63eef7ed5593
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:48 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 11 Jun 2021 01:06:40 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8e0160c2-b727-4200-9f59-63eef7ed5593
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Jun 2021 01:06:39 GMT
sd
us-u.openx.net/w/1.0/ Frame 06CD
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=slcNFOZQXB6pUA8VtlFDH7RVV0WpBVZC4lEshr7T
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=slcNFOZQXB6pUA8VtlFDH7RVV0WpBVZC4lEshr7T
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:48 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=slcNFOZQXB6pUA8VtlFDH7RVV0WpBVZC4lEshr7T
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 06CD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5386584769435822460
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5386584769435822460
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:48 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:48 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5386584769435822460
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 06CD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=c7a1553b-45e8-7168-e46e-ca5ca7875d3e&gdpr=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 06CD 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWJjZTg2ZjEtOGM5Zi0yZmNjLWYxOGUtOTBlNTZkNjU5MzVl
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 06CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHqJJpY-8XgSHntnaXO2Msg&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHqJJpY-8XgSHntnaXO2Msg&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:48 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHqJJpY-8XgSHntnaXO2Msg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CC1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060301&jk=3078083063543811&bg=!cXKlcjbNAAY6sG-_OrA7ACkAdvg8Wv1K7ShNAJz2Z2CLcqivOHKhHFgEpb_LqczqNB7pwn5Yn-cVugIAAAIBUgAAABloAQcKAEg5Qn9HLVig5XnGocK6ZgRVtLGTZXhtPI6qnKypz4gFRkC7s_P4-F1WA9rAEKqiDRNaFTXFzAHkBnFd-Lc_i_LmY7ZLzXYsp8GZAoZp2We_ItxSXqRdqWg3feWshQpb9t1l27-lzOBPMLiizoHnSHRvfS2Ah75ZPtFasv3RaL8Wp2xlGqz_q4IvuaZ7UjtbfVW-IgxDAq6gYcJhrKX6ru3B-rayOEwfyzEtE_oIQwz8sijD2Kp6_ko3dU_6-I8SV4MCUK3LjA_QVjbgmLes0aU5qZlj7pucwHtj3f9AcV-3hjCIQa4hDN-WcTDZ8yawkVNRC3gX4iuyxqKmSGwvWP4ebxpI-ZnBcK-LFtLeKzuv4Z0Tqm4hY-PdIDfqx-p7E2XpSile2nOn0JH6G1D514lJbNQBwPJ4obaCI4xJG7pjrk2bEGGlrWQFMEZLKZVmV8Q3Fel1xtOOzc6CG_frntDkS_N5jZwqKDWjuwR-fVg0xim1_DSVmEkAEZhngtAFdtGp9_4WtbKeldRwErVmZeIoOimoN8uBhDI7LsUDxSX4883wMgOBk7WnhlQ8SOSjxdAV5611347YZbtsZHzgqsques2zGB57ClLZm39HeUahlsFgmRdro-iY651c87eIYfVAyJaaxTUiEwGiTC-x5IUUaOod-XCZAbcNgXgGWJxaq_AzS-rOUfoVM55PobDBZcb8Zlp5COhTeSJYpEKEs8xFggEkX8b0dHBrwABe0YFlJozkkMwr7OtkCx3m8-vOU1t3dU4DufmUk-o1TBHSFKwJPsSP9dLl-gPmKEvmBV_y-SIXODr1QhiwafpciQWW1mgwkqLOLRDgglFQmGAgn1m_mVr-6pFh1NjurY0gd8LmpzMIA-w1RnRpQUyWjUwyZF_77PsJX6Ku4Ab6SaQv05Fg_cc4BPniU6zZIpwmSnhBZhi3sYr1-ILEaj96Eol5zaje
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7486 		0
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:48 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.234:80
AN-X-Request-Uuid
cecec863-32e2-4390-8054-81584141ca19
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.html
s.adtelligent.com/ Frame E054 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=601760
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
02e89ae04433ec2555f27e543f23ba9361c23a8ad89d357ba5f8b40c83c6a231

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://user-sync.adxpremium.services/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

Server
VertaMedia 1.0
Date
Fri, 11 Jun 2021 01:06:48 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
736
Access-Control-Allow-Origin
https://user-sync.adxpremium.services
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
csync
sync.adtelligent.com/ Frame E054
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=fe7fdaf4-fc77-4281-8fe2-0a4926dc9fb3
86 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=fe7fdaf4-fc77-4281-8fe2-0a4926dc9fb3
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:48 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=fe7fdaf4-fc77-4281-8fe2-0a4926dc9fb3
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
og5dh184cjpu537m0fijpokemjfnovdc
csync
sync.adtelligent.com/ Frame E054
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8957257764456227477
86 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8957257764456227477
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:48 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.117:80
AN-X-Request-Uuid
0e3f902f-7b86-46c6-9800-7d908dec4c3e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8957257764456227477
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
rtb.adxpremium.services/ Frame E054
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D
  • https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=b176b99e3a530a6d
0
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=b176b99e3a530a6d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:621d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:49 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JAo3isxnm0WMMg9VXY4FBj%2FUshaZtjK%2BR8zTTwlfN%2FPK4RrUB9CHctrOXGynTN0t7ZQUJMA5aJgZE4i5I1PbUZQVmRfxANl9h4jPb4W%2B64RvU6fblSVTnPp8C2Ee%2BkI9sWBpHGxRoLmZDYKpKSb0yl0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
65d6f0627a68d70d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0a9a34918a0000d70de584d000000001
expires
0

Redirect headers

Location
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=b176b99e3a530a6d
Date
Fri, 11 Jun 2021 01:06:48 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
ee9780c4-65e5-45ee-8e22-1cd4c13f2a8b
https://vnexpress.net/ 		52 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://vnexpress.net/ee9780c4-65e5-45ee-8e22-1cd4c13f2a8b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27b6996a0f7ea420886fcb7b079d023a65391f41b283c92c38b60e8a157d6559

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
52893
Content-Type
application/javascript
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ 		300 KB
300 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0ca47478b43c46bddeff5622f7a49f723a6e3b560b849bf1076308e8c29222e5

Request headers

Referer
https://vnexpress.net/
vdoai
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-307191

Response headers

Date
Fri, 11 Jun 2021 01:06:49 GMT
Last-Modified
Tue, 02 Mar 2021 06:16:32 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"603dd840-20026e8"
Content-Type
video/mp2t
Content-Range
bytes 0-307191/33564392
Connection
keep-alive
Content-Length
307192
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Protocol
HTTP/1.1
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range,vdoai
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.16.1
Date
Fri, 11 Jun 2021 01:06:48 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Content-Length
0
async_usersync
ib.adnxs.com/ Frame 6292 		0
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:49 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.155:80
AN-X-Request-Uuid
b77df94f-513c-45d6-9ac7-fdff3c1ebe1c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ 		266 KB
266 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0f9ca520377230106e92f725609bd6d82525b36a9cbc3fb4125fe7c083413769

Request headers

Referer
https://vnexpress.net/
vdoai
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=307192-579415

Response headers

Date
Fri, 11 Jun 2021 01:06:49 GMT
Last-Modified
Tue, 02 Mar 2021 06:16:32 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"603dd840-20026e8"
Content-Type
video/mp2t
Content-Range
bytes 307192-579415/33564392
Connection
keep-alive
Content-Length
272224
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Protocol
HTTP/1.1
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range,vdoai
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.16.1
Date
Fri, 11 Jun 2021 01:06:49 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Content-Length
0
prebid
ib.adnxs.com/ut/v3/ 		141 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
aee499367f84b43aedd97a2eef055e2892bf736b579ee47e0b39dad9ce2f781c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:49 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.150:80
AN-X-Request-Uuid
cee4c0b6-d796-45fa-b185-820a8f7d6d53
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
141
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
eaa270639e4720dbc0aebcb4fab01fda29fd2558d40a43b371c5277c04085239
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:49 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.47:80
AN-X-Request-Uuid
32678d13-dd52-44a9-80a7-c7ae7ff48fce
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://vnexpress.net
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
hb
loopme.me/api/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://loopme.me/api/hb?ak=00a3673f8e&sizes=444x250&media_type=video
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.3.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.17.3.55.162.clients.your-server.de
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Jun 2021 01:06:49 GMT
xl
s
server
_
access-control-max-age
3600
access-control-allow-methods
GET,POST
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,WWW-Authenticate,Authorization
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
342d0d162896254b4aab352892144b14059f2660ccd3ee440ad5f2acd6340da7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:49 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.249:80
AN-X-Request-Uuid
a7a47a8b-ad3d-4ccb-92ca-cce254abe0df
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avjp
vdoai-d.openx.net/v/1.0/ 		106 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vdoai-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fvnexpress.net%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=83f3f066-ab83-4d39-8722-637486af0af5&nocache=1623373609474&schain=1.0%2C1!vdo.ai%2C1265%2C1%2C%2C%2C&minduration=1&maxduration=200&mimes=video%2Fmp4%2Capplication%2Fjavascript%2Cvideo%2Fx-flv%2Cvideo%2Fx-ms-wmv%2Capplication%2Fvnd.apple.mpegurl%2Capplication%2Fx-mpegurl%2Cvideo%2F3gpp%2Cvideo%2Fmpeg%2Cvideo%2Fogg%2Cvideo%2Fquicktime%2Cvideo%2Fwebm%2Cvideo%2Fx-m4v%2Cvideo%2Fms-asf%2Cvideo%2Fx-msvideo&protocols=1%2C2%2C3%2C4%2C5%2C6&startdelay=0&playbackmethod=3&api=1%2C2%2C7&skip=1&skipafter=5&w=444&h=250&auid=541073745&vwd=444&vht=250&vmimes=video%2Fmp4%2Capplication%2Fjavascript%2Cvideo%2Fx-flv%2Cvideo%2Fx-ms-wmv%2Capplication%2Fvnd.apple.mpegurl%2Capplication%2Fx-mpegurl%2Cvideo%2F3gpp%2Cvideo%2Fmpeg%2Cvideo%2Fogg%2Cvideo%2Fquicktime%2Cvideo%2Fwebm%2Cvideo%2Fx-m4v%2Cvideo%2Fms-asf%2Cvideo%2Fx-msvideo&aumfs=100
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:49 GMT
via
1.1 google
server
OXGW/16.208.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://vnexpress.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Fri, 11 Jun 2021 01:06:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
dmx.districtm.io/b/ 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Jun 2021 01:06:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
cf-ray
65d6f0639f6427a0-PRG
access-control-allow-headers
Content-Type, Origin
cf-request-id
0a9a34923d000027a023931000000001
logger
analytics.vdo.ai/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 11 Jun 2021 01:06:49 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ 		245 KB
246 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
11778fc5384adddcc1f2d18fed68eef023b4067ae38432334ce94ed858088665

Request headers

Referer
https://vnexpress.net/
vdoai
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=579416-830583

Response headers

Date
Fri, 11 Jun 2021 01:06:49 GMT
Last-Modified
Tue, 02 Mar 2021 06:16:32 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"603dd840-20026e8"
Content-Type
video/mp2t
Content-Range
bytes 579416-830583/33564392
Connection
keep-alive
Content-Length
251168
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Protocol
HTTP/1.1
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range,vdoai
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.16.1
Date
Fri, 11 Jun 2021 01:06:49 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Content-Length
0
connectmyusers.php
cdn.connectad.io/ Frame AED8 		1 KB
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://user-sync.adxpremium.services/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

date
Fri, 11 Jun 2021 01:06:49 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
cf-request-id
0a9a3493c900004db29fa27000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65d6f0660e034db2-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1
sync-eu.connectad.io/syncer/ Frame 0892 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
sync-eu.connectad.io
:scheme
https
:path
/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.connectad.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cadsync
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.connectad.io/

Response headers

date
Fri, 11 Jun 2021 01:06:49 GMT
set-cookie
id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control
no-cache, private
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a9a3493ea00004db27b275000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65d6f0664e464db2-FRA
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 990E 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://user-sync.adxpremium.services/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=107318
expires
Sat, 12 Jun 2021 06:55:28 GMT
date
Fri, 11 Jun 2021 01:06:50 GMT
vary
Accept-Encoding
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ 		271 KB
271 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
59edc5d7fe4bfb5de8ffd5a3f130d3130364d1c8a3eae58eccf1992f28e97f87

Request headers

Referer
https://vnexpress.net/
vdoai
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=830584-1108259

Response headers

Date
Fri, 11 Jun 2021 01:06:50 GMT
Last-Modified
Tue, 02 Mar 2021 06:16:32 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"603dd840-20026e8"
Content-Type
video/mp2t
Content-Range
bytes 830584-1108259/33564392
Connection
keep-alive
Content-Length
277676
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Protocol
HTTP/1.1
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range,vdoai
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.16.1
Date
Fri, 11 Jun 2021 01:06:50 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Content-Length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 60F7 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=106302
expires
Sat, 12 Jun 2021 06:38:32 GMT
date
Fri, 11 Jun 2021 01:06:50 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 60F7 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23877088&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1e9afa0ade5eafa3131a4eb1b524658d684cfa8c84028b9083f1d6f39071d097

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:49 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 7548 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=5386584769435822460
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Jun 2021 01:06:50 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=5386584769435822460; expires=Tue, 10 Aug 2021 01:06:50 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
pubmatic
d5p.de17a.com/getuid/ Frame A603 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.166 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-166.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 7E60
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
42 B
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398; chkChromeAb67Sec=1; DPSync3=1624579200%3A201_197_219%7C1623456000%3A174; SyncRTB3=1624579200%3A220_56_21_13_161_7_54_3_71%7C1624665600%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Jun 2021 01:06:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Sep-2021 01:06:50 GMT; path=/
x-lat
lhrpug019:0:368
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

cache-control
no-cache
pragma
no-cache
content-type
text/html; charset=utf-8
expires
Fri, 11 Jun 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3407
x-powered-by
ASP.NET
date
Fri, 11 Jun 2021 01:06:49 GMT
content-length
205
setuid
rtb.adxpremium.services/ Frame FA28 		0
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:621d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
rtb.adxpremium.services
:scheme
https
:path
/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSCookie=1; uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJiMTc2Yjk5ZTNhNTMwYTZkIiwiZXhwaXJlcyI6IjIwMjEtMDYtMjVUMDM6MDY6NDkuMzY5NTA3NjQ1KzAyOjAwIn19LCJiZGF5IjoiMjAyMS0wNi0xMVQwMzowNjo0OS4zNjk0OTg3NyswMjowMCJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
content-length
0
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
set-cookie
SSCookie=1; Path=/; Expires=Thu, 09 Sep 2021 01:06:50 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJiMTc2Yjk5ZTNhNTMwYTZkIiwiZXhwaXJlcyI6IjIwMjEtMDYtMjVUMDM6MDY6NDkuMzY5NTA3NjQ1KzAyOjAwIn0sInB1Ym1hdGljIjp7InVpZCI6IkVFQkRENUYxLUVCQjItNDMyRC1BQUZELUU1RkE0NTlEMzM5OCIsImV4cGlyZXMiOiIyMDIxLTA2LTI1VDAzOjA2OjUwLjQ5MTAwNjAxNiswMjowMCJ9fSwiYmRheSI6IjIwMjEtMDYtMTFUMDM6MDY6NDkuMzY5NDk4NzcrMDI6MDAifQ==; Path=/; Domain=adxpremium.services; Expires=Thu, 09 Sep 2021 01:06:50 GMT; Secure; SameSite=None
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
0a9a3495e50000d70d67364000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nPw06svgJdQVZNKsOsrzTjtfgLBQtmgJducnAqM0GwWBCzZeDbnDoVPuT%2FRDeTfvPUKXVY4QF25sNFrpEmeMzKUXxZ%2BuXaLtEkASPD5Bzz7hWG30Eissd5YBimy1vSRj177hT%2FutsZBNKe3VCoDJHnA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65d6f06968b1d70d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 60F7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7r3V8euyQy2q_eX6RZ0zmA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 06:44:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-2080-5c3aeac410031"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=107318
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
2586
expires
Sat, 12 Jun 2021 06:55:28 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 60F7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8e0160c2-b727-4200-9f59-63eef7ed5593
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8e0160c2-b727-4200-9f59-63eef7ed5593
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 11 Jun 2021 01:06:42 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8e0160c2-b727-4200-9f59-63eef7ed5593
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Jun 2021 01:06:41 GMT
mw
mwzeom.zeotap.com/ Frame 60F7
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=5fcf193cb05933b0b37be3d61ca814ec
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=2febde62-1eb8-42a9-b25a-c98646bb342b&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=ac4be97f0b5f0c0f
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8b06ff42-ca54-4bc4-64b3-85e78e14f918&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGk_GshLyPagvkU1ywEOpSk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8b06ff42-ca54-4bc4-64b3-85e...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEGk_GshLyPagvkU1ywEOpSk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8b06ff42-ca54-4bc4-64b3-85e78e14f918&zcluid=ac4be97f0b5f0c0f&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
65d6f06b88ca4e9d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9a34973400004e9d57266000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEGk_GshLyPagvkU1ywEOpSk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8b06ff42-ca54-4bc4-64b3-85e78e14f918&zcluid=ac4be97f0b5f0c0f&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 60F7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUVCREQ1RjEtRUJCMi00MzJELUFBRkQtRTVGQTQ1OUQzMzk4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:392
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 60F7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMJ1DwtBaJSATL5KWfutxx8&google_cver=1
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMJ1DwtBaJSATL5KWfutxx8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:360
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMJ1DwtBaJSATL5KWfutxx8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 60F7 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 10 Jun 2021 01:06:50 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 60F7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8e0160c2-b727-4200-9f59-63eef7ed5593&gdpr=0&gdpr_consent=
42 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8e0160c2-b727-4200-9f59-63eef7ed5593&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:508
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 11 Jun 2021 01:06:42 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8e0160c2-b727-4200-9f59-63eef7ed5593&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Jun 2021 01:06:41 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 60F7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5386584769435822460
42 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5386584769435822460
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:378
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:50 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5386584769435822460
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 60F7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2febde62-1eb8-42a9-b25a-c98646bb342b
42 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2febde62-1eb8-42a9-b25a-c98646bb342b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:399
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2febde62-1eb8-42a9-b25a-c98646bb342b
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 60F7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8957257764456227477&gdpr=0&gdpr_consent=
42 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8957257764456227477&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:419
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:50 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.248:80
AN-X-Request-Uuid
c0b38c9a-575d-456b-a636-f2bb502e2cf6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8957257764456227477&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 60F7 		43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ 		256 KB
256 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
4b213bc6161490d20ce4607a2f578653dbc6ab6fedf2c155c49469e561bc2070

Request headers

Referer
https://vnexpress.net/
vdoai
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1108260-1370331

Response headers

Date
Fri, 11 Jun 2021 01:06:50 GMT
Last-Modified
Tue, 02 Mar 2021 06:16:32 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"603dd840-20026e8"
Content-Type
video/mp2t
Content-Range
bytes 1108260-1370331/33564392
Connection
keep-alive
Content-Length
262072
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Protocol
HTTP/1.1
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range,vdoai
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.16.1
Date
Fri, 11 Jun 2021 01:06:50 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Content-Length
0
sync_user
octopus-stream01-cads.fpt.vn/analytics/ 		51 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=3dfca826-5604-4610-9382-283f9f245fca
Requested by
Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software
nginx /
Resource Hash
09a94a6766698954177170f246d8e56002419131769f7afe90df419e1b7f84bd

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://vnexpress.net
Date
Fri, 11 Jun 2021 01:06:50 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Content-Length
51
Content-Type
application/json
sync_user
octopus-stream01-cads.fpt.vn/analytics/ 		51 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=e4392c99-34e4-436f-a271-b064fdff57e0
Requested by
Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software
nginx /
Resource Hash
5a2a2f24c639410a4fd5c593bf36a582f6b0dbf810820169205564a6fa4d689b

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://vnexpress.net
Date
Fri, 11 Jun 2021 01:06:50 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Content-Length
51
Content-Type
application/json
sync_user
octopus-stream01-cads.fpt.vn/analytics/ 		51 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=e4392c99-34e4-436f-a271-b064fdff57e0
Requested by
Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software
nginx /
Resource Hash
5a2a2f24c639410a4fd5c593bf36a582f6b0dbf810820169205564a6fa4d689b

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://vnexpress.net
Date
Fri, 11 Jun 2021 01:06:50 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Content-Length
51
Content-Type
application/json
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ 		309 KB
309 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f797dbc5fa904abe1c9d677401ae6cc44dd102c65466222a8024632a0855b814

Request headers

Referer
https://vnexpress.net/
vdoai
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1370332-1686359

Response headers

Date
Fri, 11 Jun 2021 01:06:50 GMT
Last-Modified
Tue, 02 Mar 2021 06:16:32 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"603dd840-20026e8"
Content-Type
video/mp2t
Content-Range
bytes 1370332-1686359/33564392
Connection
keep-alive
Content-Length
316028
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Protocol
HTTP/1.1
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range,vdoai
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.16.1
Date
Fri, 11 Jun 2021 01:06:50 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Content-Length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0968 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398; chkChromeAb67Sec=1; DPSync3=1624579200%3A201_197_219%7C1623456000%3A174; SyncRTB3=1624579200%3A220_56_21_13_161_7_54_3_71%7C1624665600%3A35; SPugT=1623373609; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&16514-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&23025-CAESEMJ1DwtBaJSATL5KWfutxx8; PugT=1623373610; KRTBCOOKIE_57=22776-8957257764456227477; KRTBCOOKIE_391=22924-5386584769435822460&KRTB&23263-5386584769435822460; KRTBCOOKIE_377=6810-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&22918-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&23031-2febde62-1eb8-42a9-b25a-c98646bb342b; KRTBCOOKIE_27=16735-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&16736-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23019-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23114-uid:8e0160c2-b727-4200-9f59-63eef7ed5593; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=106302
expires
Sat, 12 Jun 2021 06:38:32 GMT
date
Fri, 11 Jun 2021 01:06:50 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 0968 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30745084&p=159941&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
74fa59feb45b26f79a6bded627c5101766dfdca4211c58c4bb83ec4f33b9f40e

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame C1C5
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972336564145092756
42 B
293 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972336564145092756
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972336564145092756
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398; SPugT=1623373609; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&16514-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&23025-CAESEMJ1DwtBaJSATL5KWfutxx8; PugT=1623373610; KRTBCOOKIE_57=22776-8957257764456227477; KRTBCOOKIE_391=22924-5386584769435822460&KRTB&23263-5386584769435822460; KRTBCOOKIE_377=6810-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&22918-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&23031-2febde62-1eb8-42a9-b25a-c98646bb342b; KRTBCOOKIE_27=16735-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&16736-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23019-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23114-uid:8e0160c2-b727-4200-9f59-63eef7ed5593; chkChromeAb67Sec=2; DPSync3=1624579200%3A219_221_226_227_232_201_197%7C1623456000%3A174; SyncRTB3=1624579200%3A13_166_55_99_234_57_56_161_8_22_81_88_165_78_5_104_54_3_220_7_71_176_233_222_231_21_230_204_189%7C1624233600%3A63%7C1625961600%3A203%7C1623974400%3A223_67_2_15%7C1624665600%3A35%7C1628553600%3A69; KRTBCOOKIE_153=19420-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4&KRTB&22979-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Jun 2021 01:06:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6972336564145092756; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 01:06:50 GMT; path=/ PugT=1623373610; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 01:06:50 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Sep-2021 01:06:50 GMT; path=/
x-lat
lhrpug008:0:415
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 11 Jun 2021 01:06:50 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6972336564145092756; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972336564145092756
adx
match.prod.bidr.io/cookie-sync/ Frame 0148
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFERUpVN0JoVzRBQURMODUwSFlyZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.40.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AADEJU7BhW4AADL850HYrg; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Fri, 11 Jun 2021 01:06:51 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Fri, 11 Jun 2021 01:06:51 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Pug
simage2.pubmatic.com/AdServer/ Frame F2AE
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6865043306
  • https://sync.1rx.io/usersync/tradedesk/2febde62-1eb8-42a9-b25a-c98646bb342b
  • https://sync.targeting.unrulymedia.com/csync/RX-69028778-2a49-4435-bd15-78f839ab6793-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-69028778-2a49-4435-bd15-78f839ab6793-003
42 B
432 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-69028778-2a49-4435-bd15-78f839ab6793-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-69028778-2a49-4435-bd15-78f839ab6793-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398; SPugT=1623373609; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&16514-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&23025-CAESEMJ1DwtBaJSATL5KWfutxx8; PugT=1623373610; KRTBCOOKIE_57=22776-8957257764456227477; KRTBCOOKIE_391=22924-5386584769435822460&KRTB&23263-5386584769435822460; KRTBCOOKIE_377=6810-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&22918-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&23031-2febde62-1eb8-42a9-b25a-c98646bb342b; KRTBCOOKIE_27=16735-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&16736-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23019-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23114-uid:8e0160c2-b727-4200-9f59-63eef7ed5593; chkChromeAb67Sec=2; DPSync3=1624579200%3A219_221_226_227_232_201_197%7C1623456000%3A174; SyncRTB3=1624579200%3A13_166_55_99_234_57_56_161_8_22_81_88_165_78_5_104_54_3_220_7_71_176_233_222_231_21_230_204_189%7C1624233600%3A63%7C1625961600%3A203%7C1623974400%3A223_67_2_15%7C1624665600%3A35%7C1628553600%3A69; KRTBCOOKIE_153=19420-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4&KRTB&22979-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4; KRTBCOOKIE_22=14911-2878901784113009453; KRTBCOOKIE_1101=23040-6972336564145092756; KRTBCOOKIE_409=22966-1MOwp2Jql8R6il4HDSqfW9Mi; KRTBCOOKIE_107=1471-uid:P4eGaIiY1LRvDk5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Jun 2021 01:06:51 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-69028778-2a49-4435-bd15-78f839ab6793-003&KRTB&17107-RX-69028778-2a49-4435-bd15-78f839ab6793-003; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Sep-2021 01:06:51 GMT; path=/ PugT=1623373611; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 01:06:51 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Sep-2021 01:06:51 GMT; path=/
x-lat
lhrpug014:0:405
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Fri, 11 Jun 2021 01:06:51 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-69028778-2a49-4435-bd15-78f839ab6793-003%22%7D; path=/; expires=Sat, 11 Jun 2022 01:06:51 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-69028778-2a49-4435-bd15-78f839ab6793-003
etag
RX690287782a494435bd1578f839ab6793003
Pug
simage2.pubmatic.com/AdServer/ Frame 6C5A
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398; SPugT=1623373609; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&16514-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&23025-CAESEMJ1DwtBaJSATL5KWfutxx8; PugT=1623373610; KRTBCOOKIE_57=22776-8957257764456227477; KRTBCOOKIE_391=22924-5386584769435822460&KRTB&23263-5386584769435822460; KRTBCOOKIE_377=6810-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&22918-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&23031-2febde62-1eb8-42a9-b25a-c98646bb342b; KRTBCOOKIE_27=16735-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&16736-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23019-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23114-uid:8e0160c2-b727-4200-9f59-63eef7ed5593; chkChromeAb67Sec=2; DPSync3=1624579200%3A219_221_226_227_232_201_197%7C1623456000%3A174; SyncRTB3=1624579200%3A13_166_55_99_234_57_56_161_8_22_81_88_165_78_5_104_54_3_220_7_71_176_233_222_231_21_230_204_189%7C1624233600%3A63%7C1625961600%3A203%7C1623974400%3A223_67_2_15%7C1624665600%3A35%7C1628553600%3A69; KRTBCOOKIE_153=19420-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4&KRTB&22979-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4; KRTBCOOKIE_22=14911-2878901784113009453
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Jun 2021 01:06:50 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug013:2:263
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=f88cfc7b-b51a-4aa0-bd5b-a8dae56d1214; path=/; domain=csync.loopme.me; Expires=Sun, 11-Jul-2021 01:06:50 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Fri, 11 Jun 2021 01:06:50 GMT
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 01F8
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=1MOwp2Jql8R6il4HDSqfW9Mi
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=1MOwp2Jql8R6il4HDSqfW9Mi
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=1MOwp2Jql8R6il4HDSqfW9Mi
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398; SPugT=1623373609; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&16514-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&23025-CAESEMJ1DwtBaJSATL5KWfutxx8; PugT=1623373610; KRTBCOOKIE_57=22776-8957257764456227477; KRTBCOOKIE_391=22924-5386584769435822460&KRTB&23263-5386584769435822460; KRTBCOOKIE_377=6810-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&22918-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&23031-2febde62-1eb8-42a9-b25a-c98646bb342b; KRTBCOOKIE_27=16735-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&16736-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23019-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23114-uid:8e0160c2-b727-4200-9f59-63eef7ed5593; chkChromeAb67Sec=2; DPSync3=1624579200%3A219_221_226_227_232_201_197%7C1623456000%3A174; SyncRTB3=1624579200%3A13_166_55_99_234_57_56_161_8_22_81_88_165_78_5_104_54_3_220_7_71_176_233_222_231_21_230_204_189%7C1624233600%3A63%7C1625961600%3A203%7C1623974400%3A223_67_2_15%7C1624665600%3A35%7C1628553600%3A69; KRTBCOOKIE_153=19420-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4&KRTB&22979-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Jun 2021 01:06:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-1MOwp2Jql8R6il4HDSqfW9Mi; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 01:06:50 GMT; path=/ PugT=1623373610; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 01:06:50 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Sep-2021 01:06:50 GMT; path=/
x-lat
lhrpug004:0:350
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 11 Jun 2021 01:06:50 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=1MOwp2Jql8R6il4HDSqfW9Mi; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=1MOwp2Jql8R6il4HDSqfW9Mi
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame 9630 		42 B
1009 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7d3s
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a9a3497070000323c54041000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65d6f06b3f02323c-FRA
bridge
cm.adgrx.com/ Frame F83A 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Fri, 11 Jun 2021 01:06:50 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-5
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 0623
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
471 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=ajnoeUOleqoPZabppyNHYZdjYEAZc3EI6ITjJXZciEBP
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=ahnsIHm5ab7AyuoCUkT2w3ZbW7jBxXfeFdsZatZdBicdxR8jw2rpoWorpbkmrnIBLf1KEFZaRQP9FMJKZbsRrr7woVNIF; path=/; domain=.tribalfusion.com; expires=Thu, 09-Sep-2021 01:06:51 GMT; SameSite=None; Secure; ANON_ID_old=ahnsIHm5ab7AyuoCUkT2w3ZbW7jBxXfeFdsZatZdBicdxR8jw2rpoWorpbkmrnIBLf1KEFZaRQP9FMJKZbsRrr7woVNIF; path=/; domain=.tribalfusion.com; expires=Thu, 09-Sep-2021 01:06:51 GMT;
cf-cache-status
DYNAMIC
cf-request-id
0a9a3497b400002c2247807000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65d6f06c5e552c22-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Fri, 11 Jun 2021 01:06:50 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
3770
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=ajnoeUOleqoPZabppyNHYZdjYEAZc3EI6ITjJXZciEBP; path=/; domain=.tribalfusion.com; expires=Thu, 09-Sep-2021 01:06:50 GMT; SameSite=None; Secure; ANON_ID_old=ajnoeUOleqoPZabppyNHYZdjYEAZc3EI6ITjJXZciEBP; path=/; domain=.tribalfusion.com; expires=Thu, 09-Sep-2021 01:06:50 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
0a9a34970900002c228720c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65d6f06b4d142c22-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 1531
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=9SGwjwss4jF1&pid=557219
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=9SGwjwss4jF1&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=9SGwjwss4jF1&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398; SPugT=1623373609; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&16514-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&23025-CAESEMJ1DwtBaJSATL5KWfutxx8; PugT=1623373610; KRTBCOOKIE_57=22776-8957257764456227477; KRTBCOOKIE_391=22924-5386584769435822460&KRTB&23263-5386584769435822460; KRTBCOOKIE_377=6810-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&22918-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&23031-2febde62-1eb8-42a9-b25a-c98646bb342b; KRTBCOOKIE_27=16735-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&16736-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23019-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23114-uid:8e0160c2-b727-4200-9f59-63eef7ed5593; chkChromeAb67Sec=2; DPSync3=1624579200%3A219_221_226_227_232_201_197%7C1623456000%3A174; SyncRTB3=1624579200%3A13_166_55_99_234_57_56_161_8_22_81_88_165_78_5_104_54_3_220_7_71_176_233_222_231_21_230_204_189%7C1624233600%3A63%7C1625961600%3A203%7C1623974400%3A223_67_2_15%7C1624665600%3A35%7C1628553600%3A69; KRTBCOOKIE_153=19420-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4&KRTB&22979-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4; KRTBCOOKIE_22=14911-2878901784113009453; KRTBCOOKIE_1101=23040-6972336564145092756; KRTBCOOKIE_409=22966-1MOwp2Jql8R6il4HDSqfW9Mi; KRTBCOOKIE_107=1471-uid:P4eGaIiY1LRvDk5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Jun 2021 01:06:51 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Sep-2021 01:06:51 GMT; path=/
x-lat
lhrpug002:0:416
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-8474b759f8-k8nvs
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=9SGwjwss4jF1&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=23ec355ba7b3fdcc; path=/; HttpOnly; Secure; SameSite=None
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame FC16
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=22f8c018-1642-4602-b5d2-07d55df2c297-tuct7bc3caa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
58 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=22f8c018-1642-4602-b5d2-07d55df2c297-tuct7bc3caa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=22f8c018-1642-4602-b5d2-07d55df2c297-tuct7bc3caa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=22f8c018-1642-4602-b5d2-07d55df2c297-tuct7bc3caa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 11 Jun 2021 01:06:50 GMT
via
1.1 varnish
x-served-by
cache-fra19134-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1623373611.856917,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=22f8c018-1642-4602-b5d2-07d55df2c297-tuct7bc3caa;Version=1;Path=/;Domain=.taboola.com;Expires=Sat, 11-Jun-2022 01:06:50 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=22f8c018-1642-4602-b5d2-07d55df2c297-tuct7bc3caa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 11 Jun 2021 01:06:50 GMT
via
1.1 varnish
x-served-by
cache-fra19134-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1623373611.761772,VS0,VE67
x-vcl-time-ms
67
content-length
0
141
match.deepintent.com/usersync/ Frame B7DF 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Fri, 11 Jun 2021 01:06:50 GMT
server
b
check
pixel.tapad.com/idsync/ex/receive/ Frame 6DA1
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1623373610890; TapAd_DID=a2f10117-620c-429f-a74d-d33fdb6d3367
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear

Redirect headers

date
Fri, 11 Jun 2021 01:06:50 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1623373610890;Expires=Tue, 10 Aug 2021 01:06:50 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=a2f10117-620c-429f-a74d-d33fdb6d3367;Expires=Tue, 10 Aug 2021 01:06:50 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear
Pug
simage2.pubmatic.com/AdServer/ Frame 26A4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:P4eGaIiY1LRvDk5&gdpr=0&gdpr_consent=
42 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:P4eGaIiY1LRvDk5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:P4eGaIiY1LRvDk5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398; SPugT=1623373609; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&16514-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&23025-CAESEMJ1DwtBaJSATL5KWfutxx8; PugT=1623373610; KRTBCOOKIE_57=22776-8957257764456227477; KRTBCOOKIE_391=22924-5386584769435822460&KRTB&23263-5386584769435822460; KRTBCOOKIE_377=6810-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&22918-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&23031-2febde62-1eb8-42a9-b25a-c98646bb342b; KRTBCOOKIE_27=16735-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&16736-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23019-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23114-uid:8e0160c2-b727-4200-9f59-63eef7ed5593; chkChromeAb67Sec=2; DPSync3=1624579200%3A219_221_226_227_232_201_197%7C1623456000%3A174; SyncRTB3=1624579200%3A13_166_55_99_234_57_56_161_8_22_81_88_165_78_5_104_54_3_220_7_71_176_233_222_231_21_230_204_189%7C1624233600%3A63%7C1625961600%3A203%7C1623974400%3A223_67_2_15%7C1624665600%3A35%7C1628553600%3A69; KRTBCOOKIE_153=19420-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4&KRTB&22979-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4; KRTBCOOKIE_22=14911-2878901784113009453; KRTBCOOKIE_1101=23040-6972336564145092756; KRTBCOOKIE_409=22966-1MOwp2Jql8R6il4HDSqfW9Mi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Jun 2021 01:06:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:P4eGaIiY1LRvDk5; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Sep-2021 01:06:50 GMT; path=/ PugT=1623373610; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 01:06:50 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Sep-2021 01:06:50 GMT; path=/
x-lat
lhrpug005:0:457
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 11 Jun 2021 01:06:50 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:P4eGaIiY1LRvDk5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-066a1c0b271e68364@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=P4eGaIiY1LRvDk5; Domain=.w55c.net; Expires=Mon, 11-Jul-2022 01:06:50 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sun, 11-Jul-2021 01:06:50 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame B2D3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xGFt7sqtSnFGL-NrA_vURLmcrgQ
42 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xGFt7sqtSnFGL-NrA_vURLmcrgQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xGFt7sqtSnFGL-NrA_vURLmcrgQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398; SPugT=1623373609; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&16514-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&23025-CAESEMJ1DwtBaJSATL5KWfutxx8; KRTBCOOKIE_57=22776-8957257764456227477; KRTBCOOKIE_391=22924-5386584769435822460&KRTB&23263-5386584769435822460; KRTBCOOKIE_377=6810-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&22918-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&23031-2febde62-1eb8-42a9-b25a-c98646bb342b; KRTBCOOKIE_27=16735-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&16736-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23019-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23114-uid:8e0160c2-b727-4200-9f59-63eef7ed5593; chkChromeAb67Sec=2; DPSync3=1624579200%3A219_221_226_227_232_201_197%7C1623456000%3A174; SyncRTB3=1624579200%3A13_166_55_99_234_57_56_161_8_22_81_88_165_78_5_104_54_3_220_7_71_176_233_222_231_21_230_204_189%7C1624233600%3A63%7C1625961600%3A203%7C1623974400%3A223_67_2_15%7C1624665600%3A35%7C1628553600%3A69; KRTBCOOKIE_153=19420-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4&KRTB&22979-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4; KRTBCOOKIE_22=14911-2878901784113009453; KRTBCOOKIE_1101=23040-6972336564145092756; KRTBCOOKIE_409=22966-1MOwp2Jql8R6il4HDSqfW9Mi; KRTBCOOKIE_107=1471-uid:P4eGaIiY1LRvDk5; KRTBCOOKIE_594=17105-RX-69028778-2a49-4435-bd15-78f839ab6793-003&KRTB&17107-RX-69028778-2a49-4435-bd15-78f839ab6793-003; PugT=1623373611
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Jun 2021 01:06:51 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-xGFt7sqtSnFGL-NrA_vURLmcrgQ; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Sep-2021 01:06:51 GMT; path=/ PugT=1623373611; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 01:06:51 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Sep-2021 01:06:51 GMT; path=/
x-lat
lhrpug006:0:300
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Fri, 11 Jun 2021 01:06:51 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xGFt7sqtSnFGL-NrA_vURLmcrgQ
Set-Cookie
sa-user-id=s%3A0-c4616dee-caad-4a71-462f-e36b03fbd444.8DEAgIf%2FvB7Mv0NKlENOTl6eJqEn5wc1JryBnb5Ao3s; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-c4616dee-caad-4a71-462f-e36b03fbd444%24ip%24185.156.174.4.VBMb%2FRAGp%2FZxB%2Fw8tA2cg0EgxuPDRBpqoVvMGqt97wo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 0AB6
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BD38D4AAA0A148DFA4EB53701FA1929D
1 B
169 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BD38D4AAA0A148DFA4EB53701FA1929D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BD38D4AAA0A148DFA4EB53701FA1929D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398; SPugT=1623373609; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&16514-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&23025-CAESEMJ1DwtBaJSATL5KWfutxx8; PugT=1623373610; KRTBCOOKIE_57=22776-8957257764456227477; KRTBCOOKIE_391=22924-5386584769435822460&KRTB&23263-5386584769435822460; KRTBCOOKIE_377=6810-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&22918-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&23031-2febde62-1eb8-42a9-b25a-c98646bb342b; KRTBCOOKIE_27=16735-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&16736-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23019-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23114-uid:8e0160c2-b727-4200-9f59-63eef7ed5593; chkChromeAb67Sec=2; DPSync3=1624579200%3A219_221_226_227_232_201_197%7C1623456000%3A174; SyncRTB3=1624579200%3A13_166_55_99_234_57_56_161_8_22_81_88_165_78_5_104_54_3_220_7_71_176_233_222_231_21_230_204_189%7C1624233600%3A63%7C1625961600%3A203%7C1623974400%3A223_67_2_15%7C1624665600%3A35%7C1628553600%3A69
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Jun 2021 01:06:50 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 09-Sep-2021 01:06:50 GMT; path=/
x-lat
lhrpug004:0:417
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Fri, 11 Jun 2021 01:06:50 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BD38D4AAA0A148DFA4EB53701FA1929D
expires
Thu, 10 Jun 2021 01:06:50 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
usersync
match.bnmla.com/ Frame 9459 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.158 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 11 Jun 2021 01:06:58 GMT
Content-Length
0
Connection
keep-alive
p.gif
visitor.fiftyt.com/ Frame 0968
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&gdpr=&fbounce=1
0
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&gdpr=&fbounce=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.126 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
via
1.1 google
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
clear
content-length
0
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

date
Fri, 11 Jun 2021 01:06:50 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&gdpr=&fbounce=1
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
144
info2
uipglob.semasio.net/pubmatic/1/ Frame 0968
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:50 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:50 GMT
frontend-id
1
location
/pubmatic/1/info2?sType=sync&sExtCookieId=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 0968 		95 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
65d6f06b38664e9d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9a34970600004e9d393be000000001
/
loadm.exelator.com/load/ Frame 0968
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Fri, 11 Jun 2021 01:06:50 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 0968
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-psJIDmVE2uVLs5lJmbF7bDBvME4hvIM-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-psJIDmVE2uVLs5lJmbF7bDBvME4hvIM-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 11 Jun 2021 01:06:50 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-psJIDmVE2uVLs5lJmbF7bDBvME4hvIM-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 0968
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4
42 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:449
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0968
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=11dedd98-6cd3-4cd4-9b3b-97ec7c281083
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=11dedd98-6cd3-4cd4-9b3b-97ec7c281083
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=210c6684-e3c7-4cb2-9fad-9d26aa53bd50&user_group=1&ssp=pubmatic&bsw_param=11dedd98-6cd3-4cd4-9b3b-97ec7c281083
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=11dedd98-6cd3-4cd4-9b3b-97ec7c281083&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=11dedd98-6cd3-4cd4-9b3b-97ec7c281083&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:460
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=11dedd98-6cd3-4cd4-9b3b-97ec7c281083&gdpr=&gdpr_consent=&gdpr_pd=
date
Fri, 11 Jun 2021 01:06:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0968
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMK3KwABoefR0QAC&gdpr=0&gdpr_consent=&_test=YMK3KwABoefR0QAC
1 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMK3KwABoefR0QAC&gdpr=0&gdpr_consent=&_test=YMK3KwABoefR0QAC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:462
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623373612.969656,VS0,VE0
x-served-by
cache-hhn4058-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMK3KwABoefR0QAC&gdpr=0&gdpr_consent=&_test=YMK3KwABoefR0QAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0968
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2878901784113009453&gdpr=0&gdpr_consent=&us_privacy=
1 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2878901784113009453&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:441
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2878901784113009453&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 11 Jun 2021 01:06:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 0968 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:50 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0968
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2a6c92ca-5c97-4d2c-99ea-7e664810d72e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2a6c92ca-5c97-4d2c-99ea-7e664810d72e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:58 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:451
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2a6c92ca-5c97-4d2c-99ea-7e664810d72e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 11 Jun 2021 01:06:58 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 0968
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:54 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:363
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:53 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0968
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8957257764456227477
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8957257764456227477
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:56 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:360
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:56 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.53:80
AN-X-Request-Uuid
88d30774-e132-4122-bf3c-6cea86434aa0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8957257764456227477
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0968
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_25b9ed0a-55b9-400d-802a-90a3218de5fe
42 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_25b9ed0a-55b9-400d-802a-90a3218de5fe
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:56 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:438
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_25b9ed0a-55b9-400d-802a-90a3218de5fe
date
Fri, 11 Jun 2021 01:06:56 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Pug
simage2.pubmatic.com/AdServer/ Frame 0968
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4decd3a0-ca51-11eb-9ce3-4da383785529&gdpr=0&gdpr_consent=
1 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4decd3a0-ca51-11eb-9ce3-4da383785529&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:454
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4decd3a0-ca51-11eb-9ce3-4da383785529&gdpr=0&gdpr_consent=
Date
Fri, 11 Jun 2021 01:06:51 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
4decd3a1-ca51-11eb-9ce3-4da383785529
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ 		266 KB
266 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
b5a03eb067faca6c52c15bbadbea7037cef24580119560fd2307d1fe0b01ecb4

Request headers

Referer
https://vnexpress.net/
vdoai
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1686360-1958395

Response headers

Date
Fri, 11 Jun 2021 01:06:50 GMT
Last-Modified
Tue, 02 Mar 2021 06:16:32 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"603dd840-20026e8"
Content-Type
video/mp2t
Content-Range
bytes 1686360-1958395/33564392
Connection
keep-alive
Content-Length
272036
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Protocol
HTTP/1.1
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range,vdoai
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.16.1
Date
Fri, 11 Jun 2021 01:06:50 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Content-Length
0
setuid
rtb.adxpremium.services/ Frame F854
Redirect Chain
  • https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D
  • https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=zh9H8AR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RX...
  • https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=8957257764456227477&mpk=zh9H8AR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV...
  • https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=8957257764456227477
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=8957257764456227477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:621d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://user-sync.adxpremium.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:51 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OKAc1Cri7zuWZSWH%2BsM2Tdu18rD0%2BgrMZgV1pFC794kgcYo86Zra51Us6xIQ%2BiXjGmNtypaaCjdfDwQZykM%2BTqGbCoI2hmYU4XQ5t6t4hsMCQpQrWbJJVfASD%2Fj8MsrP1zjeaeboJDp5hxvDXmT3OfE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
65d6f06f6ea2d70d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0a9a3499a20000d70df3aed000000001
expires
0

Redirect headers

date
Fri, 11 Jun 2021 01:06:51 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1q346N6BlvYpeml%2BnA%2FUv4bvzgsuNziqopBEEwECWiC24yA9qFp5F3cL8daOfhfACh7tFR2WLh6sBtcguV7IVA%2BLlthuth8vfwpIC2C3sgodMeCZ4F4q7dswYgVB2g0SqtoCowVR48U%3D"}],"group":"cf-nel","max_age":604800}
location
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=8957257764456227477
cf-ray
65d6f06cd8e805bb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0a9a349809000005bb35ae8000000001
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CZ&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=46052&t=1623373606&cip=185.156.174.4&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=4&aafaid=&proto=https&uid=1623373606425-943677653332-008752-015-002268&cha=0.7&stagid=&stplid=&cb=40363733693&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 11 Jun 2021 01:06:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7BE5 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398; SPugT=1623373609; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&16514-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&23025-CAESEMJ1DwtBaJSATL5KWfutxx8; KRTBCOOKIE_57=22776-8957257764456227477; KRTBCOOKIE_391=22924-5386584769435822460&KRTB&23263-5386584769435822460; KRTBCOOKIE_377=6810-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&22918-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&23031-2febde62-1eb8-42a9-b25a-c98646bb342b; KRTBCOOKIE_27=16735-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&16736-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23019-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23114-uid:8e0160c2-b727-4200-9f59-63eef7ed5593; repi=1; chkChromeAb67Sec=2; DPSync3=1624579200%3A219_221_226_227_232_201_197%7C1623456000%3A174; SyncRTB3=1624579200%3A13_166_55_99_234_57_56_161_8_22_81_88_165_78_5_104_54_3_220_7_71_176_233_222_231_21_230_204_189%7C1624233600%3A63%7C1625961600%3A203%7C1623974400%3A223_67_2_15%7C1624665600%3A35%7C1628553600%3A69; KRTBCOOKIE_153=19420-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4&KRTB&22979-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4; KRTBCOOKIE_22=14911-2878901784113009453; KRTBCOOKIE_1101=23040-6972336564145092756; KRTBCOOKIE_409=22966-1MOwp2Jql8R6il4HDSqfW9Mi; KRTBCOOKIE_107=1471-uid:P4eGaIiY1LRvDk5; KRTBCOOKIE_594=17105-RX-69028778-2a49-4435-bd15-78f839ab6793-003&KRTB&17107-RX-69028778-2a49-4435-bd15-78f839ab6793-003; PugT=1623373611; KRTBCOOKIE_860=16335-xGFt7sqtSnFGL-NrA_vURLmcrgQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=106301
expires
Sat, 12 Jun 2021 06:38:32 GMT
date
Fri, 11 Jun 2021 01:06:51 GMT
vary
Accept-Encoding
/
ads.us.e-planning.net/uspd/1/ Frame CD2E
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_...
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
224836d41fc5b01fb0cca2cf0680ed0554281410de0630b69fa492654bf2fd22

Request headers

:method
GET
:authority
ads.us.e-planning.net
:scheme
https
:path
/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://user-sync.adxpremium.services/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
CT=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

server
openresty
date
Fri, 11 Jun 2021 01:06:51 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie
E=AE1rmmt7QUleGmgB; path=/; domain=e-planning.net; expires=Fri, 09-Jun-2028 01:06:51 GMT; SameSite=None; Secure
expires
Fri, 11 Jun 2021 01:06:51 GMT
x-sid
AMS-748
content-encoding
gzip

Redirect headers

server
openresty
date
Fri, 11 Jun 2021 01:06:51 GMT
content-type
text/html; charset=iso-8859-1
set-cookie
CT=1; path=/; SameSite=None; Secure
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
x-sid
AMS-748
PugMaster
image6.pubmatic.com/AdServer/ Frame 7BE5 		182 B
405 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65474028&p=158804&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f63578aaca44c74ccd2433797e68d584d2bd4700b5364415361ec36dd664b476

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
182
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 7BE5
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398
  • https://a.audrte.com/p
68 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.191.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:52 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 11 Jun 2021 01:06:52 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame CD2E
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D7365be475a47309e
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=7365be475a47309e
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=7365be475a47309e
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:51 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=7365be475a47309e
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
sync.e-planning.net/ Frame CD2E
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-69028778-2a49-4435-bd15-78f839ab6793-003&rndcb=8946962466
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=11dedd98-6cd3-4cd4-9b3b-97ec7c281083&google_hm=MTFkZWRkOTgtNmNkMy00Y2Q0LTliM2ItOTdlYzdjMjgx...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEF3dkDchZdbVT4x7eWoiook&google_cver=1&ssp=adconductor&bsw_param=11dedd98-6cd3-4cd4-9b3b-97ec7c281083
  • https://sync.1rx.io/usersync/bidswitch/11dedd98-6cd3-4cd4-9b3b-97ec7c281083?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-69028778-2a49-4435-bd15-78f839ab6793-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-69028778-2a49-4435-bd15-78f839ab6793-003%26dc%3D1079...
  • https://sync.e-planning.net/um?uid=RX-69028778-2a49-4435-bd15-78f839ab6793-003&dc=1079cc634ca638f8&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-69028778-2a49-4435-bd15-78f839ab6793-003&dc=1079cc634ca638f8&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:54 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-69028778-2a49-4435-bd15-78f839ab6793-003&dc=1079cc634ca638f8&iss=1
date
Fri, 11 Jun 2021 01:06:51 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX690287782a494435bd1578f839ab6793003
content-type
text/html
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame CD2E 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 10 Jun 2026 01:06:51 GMT
tm60118.js
tag.navdmp.com/ Frame CD2E 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm60118.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3380
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id
0a9a349a9a00004ac29b906000000001
last-modified
Wed, 18 Nov 2020 16:32:07 GMT
server
cloudflare
etag
W/"5fb54c87-2ef4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
65d6f070fddb4ac2-FRA
expires
Fri, 11 Jun 2021 01:10:31 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame CD2E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 10 Jun 2026 01:06:51 GMT
um
u-ams02.e-planning.net/ Frame CD2E
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D7365be475a47309e%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=7365be475a47309e&uid=fe7fdaf4-fc77-4281-8fe2-0a4926dc9fb3
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=7365be475a47309e&uid=fe7fdaf4-fc77-4281-8fe2-0a4926dc9fb3
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:51 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=7365be475a47309e&uid=fe7fdaf4-fc77-4281-8fe2-0a4926dc9fb3
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
1vfcts3va49bj1ldndro0bueekd9fiqt
ptag
a.audrte.com/ Frame CD2E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.191.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
310643e1c4ce188602ab77ca57e727934c1d8b17554f9a29de28005ad23625fe

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:51 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
transfer-encoding
chunked
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame CD2E 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 10 Jun 2026 01:06:51 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame CD2E 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D7365be475a47309e%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:51 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame CD2E
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D7365be475a47309e
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:54 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Fri, 11 Jun 2021 01:06:54 GMT
server
nginx/1.10.3
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame CD2E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7365be475a47309e%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7365be475a47309e&uid=8957257764456227477
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7365be475a47309e&uid=8957257764456227477
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:51 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.239:80
AN-X-Request-Uuid
503f6200-f76f-43ee-a62a-95f6246b3976
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7365be475a47309e&uid=8957257764456227477
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame CD2E 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D7365be475a47309e%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:51 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame CD2E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-rC4nEuhE2uEEN_UlrTCJBX7ZI0GZNhG5rDjGcaw-~A
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-rC4nEuhE2uEEN_UlrTCJBX7ZI0GZNhG5rDjGcaw-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:54 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Fri, 11 Jun 2021 01:06:51 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-rC4nEuhE2uEEN_UlrTCJBX7ZI0GZNhG5rDjGcaw-~A
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame CD2E
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D7365be475a47309e%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=7365be475a47309e&uid=227f1703c8b198928d58cfde8da36d2871834372
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=7365be475a47309e&uid=227f1703c8b198928d58cfde8da36d2871834372
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:53 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=7365be475a47309e&uid=227f1703c8b198928d58cfde8da36d2871834372
Date
Fri, 11 Jun 2021 01:06:53 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
um
u-ams02.e-planning.net/ Frame CD2E
Redirect Chain
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3D7365be475a47309e
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=7365be475a47309e&uid=0200000010B7C2601016C07002938B90
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=7365be475a47309e&uid=0200000010B7C2601016C07002938B90
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=7365be475a47309e&uid=0200000010B7C2601016C07002938B90
date
Fri, 11 Jun 2021 01:06:24 GMT
server
nginx/1.20.1
content-type
text/html
content-length
145
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
test_dmp.html
s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/ Frame CD2E 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/test_dmp.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
usync.html
eus.rubiconproject.com/ Frame 7EFD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 11 Jun 2021 01:06:55 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Fri, 11 Jun 2021 01:06:54 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B505 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7365be475a47309e%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7365be475a47309e%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398; SPugT=1623373609; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&16514-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&23025-CAESEMJ1DwtBaJSATL5KWfutxx8; KRTBCOOKIE_57=22776-8957257764456227477; KRTBCOOKIE_391=22924-5386584769435822460&KRTB&23263-5386584769435822460; KRTBCOOKIE_377=6810-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&22918-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&23031-2febde62-1eb8-42a9-b25a-c98646bb342b; KRTBCOOKIE_27=16735-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&16736-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23019-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23114-uid:8e0160c2-b727-4200-9f59-63eef7ed5593; repi=1; SyncRTB3=1624579200%3A13_166_55_99_234_57_56_161_8_22_81_88_165_78_5_104_54_3_220_7_71_176_233_222_231_21_230_204_189%7C1624233600%3A63%7C1625961600%3A203%7C1623974400%3A223_67_2_15%7C1624665600%3A35%7C1628553600%3A69; KRTBCOOKIE_153=19420-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4&KRTB&22979-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4; KRTBCOOKIE_22=14911-2878901784113009453; KRTBCOOKIE_1101=23040-6972336564145092756; KRTBCOOKIE_409=22966-1MOwp2Jql8R6il4HDSqfW9Mi; KRTBCOOKIE_107=1471-uid:P4eGaIiY1LRvDk5; KRTBCOOKIE_594=17105-RX-69028778-2a49-4435-bd15-78f839ab6793-003&KRTB&17107-RX-69028778-2a49-4435-bd15-78f839ab6793-003; PugT=1623373611; KRTBCOOKIE_860=16335-xGFt7sqtSnFGL-NrA_vURLmcrgQ; KRTBCOOKIE_279=22890-4decd3a0-ca51-11eb-9ce3-4da383785529&KRTB&23011-4decd3a0-ca51-11eb-9ce3-4da383785529; KCCH=YES; chkChromeAb67Sec=3; DPSync3=1623456000%3A174%7C1624579200%3A221_226_235_219_227_232_201_197; pubsyncexp=1623395211556
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 01 Jun 2021 06:44:25 GMT
etag
"1300708-2080-5c3aeac410031"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2586
content-type
text/html; charset=UTF-8
cache-control
max-age=107317
expires
Sat, 12 Jun 2021 06:55:28 GMT
date
Fri, 11 Jun 2021 01:06:51 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame F8F1 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7365be475a47309e%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7365be475a47309e%26uid%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398; SPugT=1623373609; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&16514-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&23025-CAESEMJ1DwtBaJSATL5KWfutxx8; KRTBCOOKIE_57=22776-8957257764456227477; KRTBCOOKIE_391=22924-5386584769435822460&KRTB&23263-5386584769435822460; KRTBCOOKIE_377=6810-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&22918-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&23031-2febde62-1eb8-42a9-b25a-c98646bb342b; KRTBCOOKIE_27=16735-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&16736-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23019-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23114-uid:8e0160c2-b727-4200-9f59-63eef7ed5593; repi=1; SyncRTB3=1624579200%3A13_166_55_99_234_57_56_161_8_22_81_88_165_78_5_104_54_3_220_7_71_176_233_222_231_21_230_204_189%7C1624233600%3A63%7C1625961600%3A203%7C1623974400%3A223_67_2_15%7C1624665600%3A35%7C1628553600%3A69; KRTBCOOKIE_153=19420-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4&KRTB&22979-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4; KRTBCOOKIE_22=14911-2878901784113009453; KRTBCOOKIE_1101=23040-6972336564145092756; KRTBCOOKIE_409=22966-1MOwp2Jql8R6il4HDSqfW9Mi; KRTBCOOKIE_107=1471-uid:P4eGaIiY1LRvDk5; KRTBCOOKIE_594=17105-RX-69028778-2a49-4435-bd15-78f839ab6793-003&KRTB&17107-RX-69028778-2a49-4435-bd15-78f839ab6793-003; PugT=1623373611; KRTBCOOKIE_860=16335-xGFt7sqtSnFGL-NrA_vURLmcrgQ; KRTBCOOKIE_279=22890-4decd3a0-ca51-11eb-9ce3-4da383785529&KRTB&23011-4decd3a0-ca51-11eb-9ce3-4da383785529; KCCH=YES; chkChromeAb67Sec=3; DPSync3=1623456000%3A174%7C1624579200%3A221_226_235_219_227_232_201_197; pubsyncexp=1623395211556
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7365be475a47309e%26uid%3D

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=106301
expires
Sat, 12 Jun 2021 06:38:32 GMT
date
Fri, 11 Jun 2021 01:06:51 GMT
vary
Accept-Encoding
um
u-ams02.e-planning.net/ Frame E7A0 		42 B
104 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=7365be475a47309e&uid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method
GET
:authority
u-ams02.e-planning.net
:scheme
https
:path
/um?dc=a208d9366469aa64&fi=7365be475a47309e&uid=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
E=AE1rmmt7QUleGmgB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
openresty
date
Fri, 11 Jun 2021 01:06:51 GMT
content-type
image/gif
Cookie set usermatch
ssum.casalemedia.com/ Frame A772
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7365be475a47309e%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7365be475a47309e%26uid%3D&s=190243&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7365be475a47309e%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6f3ef15a05a6c449824a234c7e657aa77abb0830fd22dc552c9738a039ff0443

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YMK3LI4f45Hfps5IucTAWwAA; CMPS=5165
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|45|41|46|81|65
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1777
Expires
Fri, 11 Jun 2021 01:06:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:53 GMT
Connection
keep-alive
Set-Cookie
CMID=YMK3LI4f45Hfps5IucTAWwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Jun 2022 01:06:53 GMT CMPS=5165;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Sep 2021 01:06:53 GMT CMPRO=1139;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Sep 2021 01:06:53 GMT CMST=YMK3LWDCty0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 12 Jun 2021 01:06:53 GMT CMRUM3=2e60c2b72d05a0&f160c2b72d05a0&2960c2b72d05a0&e660c2b72d2760&2760c2b72d0b40&4160c2b72d05a0&2d60c2b72d05a0&5160c2b72d05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Jun 2022 01:06:53 GMT

Redirect headers

Server
Apache
Content-Length
345
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7365be475a47309e%26uid%3D&s=190243&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 11 Jun 2021 01:06:52 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:52 GMT
Connection
keep-alive
Set-Cookie
CMID=YMK3LI4f45Hfps5IucTAWwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Jun 2022 01:06:52 GMT CMPS=5165;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Sep 2021 01:06:52 GMT
/
spl.zeotap.com/ Frame 6046 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
750759df166f9a8a921c974710f98d37d359afb542fb9b6fd73cac7b0986445a

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=4ab9a3ff-66ef-460d-762a-77376ac758b7; zsc=%AD%F5%FA%DA%A4%40%19b%FE%BCM%A2%AF%EB~%8E~%C6%AF%87n%85%90%7D%FB%D6R%7B%03%18%AB%C8hST%F1%E4%25%D0%A9%8A%D60v%1E%7B%C3z%FF%91%7C%F7%A1%96%80%14%0F%B2%99%81HcX6%3EH%F5y%3D%EB%91%A5%09%0A%F2%01%21%D8%B05%9B%C2%5D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
set-cookie
zc=4ab9a3ff-66ef-460d-762a-77376ac758b7; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%87%FD%D3%C1%F3%BA%1F-%81%C5%F7u%18Q%82%2B%EF%E8%2F%87%CB%C8%E4%DCb%E5%ABU%E2%99%D7%E1%5B%A5%A3%FD%83%FA%B0Ul%F9n%AA%FA%19%BFsJ%C3%D8%3FS%19%F3%16%B2I%3A%B2%2CbN%B6%D1Z7T%8B%1Fr%D6P%84%EB%19R%13%0B%26%80%1CD%8D%D7%F8%A3%F1%99%3C%09%26V%FE%27%E5%3C%E8u%E9E%CE.%88%A9W%F5f%FA%EEH%92m%C8Q%BF%7D%12%8Duq%B0%ACQ%AF%A5u%D4%AC%EE%5DC~%C1+7%0CLD%A3%9B%0E%0B%C0%24%D5%60%99%80%02%CE%E5P%87%60u%12%08%F6%91v%00%E2F%09%00%9Bz%06%1F%912; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
0a9a349b3d00004e9d713d7000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65d6f071e9254e9d-FRA
content-encoding
br
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?r=vnexpress.net&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=3&apppkg=&fv=3&proto=https
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 11 Jun 2021 01:06:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
getuid
ib.adnxs.com/ Frame 6046 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 6046
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://mwzeom.zeotap.com/mw?cid=a2f10117-620c-429f-a74d-d33fdb6d3367&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=a2f10117-620c-429f-a74d-d33fdb6d3367&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d6f07299d74e9d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9a349b9a00004e9d2c09d000000001

Redirect headers

date
Fri, 11 Jun 2021 01:06:51 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=a2f10117-620c-429f-a74d-d33fdb6d3367&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
alt-svc
clear
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 6046 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:51 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 6046
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ab9a3ff-66ef-460d-762a-77376ac758b7%26reqId%3D8...
  • https://mwzeom.zeotap.com/mw?cid=2febde62-1eb8-42a9-b25a-c98646bb342b&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=2febde62-1eb8-42a9-b25a-c98646bb342b&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d6f072b9fd4e9d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9a349bb200004e9d41ba4000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=2febde62-1eb8-42a9-b25a-c98646bb342b&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 6046 		0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
date
Fri, 11 Jun 2021 01:06:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1623373612.907804,VS0,VE67
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19134-FRA
u
dmp.v.fwmrm.net/ad/ Frame 6046 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:5::49 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:52 GMT
Cache-Control
no-store
Expires
0
Content-Type
text/html
Content-Length
0
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 6046 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ab9a3ff-66ef-460d-762a-77376ac758b7%26reqId%3D8c0a925f-e7aa-4595-5c51-14c2572e7a34%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 6046
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=2bfb1813-897d-48ae-ab62-a9a5eafdb82c&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=2bfb1813-897d-48ae-ab62-a9a5eafdb82c&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d6f0733aed4e9d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9a349c0500004e9d45905000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:52 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=2bfb1813-897d-48ae-ab62-a9a5eafdb82c&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 6046
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=4ab9a3ff-66ef-460d-762a-77376ac758b7&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=4ab9a3ff-66ef-460d-762a-77376ac758b7&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=39371294283092625150768557121653947663&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=39371294283092625150768557121653947663&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d6f07a8c8f4e9d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9a34a09800004e9d761bf000000001

Redirect headers

DCS
dcs-prod-irl1-2-v008-0211feebd.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
6h47sw6+Q30=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=39371294283092625150768557121653947663&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 6046 		0
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 6046
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=4ab9a3ff-66ef-460d-762a-77376ac758b7&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021061103-54195-0.049239001623373614-e0df979f7e4d397dee1087e8affe099e&zdid=533&env=mWeb
95 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021061103-54195-0.049239001623373614-e0df979f7e4d397dee1087e8affe099e&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d6f081be494e9d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9a34a51300004e9d5a8cb000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021061103-54195-0.049239001623373614-e0df979f7e4d397dee1087e8affe099e&zdid=533&env=mWeb
Date
Fri, 11 Jun 2021 01:06:54 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 6046
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=6972336564145092756&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-...
95 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6972336564145092756&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d6f0731aaf4e9d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9a349bec00004e9d223ee000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=6972336564145092756&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Date
Fri, 11 Jun 2021 01:06:51 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 6046 		95 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=4ab9a3ff-66ef-460d-762a-77376ac758b7
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.36.v20210114) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
mw
mwzeom.zeotap.com/ Frame 6046
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=4ab9a3ff-66ef-460d-762a-77376ac758b7&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=4ab9a3ff-66ef-460d-762a-77376ac758b7&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=EG0XpwRSXomal0PeXqElSe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-45...
95 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=EG0XpwRSXomal0PeXqElSe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d6f07e79f54e9d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9a34a30a00004e9d57aa9000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:53 GMT
via
1.1 google
last-modified
Fri, 11 Jun 2021 01:06:53 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=EG0XpwRSXomal0PeXqElSe&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 6046 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=4ab9a3ff-66ef-460d-762a-77376ac758b7&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.102 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:52 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 6046
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=4ab9a3ff-66ef-460d-762a-77376ac758b7?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=5fcf193cb05933b0b37be3d61ca814ec&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=5fcf193cb05933b0b37be3d61ca814ec&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d6f0733aeb4e9d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9a349c0400004e9d39000000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:52 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=5fcf193cb05933b0b37be3d61ca814ec&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
cache-control
no-cache
x-server
10.45.7.76
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 6046
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-cgfKE_ZE2oqrUP.oUV9ppJqGNHHjhjSoKA--~A&zpartnerid=570&env=mWeb
95 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-cgfKE_ZE2oqrUP.oUV9ppJqGNHHjhjSoKA--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d6f099ef734e9d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9a34b43400004e9d5dbc2000000001

Redirect headers

date
Fri, 11 Jun 2021 01:06:58 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-cgfKE_ZE2oqrUP.oUV9ppJqGNHHjhjSoKA--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 6046
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ef4PknNLWJCWb3hPpRyJ2ba5pk62UZFF%2BS41iYitP1U%3D
95 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ef4PknNLWJCWb3hPpRyJ2ba5pk62UZFF%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d6f07a5c404e9d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9a34a07200004e9d15acf000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:53 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ef4PknNLWJCWb3hPpRyJ2ba5pk62UZFF%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 6046 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=4ab9a3ff-66ef-460d-762a-77376ac758b7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:52 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 6046 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.215.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-215-228.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:53 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1623373613
x-served-by
beacon-n008-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 6046 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=4ab9a3ff-66ef-460d-762a-77376ac758b7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:54 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 6046
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMK3KwABeL8RBgBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c...
95 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMK3KwABeL8RBgBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361&_test=YMK3KwABeL8RBgBg
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d6f0735b154e9d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9a349c1800004e9d572ac000000001

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1623373612.040432,VS0,VE0
x-served-by
cache-hhn4058-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YMK3KwABeL8RBgBg&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361&_test=YMK3KwABeL8RBgBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 6046
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=8e0160c2-b727-4200-9f59-63eef7ed5593&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925...
95 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=8e0160c2-b727-4200-9f59-63eef7ed5593&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d6f08bebcf4e9d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9a34ab6e00004e9d79295000000001

Redirect headers

Date
Fri, 11 Jun 2021 01:06:55 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=8e0160c2-b727-4200-9f59-63eef7ed5593&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 11 Jun 2021 01:06:54 GMT
usermatch.gif
beacon.krxd.net/ Frame 6046
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.215.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-215-228.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:53 GMT
cache-control
private, no-cache, no-store
x-request-time
D=72 t=1623373613
x-served-by
beacon-n009-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
date
Fri, 11 Jun 2021 01:06:53 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a012-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 6046
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4ab9a3ff-66ef-460d-762a-77376ac758b7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4ab9a3ff-66ef-460d-762a-77376ac758b7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4ab9a3ff-66ef-460d-762a-77376ac758b7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:52 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:52 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=4ab9a3ff-66ef-460d-762a-77376ac758b7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 6046
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=4ab9a3ff-66ef-460d-762a-77376ac758b7&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
65d6f0772ffb4e9d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a9a349e7600004e9d180e3000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Fri, 11 Jun 2021 01:06:52 GMT
Connection
keep-alive
Content-Length
0
BK-Server
27a8
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 6046 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D4ab9a3ff-66ef-460d-762a-77376ac758b7%26reqId%3D8c0a925f-e7aa-4595-5c51-14c2572e7a34%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.223.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 6046 		557 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36cc442f0b710c2211d58862d342f493eeed296054819ff819dcbc241838b757

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
65d6f07259994e9d-FRA
date
Fri, 11 Jun 2021 01:06:51 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
0a9a349b7800004e9d6c0cb000000001
cmp
spl.zeotap.com/ Frame 6046 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=4ab9a3ff-66ef-460d-762a-77376ac758b7&reqId=8c0a925f-e7aa-4595-5c51-14c2572e7a34&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=4ab9a3ff-66ef-460d-762a-77376ac758b7; zsc=%87%FD%D3%C1%F3%BA%1F-%81%C5%F7u%18Q%82%2B%EF%E8%2F%87%CB%C8%E4%DCb%E5%ABU%E2%99%D7%E1%5B%A5%A3%FD%83%FA%B0Ul%F9n%AA%FA%19%BFsJ%C3%D8%3FS%19%F3%16%B2I%3A%B2%2CbN%B6%D1Z7T%8B%1Fr%D6P%84%EB%19R%13%0B%26%80%1CD%8D%D7%F8%A3%F1%99%3C%09%26V%FE%27%E5%3C%E8u%E9E%CE.%88%A9W%F5f%FA%EEH%92m%C8Q%BF%7D%12%8Duq%B0%ACQ%AF%A5u%D4%AC%EE%5DC~%C1+7%0CLD%A3%9B%0E%0B%C0%24%D5%60%99%80%02%CE%E5P%87%60u%12%08%F6%91v%00%E2F%09%00%9Bz%06%1F%912
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
0a9a349b9800004e9d5cb46000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65d6f07289d34e9d-FRA
cc.js
tags.crwdcntrl.net/c/15238/ Frame CD2E 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.241.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-241-58.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 10 Jun 2021 08:55:07 GMT
content-encoding
gzip
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
58308
etag
W/"2b2f816f40499d384e118ce88a266e02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 e6726d8c260dc6d0bdf74050840f4b1b.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
IGRUQLh8w1noCrsTbV9psitO7zGgqlRHX_t_tJlNWHKhU5FKd4i3dg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame C5CA 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method
GET
:authority
s.e-planning.net
:scheme
https
:path
/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
E=AE1rmmt7QUleGmgB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Fri, 11 Jun 2021 01:06:51 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Wed, 10 Jun 2026 01:06:51 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame 88EE 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35ff101a93a8fc0f7e275bb3f413eabdf7626d7378035cd4118f9a36244dd410

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
content-type
text/html
set-cookie
uid=e6371b2a-6b8f-4665-8f56-e6e140f33962; expires=Thu, 01 Jul 2021 01:06:52 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0a9a349c2d00001f2d45a55000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pTmgQUEd2ld2rpVtjgO2vSFMBnmz4Fxa3OnK2pADz%2Bq%2B24aWKniBjnIZiI7rFjwWsmfqXcy1RTQGR3dCKolbBxKxWJ1HCA5pqlp96LxB5ONTUCsP3EFF2j%2F5OUHd9BjMM%2FT0MyVCzg5nRcs%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65d6f0737dc71f2d-FRA
content-encoding
br
setuid
rtb.adxpremium.services/ Frame B933
Redirect Chain
  • https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID
  • https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AE1rmmt7QUleGmgB
0
936 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AE1rmmt7QUleGmgB
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:621d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
rtb.adxpremium.services
:scheme
https
:path
/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AE1rmmt7QUleGmgB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSCookie=1; uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJiMTc2Yjk5ZTNhNTMwYTZkIiwiZXhwaXJlcyI6IjIwMjEtMDYtMjVUMDM6MDY6NDkuMzY5NTA3NjQ1KzAyOjAwIn0sIm1hcnNtZWRpYSI6eyJ1aWQiOiI4OTU3MjU3NzY0NDU2MjI3NDc3IiwiZXhwaXJlcyI6IjIwMjEtMDYtMjVUMDM6MDY6NTEuNDU0MTU1NDA1KzAyOjAwIn0sInB1Ym1hdGljIjp7InVpZCI6IkVFQkRENUYxLUVCQjItNDMyRC1BQUZELUU1RkE0NTlEMzM5OCIsImV4cGlyZXMiOiIyMDIxLTA2LTI1VDAzOjA2OjUwLjQ5MTAwNjAxNiswMjowMCJ9fSwiYmRheSI6IjIwMjEtMDYtMTFUMDM6MDY6NDkuMzY5NDk4NzcrMDI6MDAifQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
content-length
0
cache-control
no-cache, no-store, must-revalidate
expires
0
pragma
no-cache
set-cookie
SSCookie=1; Path=/; Expires=Thu, 09 Sep 2021 01:06:52 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJiMTc2Yjk5ZTNhNTMwYTZkIiwiZXhwaXJlcyI6IjIwMjEtMDYtMjVUMDM6MDY6NDkuMzY5NTA3NjQ1KzAyOjAwIn0sImVwbGFubmluZyI6eyJ1aWQiOiJBRTFybW10N1FVbGVHbWdCIiwiZXhwaXJlcyI6IjIwMjEtMDYtMjVUMDM6MDY6NTIuNDM3MTQxMDExKzAyOjAwIn0sIm1hcnNtZWRpYSI6eyJ1aWQiOiI4OTU3MjU3NzY0NDU2MjI3NDc3IiwiZXhwaXJlcyI6IjIwMjEtMDYtMjVUMDM6MDY6NTEuNDU0MTU1NDA1KzAyOjAwIn0sInB1Ym1hdGljIjp7InVpZCI6IkVFQkRENUYxLUVCQjItNDMyRC1BQUZELUU1RkE0NTlEMzM5OCIsImV4cGlyZXMiOiIyMDIxLTA2LTI1VDAzOjA2OjUwLjQ5MTAwNjAxNiswMjowMCJ9fSwiYmRheSI6IjIwMjEtMDYtMTFUMDM6MDY6NDkuMzY5NDk4NzcrMDI6MDAifQ==; Path=/; Domain=adxpremium.services; Expires=Thu, 09 Sep 2021 01:06:52 GMT; Secure; SameSite=None
vary
Origin
cf-cache-status
DYNAMIC
cf-request-id
0a9a349d7b0000d70dd00a1000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EG%2F3Eo5yfJ1QOmRNIIBYnO3JK1qdWZd6G7gZWJToRripoJU5%2BM9sjQs1T4Gl0cs%2F5E%2BXTX39ZAFbXyqsWC6bYdxBfahCEDo8KnIqlYnuQreb68ehjqb%2BWGx1V4iera%2FTHDK9e05g8Eh8NUti%2FsFQ%2BKI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65d6f0759c5fd70d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

server
openresty
date
Fri, 11 Jun 2021 01:06:52 GMT
content-type
text/html; charset=iso-8859-1
location
https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AE1rmmt7QUleGmgB
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Fri, 11 Jun 2021 01:06:52 GMT
x-sid
AMS-748
GS.d
js.cookieless-data.com/ Frame C5CA 		0
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1623373612109
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:52 GMT
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
0
expires
Tue, 01 Jan 2000 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 60F7 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159760&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
sync.quantumdex.io/ Frame 88EE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8957257764456227477
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8957257764456227477
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=epMmm9LfOCJmd5qP8nVEHpYAyMh6UipedPi215UJXBT%2FtlxfMQO9SggxIA%2Bh8oSJ4pWu4XT6VDqsW1q4DgfinTprcG2oCePypm9jPa%2FsAd0117w6GmfiB6rXe5tjtJEzbud1BbXa7sLiWBY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65d6f0752f7f1f2d-FRA
content-length
43
cf-request-id
0a9a349d3d00001f2d3d2bb000000001

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:52 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.164:80
AN-X-Request-Uuid
f13cddbd-4ba5-4218-b967-3997f1f6da9d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8957257764456227477
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 88EE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8957257764456227477
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8957257764456227477
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jE2tUbO8BWVGRRccxiMVOyKNL48nUiL5hfBCKvgZLQUzxT6BWvAKjLAMemWdBFSHHJtt%2B1rBLnYFug6kiYgGUDi%2B3jmio9yjtA02WoSR2bzdqOZbHZq40VPi7DjXSzliuJz5LY0HOzYzGRs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65d6f0757fd01f2d-FRA
content-length
43
cf-request-id
0a9a349d6b00001f2d4d320000000001

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:52 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.12:80
AN-X-Request-Uuid
f82bbafb-d23a-4174-9352-f8b5817b7635
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8957257764456227477
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 88EE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8957257764456227477
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8957257764456227477
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7hGdGjXNLuWosK28ZGFdDnBqlxjoHmPnKQZOrMWNEpnsDDYYMe1wNQ2dAyWKowSc1vPsoddrZZbkdQ4ECUTrG9RQWNPgALAJUPXLPyhBAUJkmPKjn%2Fo%2FGnwwr2k2tpjMlWE5az1dKLll3Mg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65d6f075b8331f2d-FRA
content-length
43
cf-request-id
0a9a349d9800001f2d84a0c000000001

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:52 GMT
X-Proxy-Origin
185.156.174.4; 185.156.174.4; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.242:80
AN-X-Request-Uuid
f0724b21-e70c-4057-ab25-13c2a4530151
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=8957257764456227477
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 88EE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rC4nEuhE2uEEN_UlrTCJBX7ZI0GZNhG5rDjGcaw-~A
43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rC4nEuhE2uEEN_UlrTCJBX7ZI0GZNhG5rDjGcaw-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zak4jpTg4OQo6uhhQr3JKOYMn2i55VVlJ16cMuva98avOj05mIhK%2FcEcNNLmCM51b%2FPo89biC1ezaV20gmhHcDEtpYweLvAHsUd2mgM1TJXP24WmOziz07pDDJdgkVD6vQ1wxQvQYu9JJTA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65d6f074af021f2d-FRA
content-length
43
cf-request-id
0a9a349cec00001f2d5498a000000001

Redirect headers

Date
Fri, 11 Jun 2021 01:06:52 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-rC4nEuhE2uEEN_UlrTCJBX7ZI0GZNhG5rDjGcaw-~A
Connection
keep-alive
Content-Length
0
us
sync.go.sonobi.com/ Frame 88EE 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 88EE
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=8e6698b5-305d-51a2-9f24-424affe6f578
43 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=8e6698b5-305d-51a2-9f24-424affe6f578
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:58 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CS7OrdmYag7JddrisGhHPMYv%2BMQSaCf2prGFgX4RHfnj1d39BoS1XZWjmUolX8d0tclU7pdffs8vqDre5MQGn3Ue2KFbH90pM3zESMnE0%2F8RvQ9hu%2B6llW4lDmpT7yVwF90sVKYTHewo5xg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65d6f09abc6a1f2d-FRA
content-length
43
cf-request-id
0a9a34b4b700001f2d97819000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=8e6698b5-305d-51a2-9f24-424affe6f578
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 88EE
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=227f1703c8b198928d58cfde8da36d2871834372
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=227f1703c8b198928d58cfde8da36d2871834372
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nZn1HTQjhI4zs%2FlaaGYNswNKp0ssHt25zQ%2BM3bQjGYircqSODzmI8kviPWE5irHil3WrqEp3%2Fh463lcScZZJu2R9yDK5ijd%2FBiqn69vPQLvhYHTnO84795Vr0Owb%2B%2FqW3%2BMVFfaSF3L%2Bqp0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65d6f07c5ee91f2d-FRA
content-length
43
cf-request-id
0a9a34a1ba00001f2d310a7000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=227f1703c8b198928d58cfde8da36d2871834372
Date
Fri, 11 Jun 2021 01:06:53 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
um
sync.e-planning.net/ Frame 88EE 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=e6371b2a-6b8f-4665-8f56-e6e140f33962
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:54 GMT
server
openresty
content-type
image/gif
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 75F2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f89bc9410c120f0d1a7f7fdb051799d9cf934545274442fd2f32dd7ec21c7bf2

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=5165; CMPRO=1139; CMST=YMK3LWDCty0A; CMRUM3=2e60c2b72d05a0&f160c2b72d05a0&2960c2b72d05a0&e660c2b72d2760&2760c2b72d0b40&4160c2b72d05a0&2d60c2b72d05a0&5160c2b72d05a0; CMID=YMK3LY4f45Hfps5IucTAZAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|3|88|206|4|47|13|51
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1770
Expires
Fri, 11 Jun 2021 01:06:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:53 GMT
Connection
keep-alive
Set-Cookie
CMID=YMK3LY4f45Hfps5IucTAZAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Jun 2022 01:06:53 GMT CMPS=5165;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Sep 2021 01:06:53 GMT CMPRO=1139;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Sep 2021 01:06:53 GMT CMRUM3=0460c2b72d05a0&4960c2b72d05a0&f160c2b72d05a0&2960c2b72d05a0&3360c2b72d05a0&5860c2b72d05a0&4160c2b72d05a0&2760c2b72d0b40&2d60c2b72d05a0&0d60c2b72d05a0&2f60c2b72d05a0&0360c2b72d05a0&5160c2b72d05a0&ce60c2b72d05a0&2e60c2b72d05a0&e660c2b72d2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Jun 2022 01:06:53 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 11 Jun 2021 01:06:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:53 GMT
Connection
keep-alive
Set-Cookie
CMID=YMK3LY4f45Hfps5IucTAZAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 11 Jun 2022 01:06:53 GMT CMPS=5165;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Sep 2021 01:06:53 GMT
/
onetag-sys.com/usync/ Frame 8010 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame 688F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.174 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP004 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP004
date
Fri, 11 Jun 2021 01:06:55 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame D698 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 11 Jun 2021 01:06:52 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YMK3L; path=/; domain=.go.sonobi.com
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3B73 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://vnexpress.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
anj=dTM7k!M4/8CxrEQF']wIg2E?chM@rZ!@wnf-Te9(>wL5L!!'E]$`161; uuid2=8957257764456227477; icu=ChgIq4xjEAoYASABKAEwqe6KhgY4AUABSAEKGAi4p3MQChgBIAEoATCm7oqGBjgBQAFIARCp7oqGBhgB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 07 Jun 2021 05:03:25 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 11 Jun 2021 01:06:52 GMT
Age
73790
X-Served-By
cache-lga21963-LGA, cache-fra19136-FRA
X-Cache
HIT, HIT
X-Cache-Hits
2, 404882
X-Timer
S1623373613.551737,VS0,VE0
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame CC9C 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1623373609504
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1623373609504
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4D1A 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=EEBDD5F1-EBB2-432D-AAFD-E5FA459D3398; SPugT=1623373609; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&16514-CAESEMJ1DwtBaJSATL5KWfutxx8&KRTB&23025-CAESEMJ1DwtBaJSATL5KWfutxx8; KRTBCOOKIE_57=22776-8957257764456227477; KRTBCOOKIE_391=22924-5386584769435822460&KRTB&23263-5386584769435822460; KRTBCOOKIE_377=6810-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&22918-2febde62-1eb8-42a9-b25a-c98646bb342b&KRTB&23031-2febde62-1eb8-42a9-b25a-c98646bb342b; KRTBCOOKIE_27=16735-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&16736-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23019-uid:8e0160c2-b727-4200-9f59-63eef7ed5593&KRTB&23114-uid:8e0160c2-b727-4200-9f59-63eef7ed5593; repi=1; SyncRTB3=1624579200%3A13_166_55_99_234_57_56_161_8_22_81_88_165_78_5_104_54_3_220_7_71_176_233_222_231_21_230_204_189%7C1624233600%3A63%7C1625961600%3A203%7C1623974400%3A223_67_2_15%7C1624665600%3A35%7C1628553600%3A69; KRTBCOOKIE_153=19420-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4&KRTB&22979-mPFdTsz2DESD9l9PnPcTRZ7zBx-DowYYyPftWvF4; KRTBCOOKIE_22=14911-2878901784113009453; KRTBCOOKIE_1101=23040-6972336564145092756; KRTBCOOKIE_409=22966-1MOwp2Jql8R6il4HDSqfW9Mi; KRTBCOOKIE_107=1471-uid:P4eGaIiY1LRvDk5; KRTBCOOKIE_594=17105-RX-69028778-2a49-4435-bd15-78f839ab6793-003&KRTB&17107-RX-69028778-2a49-4435-bd15-78f839ab6793-003; KRTBCOOKIE_860=16335-xGFt7sqtSnFGL-NrA_vURLmcrgQ; KRTBCOOKIE_279=22890-4decd3a0-ca51-11eb-9ce3-4da383785529&KRTB&23011-4decd3a0-ca51-11eb-9ce3-4da383785529; chkChromeAb67Sec=3; DPSync3=1623456000%3A174%7C1624579200%3A221_226_235_219_227_232_201_197; pubsyncexp=1623395211556; KRTBCOOKIE_218=22978-YMK3KwABoefR0QAC&KRTB&23194-YMK3KwABoefR0QAC&KRTB&23209-YMK3KwABoefR0QAC&KRTB&23244-YMK3KwABoefR0QAC; PugT=1623373612
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=106300
expires
Sat, 12 Jun 2021 06:38:32 GMT
date
Fri, 11 Jun 2021 01:06:52 GMT
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 0A2A 		498 B
631 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
abc1d2a1c394f0b113548fddc57625a04014ec946114242cbfaddfbf9e3ae631

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=140d6a62-ec6f-4e9f-beb8-02b4c3a06ec3|1623373608; pd=v2|1623373608|gekin0vNiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=140d6a62-ec6f-4e9f-beb8-02b4c3a06ec3|1623373608; Version=1; Expires=Sat, 11-Jun-2022 01:06:52 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1623373608.4|kiiygevNgun0.mWgqsLommOns; Version=1; Expires=Sat, 26-Jun-2021 01:06:52 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.208.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 11 Jun 2021 01:06:52 GMT
content-type
text/html
content-length
316
content-encoding
gzip
via
1.1 google
alt-svc
clear
index.html
cdn.districtm.io/ids/ Frame A37C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://vnexpress.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vnexpress.net/

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
0a9a349dd4000027a072811000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
65d6f076184027a0-PRG
/
onetag-sys.com/usync/ 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 0A2A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2878901784113009453&gdpr=1&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2878901784113009453&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:52 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2878901784113009453&gdpr=1&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 11 Jun 2021 01:06:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame 0A2A
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=GPffB-xuyEYCGobrdJ5nhA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:52 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
telb7cfn66stq1tm5pl98ih34r6sugn6

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5366337f-d544-e321-d5b9-dca958d09077
pr-bh.ybp.yahoo.com/sync/openx/ Frame 0A2A 		43 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/5366337f-d544-e321-d5b9-dca958d09077?gdpr=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 0A2A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=P4eGaIiY1LRvDk5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=P4eGaIiY1LRvDk5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:52 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:52 GMT
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-00d497958362b52d3@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=P4eGaIiY1LRvDk5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
ads.avct.cloud/ Frame 0A2A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
0
0
cookie-sync
match.prod.bidr.io/ Frame 0A2A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADEJU7BhW4AADL850HYrg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.40.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:53 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
date
Fri, 11 Jun 2021 01:06:52 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:328
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ 		266 KB
266 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
1625e527be582ef5c94b52e7d798e9813ff82f986df54d43ee9b4e82e2164d0b

Request headers

Referer
https://vnexpress.net/
vdoai
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1958396-2230431

Response headers

Date
Fri, 11 Jun 2021 01:06:52 GMT
Last-Modified
Tue, 02 Mar 2021 06:16:32 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"603dd840-20026e8"
Content-Type
video/mp2t
Content-Range
bytes 1958396-2230431/33564392
Connection
keep-alive
Content-Length
272036
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Protocol
HTTP/1.1
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range,vdoai
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.16.1
Date
Fri, 11 Jun 2021 01:06:52 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Content-Length
0
async_usersync
ib.adnxs.com/ Frame 3B73 		0
0
SPug
simage4.pubmatic.com/AdServer/ Frame 0968 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159941&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatchredir
ssum-sec.casalemedia.com/ Frame A772
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMK3LI4f45Hfps5IucTAWwAABHMAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJkxKjcIBexJXRmrgrxs3M8&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJkxKjcIBexJXRmrgrxs3M8&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7365be475a47309e%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 11 Jun 2021 01:06:53 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJkxKjcIBexJXRmrgrxs3M8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A772 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YMK3LI4f45Hfps5IucTAWwAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7365be475a47309e%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame A772
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMK3LI4f45Hfps5IucTAWwAABHMAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMK3LI4f45Hfps5IucTAWwAABHMAAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMK3LI4f45Hfps5IucTAWwAABHMAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7365be475a47309e%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:53 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:53 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMK3LI4f45Hfps5IucTAWwAABHMAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A772
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMK3LI4f45Hfps5IucTAWwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIFL9yEmcloW2HoFKOhl0Q8&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIFL9yEmcloW2HoFKOhl0Q8&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7365be475a47309e%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 01:06:54 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIFL9yEmcloW2HoFKOhl0Q8&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge
cm.adgrx.com/ Frame A772 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7365be475a47309e%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:56 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-5
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
getuid
secure.adnxs.com/ Frame A772 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7365be475a47309e%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame A772
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=hlmN8dJe3PudXo_wgl_D-oBb16CdC9an1l_X9rKZ
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=hlmN8dJe3PudXo_wgl_D-oBb16CdC9an1l_X9rKZ
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7365be475a47309e%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 01:06:53 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=hlmN8dJe3PudXo_wgl_D-oBb16CdC9an1l_X9rKZ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum.casalemedia.com/ Frame A772
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623460013&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623460013&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7365be475a47309e%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 11 Jun 2021 01:06:54 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623460013&gdpr=1
pragma
no-cache
date
Fri, 11 Jun 2021 01:06:53 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
um
u-ams02.e-planning.net/ Frame A772 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=7365be475a47309e&uid=YMK3LI4f45Hfps5IucTAWwAA%261139
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D7365be475a47309e%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:53 GMT
server
openresty
content-type
image/gif
YMK3LY4f45Hfps5IucTAZAAABHMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 75F2 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YMK3LY4f45Hfps5IucTAZAAABHMAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 75F2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=8e0160c2-b727-4200-9f59-63eef7ed5593&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=8e0160c2-b727-4200-9f59-63eef7ed5593&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 01:06:53 GMT

Redirect headers

Date
Fri, 11 Jun 2021 01:06:45 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=8e0160c2-b727-4200-9f59-63eef7ed5593&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Jun 2021 01:06:44 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 75F2 		85 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:53 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1623373614.517396,VS0,VE89
x-served-by
cache-hhn4058-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame 75F2 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YMK3LY4f45Hfps5IucTAZAAABHMAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:53 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 75F2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2878901784113009453
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2878901784113009453
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 01:06:53 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2878901784113009453
pragma
no-cache
date
Fri, 11 Jun 2021 01:06:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 75F2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=P4eGaIiY1LRvDk5&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=P4eGaIiY1LRvDk5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 01:06:53 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:53 GMT
Server
PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-066a1c0b271e68364@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=P4eGaIiY1LRvDk5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 75F2
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06562204004c2ca391f4b181&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06562204004c2ca391f4b181&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Jun 2021 01:06:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Jun 2021 01:06:54 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06562204004c2ca391f4b181&expiration=[EXPIRATION]&gdpr=1
Date
Fri, 11 Jun 2021 01:06:54 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
sync
x.bidswitch.net/ Frame 75F2 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.181.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
setuid
sync.quantumdex.io/ Frame 75F2 		43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YMK3LY4f45Hfps5IucTAZAAABHMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:53 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Q9hgIFGsLLsFUe2rBKtb1fCfuh8oxW9DoAI6bXJ9bRG1jwsYGlNAr17%2FNypA%2FJJBkWUXyS0boVOsCeKiufwVmW%2B4PMSrQ4P9Q3IoQp%2F1WIyIzIxxVfMmZ8yG2ABY6O7GZM8RAqzLnLaEIXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
65d6f07c6eee1f2d-FRA
content-length
43
cf-request-id
0a9a34a1be00001f2d51ade000000001
SPug
simage4.pubmatic.com/AdServer/ Frame 7BE5 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158804&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Jun 2021 22:32:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Jun 2021 01:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ 		269 KB
269 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
05f3b9054b82010ee9a20b62e4a6c844de35e2e50f1d88544c72d1cc31202d16

Request headers

Referer
https://vnexpress.net/
vdoai
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=2230432-2505475

Response headers

Date
Fri, 11 Jun 2021 01:06:56 GMT
Last-Modified
Tue, 02 Mar 2021 06:16:32 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"603dd840-20026e8"
Content-Type
video/mp2t
Content-Range
bytes 2230432-2505475/33564392
Connection
keep-alive
Content-Length
275044
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Protocol
HTTP/1.1
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range,vdoai
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.16.1
Date
Fri, 11 Jun 2021 01:06:56 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 7EFD 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c34427a72c83454517d14b31a7ad99d35cd96bd62c69e8e68aa06de14b6858fc

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 21:12:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30399
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9302
Expires
Fri, 11 Jun 2021 09:33:34 GMT
khaos.jpg
token.rubiconproject.com/ Frame 7EFD 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ 		262 KB
262 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
d0ef65994f902570cc0e1e3afbc84bb0be54d4931149a45b34353eeda616900c

Request headers

Referer
https://vnexpress.net/
vdoai
true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=2505476-2773751

Response headers

Date
Fri, 11 Jun 2021 01:06:58 GMT
Last-Modified
Tue, 02 Mar 2021 06:16:32 GMT
Server
nginx/1.16.1
Access-Control-Allow-Origin
*
ETag
"603dd840-20026e8"
Content-Type
video/mp2t
Content-Range
bytes 2505476-2773751/33564392
Connection
keep-alive
Content-Length
268276
161466572356603dd7fb31a1a.ts
h.vdo.ai/uploads/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h.vdo.ai/uploads/videos/161466572356603dd7fb31a1a.ts
Protocol
HTTP/1.1
Server
144.217.254.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
range,vdoai
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.16.1
Date
Fri, 11 Jun 2021 01:06:57 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Content-Length
0
ptrack
a.audrte.com/ Frame CD2E 		368 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=185.156.174.4&p=M1353665098&artime=2021-06-11T01:06:58.485Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGYWRzLnVzLmUtcGxhbm5pbmcubmV0JTJGZ2V0dWlkJTJGMSUyRjVhMWFkNzFkMmQ1M2EwZjUlM0ZodHRwcyUzQSUyRiUyRnJ0Yi5hZHhwcmVtaXVtLnNlcnZpY2VzJTJGc2V0dWlkJTNGYmlkZGVyJTNEZXBsYW5uaW5nJTI2Z2RwciUzRDElMjZnZHByX2NvbnNlbnQlM0QlMjZ1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=dXNlci1zeW5jLmFkeHByZW1pdW0uc2VydmljZXMv
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.191.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7a864431ec20f276a8f8d6300379b9394d293edf080a4e47f2c7f8ffc98d382c

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:58 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=766769391/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/ Frame 6090 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=766769391/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.130.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-130-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9ac2998d4e99833ab4417e5b48647d75425a4ea0cb625e0b6ad6f4b5303bb809

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/c=15238/rand=766769391/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_dc=1; _cc_id=5fcf193cb05933b0b37be3d61ca814ec; _cc_cc="ACZ4XmNQME1LTjO0NE5OMjC1NDZOMkgyNk9KNU4xM0xOtDA0SU1mAIKEQ9u1QDQUAABjzws6"; _cc_aud="ABR4XmNgYGBIOLRdC0hBAQAZjgIE"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 11 Jun 2021 01:06:58 GMT
content-type
text/html;charset=UTF-8
content-length
1100
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.14.249
set-cookie
_cc_id=5fcf193cb05933b0b37be3d61ca814ec;Path=/;Domain=crwdcntrl.net;Expires=Tue, 08-Mar-2022 01:03:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQME1LTjO0NE5OMjC1NDZOMkgyNk9KNU4xM0xOtDA0SU1mAIKEQ9uNfvz%2F%2F58fxIEAAMc9D0Y%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 08-Mar-2022 01:03:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBIOLTdCEhBAQAZ5gIM";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 08-Mar-2022 01:03:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*
usync.html
eus.rubiconproject.com/ Frame D5EC 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://user-sync.adxpremium.services/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://user-sync.adxpremium.services/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 11 Jun 2021 01:06:58 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame D5EC 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c34427a72c83454517d14b31a7ad99d35cd96bd62c69e8e68aa06de14b6858fc

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 21:12:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30396
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9302
Expires
Fri, 11 Jun 2021 09:33:34 GMT
khaos.jpg
token.rubiconproject.com/ Frame D5EC 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
tpid=56268590373764666021564210384092450508
sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/ Frame 6090
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=5fcf193cb05933b0b37be3d61ca814ec&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=5fcf193cb05933b0b37be3d61ca814ec&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=56268590373764666021564210384092450508
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=56268590373764666021564210384092450508
49 B
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=56268590373764666021564210384092450508
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=766769391/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.130.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-130-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:58 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.19.200
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:58 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=56268590373764666021564210384092450508
cache-control
no-cache
x-server
10.45.23.198
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 6090
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NWZjZjE5M2NiMDU5MzNiMGIzN2JlM2Q2MWNhODE0ZWM
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NWZjZjE5M2NiMDU5MzNiMGIzN2JlM2Q2MWNhODE0ZWM&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NWZjZjE5M2NiMDU5MzNiMGIzN2JlM2Q2MWNhODE0ZWM&google_tc=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=766769391/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NWZjZjE5M2NiMDU5MzNiMGIzN2JlM2Q2MWNhODE0ZWM&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
image.sbxx
global.ib-ibi.com/ Frame 6090 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=5fcf193cb05933b0b37be3d61ca814ec
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=766769391/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_128_CBC
Server
216.46.185.183 Littleton, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
usermatch.gif
beacon.krxd.net/ Frame 6090 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=5fcf193cb05933b0b37be3d61ca814ec
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=766769391/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.215.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-215-228.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:58 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1623373618
x-served-by
beacon-n010-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
qmap
sync.crwdcntrl.net/ Frame 6090
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=025a60c2-b732-4f00-8d33-39827f723ec9
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=025a60c2-b732-4f00-8d33-39827f723ec9&ct=y
49 B
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=025a60c2-b732-4f00-8d33-39827f723ec9&ct=y
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=766769391/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.130.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-130-56.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:58 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.14.249
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:58 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=025a60c2-b732-4f00-8d33-39827f723ec9&ct=y
cache-control
no-cache
x-server
10.45.6.146
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 6090
Redirect Chain
  • https://id5-sync.com/s/19/9.gif?puid=5fcf193cb05933b0b37be3d61ca814ec&gdpr=1
  • https://id5-sync.com/c/19/19/9/1.gif?puid=5fcf193cb05933b0b37be3d61ca814ec&gdpr=1&gdpr_consent=
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOfSdc2TZhiq9MosKO-oOw_J1I-yJnKpwJMqWctg/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F8%2F2.gif%3Fpuid%3D%24%21%7BTURN_...
  • https://id5-sync.com/c/19/224/8/2.gif?puid=2913728097660396619&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F7%2F3.gif%3Fpui...
  • https://tags.bluekai.com/site/5907?limit=0&id=4ddcd062652e29595f574e9d9f7d580a&redir=https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/19/321/7/3.gif?puid=$_BK_UUID
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOfSdc2TZhiq9MosKO-oOw_J1...
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NWZjZjE5M2NiMDU5MzNiMGIzN2JlM2Q2MWNhODE0ZWM&google_redir={xENCODEDURL}&id5id=ID5-ZHMOfSdc2TZhiq9MosKO-oOw_J1I-yJnKpwJMqWctg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NWZjZjE5M2NiMDU5MzNiMGIzN2JlM2Q2MWNhODE0ZWM&google_redir={xENCODEDURL}&id5id=ID5-ZHMOfSdc2TZhiq9MosKO-oOw_J1I-yJnKpwJMqWctg
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=766769391/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20user-sync.adxpremium.services/rt=ifr
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Jun 2021 01:06:59 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NWZjZjE5M2NiMDU5MzNiMGIzN2JlM2Q2MWNhODE0ZWM&google_redir={xENCODEDURL}&id5id=ID5-ZHMOfSdc2TZhiq9MosKO-oOw_J1I-yJnKpwJMqWctg
cache-control
no-cache
x-server
10.45.23.198
content-length
0
expires
0
cookie
cm.adform.net/ Frame F854 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://user-sync.adxpremium.services/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 01:06:58 GMT
server
nginx
content-length
43
content-type
image/gif
pixel
ps.eyeota.net/ Frame CD2E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=0l2S7-g6u5NR6OaO-Zh0CKFfg&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:58 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame CD2E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=0l2S7-g6u5NR6OaO-Zh0CKFfg&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=0l2S7-g6u5NR6OaO-Zh0CKFfg&gdpr=0&gdpr_consent=&google_gid=CAESEOO4nYTboUSvDj6AGUTbvjI&google_cver=1
  • https://a.audrte.com/p
68 B
979 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.191.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:59 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 11 Jun 2021 01:06:58 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
ps.eyeota.net/ Frame CD2E
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=1183718136248669296
  • https://ps.eyeota.net/match?bid=kh51m51&uid=0l2S7-g6u5NR6OaO-Zh0CKFfg&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=0l2S7-g6u5NR6OaO-Zh0CKFfg&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 11 Jun 2021 01:06:59 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Fri, 11 Jun 2021 01:06:59 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=0l2S7-g6u5NR6OaO-Zh0CKFfg&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
syncuser
adp.vnecdn.net/ 		0
0
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CZ&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=46052&t=1623373606&cip=185.156.174.4&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=4&aafaid=&proto=https&uid=1623373606425-943677653332-008752-015-002268&cha=0.7&stagid=&stplid=&cb=40363733693&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.241.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 11 Jun 2021 01:06:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.eclick.vn
URL
https://s.eclick.vn/delivery/eclick.js
Domain
s.eclick.vn
URL
https://s.eclick.vn/delivery/dfp/dfpbrand.js
Domain
s.eclick.vn
URL
https://s.eclick.vn/delivery/dfp/prebid.js
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Domain
s.eclick.vn
URL
https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js
Domain
s1.vnecdn.net
URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1768/v3/production/blocks/site/1000000.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
logperf.vnexpress.net
URL
https://logperf.vnexpress.net/perf?lt=0&dclt=0&sr=0&url=vne_reload&iscache=0&device_env=4&domain=vnexpress.net&timeserver=1623373560000&timecookie=&timeclient=1623391603000
Domain
ureka-d.openx.net
URL
https://ureka-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fvnexpress.net%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=41d2fdec-3461-43e3-bb36-fc2ec518346b%2C8d9df9d3-2e6e-47ff-ad87-c5b2d5b74d79%2Cd000bd80-ed02-4fbd-a40a-575a620da418%2C0cf6216e-6f19-4650-a6cf-fb0a0124fb45%2C0188fe9d-7da6-4358-bda3-cfe098c03de2%2C1c5f122e-1c32-4c64-8d41-eace11a0afa0%2C611519ab-1f5f-4d25-863d-f3b4a2ddd46c%2Cd0a58f99-210b-41ed-984e-2fd4855720aa&nocache=1623373604659&aus=1920x270%2C970x250%7C300x250%2C300x600%7C300x250%7C300x250%2C300x600%7C728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250&divIds=%252F27973503%252FOV.Vnexpress%252FDesktop%252FMasthead%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FLarge1%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FLarge2%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FLarge3%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FBreakpage1%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FBreakpage2%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FBreakpage3%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FBreakpage4%252FHome&auid=541183412%2C541183412%2C541183412%2C541183412%2C541183412%2C541183412%2C541183412%2C541183412
Domain
ads.adaptv.advertising.com
URL
https://ads.adaptv.advertising.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=3373606549&gdpr=1&gdpr_consent=&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=185.156.174.4&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lat=50.08040&lon=14.50450&us_privacy=1---&scpid=5e4d2a2d2a62e7166c1db7a5&eov=eov&hp=1&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fvnexpress.net%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=225&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=2&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=https%3A%2F%2Fvnexpress.net%2F&width=400
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21871596757%2FANI-vnexpress.net-Web&description_url=vnexpress.net&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3412525124727361&nofb=1&sdkv=h.3.464.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2089706068&sdk_apis=2%2C8&sid=C0689FEF-4076-4F57-B22F-D4EBA87810DC&url=https%3A%2F%2Fvnexpress.net%2F&dt=1623373607663&cookie=ID%3D2c064322724f0633-22d809655dc8009b%3AT%3D1623373606%3AS%3DALNI_Mbh-e6rZwalq0SZo7K1_dL8jdjNEQ&scor=2858451579320653&ged=ve4_td1_tt1_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107863627%2FANI-vnexpress.net-web&description_url=http%3A%2F%2Fvnexpress.net&tfcd=0&npa=0&sz=400x300%7C640x360%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2578741950923054&nofb=1&sdkv=h.3.464.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3982581209&sdk_apis=2%2C8&sid=58A61311-994F-42D6-B7AE-B93C2BCB3653&url=https%3A%2F%2Fvnexpress.net%2F&dt=1623373607689&cookie=ID%3D2c064322724f0633-22d809655dc8009b%3AT%3D1623373606%3AS%3DALNI_Mbh-e6rZwalq0SZo7K1_dL8jdjNEQ&scor=3957104845289677&ged=ve4_td1_tt1_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171
Domain
ads.avct.cloud
URL
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Domain
adp.vnecdn.net
URL
https://adp.vnecdn.net/syncuser?fosp_aid=fxuh9ku3npevl2ct.1623373603.des&orig_aid=fxuh9ku3npevl2ct.1623373603.des&myvne_user_id=0

Verdicts & Comments Add Verdict or Comment

381 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| supportLS undefined| tsFolderApply undefined| tsFolder undefined| swapZone undefined| swapGetStorage undefined| swapSetStorage undefined| swapGetRead undefined| tsID undefined| tsIDCommerce undefined| tsIDCommerceID undefined| ts undefined| tsClone undefined| swapAction undefined| readed undefined| editorPositionChange undefined| editorPositionPrev undefined| readedInTS undefined| r undefined| shuffleZone undefined| h undefined| tsReaded undefined| tsNew undefined| k undefined| postionReaded string| c undefined| p object| v undefined| articleData undefined| stt undefined| articePicture undefined| sttSelector undefined| _itmSource undefined| o function| appendTracking function| trackingLogoHome number| site_id number| SITE_ID number| PAGE_FOLDER number| PAGE_DETAIL number| parser_autoplay number| PageHot number| topic_id_selected object| d_gat string| _siteId number| blockAdsTop string| uservar_token string| uservar_fosp_aid object| dataLayer string| GoogleAnalyticsObject function| ga function| addScripts string| cacheTimeUpdate boolean| isValidateCachePage string| cookieName function| getCookie function| setCookie function| unixTimeWithTimeZone function| validateCachePage undefined| runScripts undefined| insertScript undefined| cacheData string| myvne_js boolean| dontSupportES string| lazyPrefix string| lazyKey object| registryArea number| inter_version string| ZONE_BRANDSAFE string| interactions_url string| base_url string| css_url string| js_url string| flash_url string| img_url string| js_url_vne string| css_url_vne string| img_url_vne string| flash_url_vne number| device_env string| eid_authen_url number| ZONE_ADS boolean| isResizedPhoto number| site_id_ads string| list_folder_show_pvtt number| cacheVersion object| googletag object| pbjs object| Criteo object| googTagCode object| script_tag string| fallback string| ua boolean| isBot string| revisionCSS number| ES6 function| loadFontsFromStorage function| loadFontsAsynchronously function| fetchSVG string| revisionJS function| fetchCat function| loadCSS object| list_box_gt object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| google_tag_manager object| scriptFooterArr function| scriptFooterIS boolean| lazyReady object| _eaq function| ym object| cdpFpt object| adAsiaTM function| onYouTubeIframeAPIReady object| JSON2 number| adblock function| ufo8 object| foptTarget object| optTarget object| _paq object| PiwikNew function| piwik_log object| cookieMatch function| callback_ea object| _logAdp string| la_pageview_id function| _classCallCheck function| Sticky object| adAsiaPGTM object| publiftIDS object| adAsiaDataLayer object| google_optimize function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| vn_keywords function| postscribe object| google_tag_manager_external object| zones object| gptAdSlots object| map function| renderLarge2 function| findDPS object| fusetag object| b object| a object| Ya object| yaCounter62978707 function| $ function| jQuery number| blockedPercentForAddtlConsent number| numberBetweenZeroAndOne boolean| isBlockingAddtlConsent object| sas boolean| sas_blockAddtlConsent object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode function| pbjsChunk object| _pbjsGlobals boolean| isScriptLoaded object| fusePbjs object| timerPageview string| fosp_location_zone object| adsbyeclick object| prebidConfig string| f string| tagCode string| pb object| f_opt number| page_folder function| googleDisplay function| mobilecheck number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error function| fusePbjsChunk object| lazyLoadCondition object| lazyLoadInstance object| catConfig object| categoryCustom object| menuCustom function| Hls object| isMobile object| enDic object| viDic object| selectDic function| AdObject function| parseAdsParameters function| convertTimeFormat function| moAdSlot function| getStorage function| setStorage function| validateXML boolean| isHome number| cycle string| log_url object| Video function| videoSuggestionProcess function| videoVODLog2 function| videoVODLog function| errorVODLog function| getCurrentMode function| getBrowser function| pDate function| createDiv function| addPreloadLink function| preloadNexFragment function| checkBuffer function| preloadNexFragmentCallBack function| fadeInVolume function| fbAsyncInit object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| retryFetch object| JSON3 function| setImmediate function| clearImmediate function| normalize object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| SimpleScrollbar object| $jscomp object| CmtWidget function| Zepto function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb string| defaultDomain number| cookieValue object| myDate boolean| isMyVne boolean| isIone object| myvne_users function| MyvneCallback function| closeMess function| $jscomp$lookupPolyfilledValue function| renderComment object| data function| covid function| parse function| byDay function| drawSparkLine function| parseHTML function| getMobileOperatingSystem function| csvToArray function| importScript function| Html5HlsJS object| hlsTypeRE object| hlsExtRE object| HlsSourceHandler function| videojs function| html5Tech function| fadeVolume object| vttjs function| WebVTT object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| aniplayerPos object| criteo_pubtag object| criteo_pubtag_prebid_109 object| Criteo_prebid_109 function| avPlayer object| storageAni string| code object| iframe object| innerDoc object| GoogleGcLKhOms function| $321 number| google_global_correlator function| uk_check_mob boolean| is_mobile string| path string| host object| arrPath number| index_url object| closure_lm_917104 object| closure_lm_699279 object| google_image_requests undefined| moatApiInit1623373607364 number| browser_not_block_ads undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA string| prop object| callbacks object| time object| vdo_ai_ object| _google_rum_ns_ object| google_persistent_state_async function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google boolean| vdoHlsUrl function| initVdo function| vdo_videojs function| pbjs_vdoChunk object| pbjs_vdo object| closure_lm_35227 object| closure_lm_566367

1 Cookies

Domain/Path Name / Value
.vnexpress.net/ Name: device_env
Value: 4

13 Console Messages

Source Level URL
Text
console-api debug URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js(Line 29)
Message:
-- ATM info -- Performance check: 847.196044921875 ms
console-api log URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js(Line 19)
Message:
/27973503/OV.Vnexpress/Desktop/Richmedia/Home is Empty: false
console-api log URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js(Line 19)
Message:
/27973503/OV.Vnexpress/Desktop/Large2/Home is Empty: false
console-api log URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js(Line 19)
Message:
/27973503/OV.Vnexpress/Desktop/Masthead/Home is Empty: false
console-api log URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js(Line 19)
Message:
/27973503/OV.Vnexpress/Desktop/Large1/Home is Empty: false
console-api info URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17)
Message:
Powered by AMP ⚡ HTML – Version 2105281634000 https://vnexpress.net/
console-api log URL: https://bd.urekamedia.com/publishers/code/vnexpress.net/Ureka_Supply_vnexpress.net_Outstream_passback_Avantics.js(Line 2)
Message:
,
console-api log URL: https://bd.urekamedia.com/publishers/code/vnexpress.net/Ureka_Supply_vnexpress.net_Outstream_passback_Avantics.js(Line 6)
Message:
category page
console-api warning URL: https://a.vdo.ai/core/assets/rtb.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 127)
Message:
arResponse->{"pxcalls":"https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=0l2S7-g6u5NR6OaO-Zh0CKFfg&gdpr=0&gdpr_consent=|https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=0l2S7-g6u5NR6OaO-Zh0CKFfg&gdpr=0&gdpr_consent=|https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent="}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7048723870ab7ebb8d346fb83aece4b0.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
a.vdo.ai
a01a439e6ee0b9dc5f58459ddd2e605e.safeframe.googlesyndication.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
acds.prod.vidible.tv
ad.360yield.com
ad.turn.com
ad4m.at
adp.vnecdn.net
ads.adaptv.advertising.com
ads.adpone.com
ads.avct.cloud
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
adservice.google.com
adservice.google.cz
adservice.google.de
ajax.googleapis.com
analytics.google.com
analytics.vdo.ai
api.ipify.org
bcp.crwdcntrl.net
bd.urekamedia.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bn01.er.bemail.it
c1.adform.net
casale-match.dotomi.com
cc5b498521e182e8f0b783e0dc349d2c.safeframe.googlesyndication.com
cdn-ssl.vidible.tv
cdn.ampproject.org
cdn.connectad.io
cdn.districtm.io
cdn.fuseplatform.net
cdn.hbplatform.com
ced.sascdn.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
core.polyad.net
cs.admanmedia.com
csync.loopme.me
d.turn.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.rtbsrv.com
dmp.theadex.com
dmp.urekamedia.com
dmp.v.fwmrm.net
dmx.districtm.io
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eu-ads.adpone.com
eu-u.openx.net
eus.rubiconproject.com
fd9a5d7e6722de8e0614bee05cf8e7b9.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
g.eclick.vn
global.ib-ibi.com
go1.aniview.com
green.erne.co
gum.criteo.com
gw.vnexpress.net
h.vdo.ai
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js.cookieless-data.com
la.vnecdn.net
la2.vnecdn.net
loadeu.exelator.com
loadm.exelator.com
logperf.vnexpress.net
loopme.me
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mc.yandex.com
mc.yandex.ru
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
octopus-stream01-cads.fpt.vn
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.sitescout.com
pixel.tapad.com
player.aniview.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
ps.eyeota.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.moatads.com
rtb.adpone.com
rtb.adxpremium.services
rtb.gamoshi.io
rtb.gumgum.com
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.e-planning.net
s.eclick.vn
s.tribalfusion.com
s.vnecdn.net
s0.2mdn.net
s1.vnecdn.net
s1cdn.vnecdn.net
scdn.eclick.vn
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
solution.urekamedia.com
spl.zeotap.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
static.eclick.vn
stats.g.doubleclick.net
storage.googleapis.com
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.adtelligent.com
sync.aniview.com
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
tag.1rx.io
tag.navdmp.com
tag.targeting.unrulymedia.com
tags.bluekai.com
tags.crwdcntrl.net
targeting.vdo.ai
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
trk.vidible.tv
u-ams02.e-planning.net
u.openx.net
ufo.approximity.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
ureka-d.openx.net
us-u.openx.net
user-sync.adxpremium.services
usermatch.krxd.net
usi-saas.vnexpress.net
vcdn1-giadinh.vnecdn.net
vcdn1-giaitri.vnecdn.net
vcdn1-kinhdoanh.vnecdn.net
vcdn1-sohoa.vnecdn.net
vcdn1-suckhoe.vnecdn.net
vcdn1-vnexpress.vnecdn.net
vdoai-d.openx.net
visitor.fiftyt.com
vnexpress.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.moatads.com
adp.vnecdn.net
ads.adaptv.advertising.com
ads.avct.cloud
ib.adnxs.com
logperf.vnexpress.net
pubads.g.doubleclick.net
s.eclick.vn
s1.vnecdn.net
securepubads.g.doubleclick.net
ureka-d.openx.net
www.google-analytics.com
www.googletagmanager.com
1.55.119.34
103.132.192.30
104.109.78.125
104.16.68.69
111.65.248.197
111.65.248.227
111.65.249.130
111.65.249.131
111.65.249.224
111.65.249.226
111.65.250.2
111.65.251.2
125.212.217.46
13.248.242.197
13.58.174.102
142.250.185.130
142.250.185.66
144.217.254.84
151.1.205.165
151.101.114.49
151.101.13.108
151.101.13.44
159.253.128.183
159.65.196.12
162.55.3.17
162.55.6.213
168.119.149.178
178.162.133.149
178.250.0.165
178.250.2.151
18.158.181.33
18.197.54.206
180.148.129.21
180.148.132.197
180.148.132.75
180.148.141.233
185.183.112.155
185.29.133.58
185.33.221.90
185.64.189.112
185.64.189.114
185.64.190.78
185.64.190.80
185.64.190.81
185.94.180.125
193.122.128.135
198.148.27.140
2.16.186.32
2.18.233.180
2.18.233.201
2.18.234.21
2.18.234.233
2.18.235.40
2.19.35.65
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.100.17.174
212.82.100.182
213.155.156.166
213.19.147.43
213.19.147.44
216.46.185.183
23.79.143.202
2600:1901:0:98f7::
2606:4700:10::6816:37ce
2606:4700:10::ac43:db6
2606:4700:20::681a:a19
2606:4700:20::ac43:47f1
2606:4700:20::ac43:4a81
2606:4700:3030::6815:593f
2606:4700:3033::6815:2384
2606:4700:3037::6815:18da
2606:4700::6810:bf3
2606:4700::6812:d05
2606:4700:e0::ac40:621d
2607:ae80:5::49
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:802::200a
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:82f::2010
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9b
2a00:7c80:0:121::2
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00:28a::2c79
2a02:6b8::1:119
2a02:fa8:8806:20::2010
2a05:d018:24:b001:d120:1359:acbb:2de6
2a0b:4d07:102::1
2a0c:5c81:5139::2
3.121.27.153
3.123.110.9
3.126.56.137
3.219.93.236
3.66.135.160
34.192.164.183
34.193.191.157
34.236.65.196
34.237.161.69
34.239.198.206
34.249.223.226
34.251.130.56
34.98.107.212
34.98.67.61
35.171.241.0
35.186.253.211
35.201.81.244
35.201.96.126
35.210.53.219
35.227.248.159
35.244.159.8
37.157.3.29
37.157.4.41
38.27.122.158
38.91.45.7
46.249.52.249
5.178.65.245
5.178.65.252
50.16.226.23
51.158.29.13
51.210.112.236
51.89.9.254
52.215.215.228
52.29.14.143
52.49.40.147
52.56.111.113
52.57.10.248
52.57.141.238
52.94.232.32
52.95.118.60
54.170.210.188
54.195.94.143
54.247.114.64
54.36.109.155
54.39.16.115
54.78.254.47
62.149.0.72
66.155.71.149
69.173.144.165
72.251.241.196
77.243.60.138
85.114.159.118
87.98.128.108
88.212.252.2
88.214.206.142
89.163.159.102
99.86.241.58
010d9ca6cbe766f0f4f717826c03fc6ef993af8e20822db77c4bb58c3a518a85
029b5be677d8f08575523fef0376bc0f9ab1a67c9a88d9482ae2f7f302c15bf1
02e89ae04433ec2555f27e543f23ba9361c23a8ad89d357ba5f8b40c83c6a231
0396d073f8e5cf0819d22a3b03cc97a4dd4db494976b2354d7f10b808c6bff34
041364c2eaa14402c5d37ff2827d22d05ed11152dab24801e8cdff2a0588a3c7
05f3b9054b82010ee9a20b62e4a6c844de35e2e50f1d88544c72d1cc31202d16
07bcfbebdba3f802bc9489847c3334fd5269b753d2390c9ff67e022c68255464
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
094c1111eeb737673d376e2598c9abfad2c1dadeab91522940bbf5d2ff512a72
09a94a6766698954177170f246d8e56002419131769f7afe90df419e1b7f84bd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c84cf92322d1cced22a12ae95bb96fb0758c950f9fde7476934ec5915787005
0ca47478b43c46bddeff5622f7a49f723a6e3b560b849bf1076308e8c29222e5
0d3d3d99ec2d1da823e792b3024b24ae723c89a29d46d9cffe4b1d4ba935c0da
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f9ca520377230106e92f725609bd6d82525b36a9cbc3fb4125fe7c083413769
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
1099887444e81ab189fd60a517f0142587416f66f3052324c7a49099601706a0
11778fc5384adddcc1f2d18fed68eef023b4067ae38432334ce94ed858088665
119ec1d9a42611e9ff521ffd50a5a8b85df6006c9c19ce856ebcef1ea373f506
12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768
13791f74085348e02137240ad8a3fa0f5b85c92c2b04867b064f2e8bda4733a0
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
1601c1cfc82d718d46138f6a4205cae60449697b94e6abf7586735ec2e05c3d0
1625e527be582ef5c94b52e7d798e9813ff82f986df54d43ee9b4e82e2164d0b
16600b031f7e2e59efe4b96a23e07fb4a56b411833e73070c1c8b60bc7116cf5
177ebb35a735e9e11c5eb72933843b73e5625ef2dadf80f1a32fefd0817f00d7
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1e9afa0ade5eafa3131a4eb1b524658d684cfa8c84028b9083f1d6f39071d097
1f5c37d4957cd70f74f9db7b782be34909970e433bf4d2eb85d97b04bb89e88c
1f66620f7dae42af4a6a3d1217e1e15a05090cac7bba5828b69e6d3321e5f924
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
2158f6295fd6de1f85e8230b955e5707d717af210d28722ba3f194e9a07f5b12
224836d41fc5b01fb0cca2cf0680ed0554281410de0630b69fa492654bf2fd22
2380f180199a4e2e4f231e34f97ac82949a84042e792ef5532be2956b99f563d
239c953d2fa7b27207f1840a11cb93dec7ce0c49a71a9729f511662b5be9753b
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c
253e39dfca65dfd3662eef68dbb38575cfaeaebfdc479ac4c2ddc16d9ac803a0
2660b79db5a096e34a0be96461599f4e73e044fc1605936ef3bdf30cef1154db
27610fd6dda8a79497ba1e3828c838ef01de6e898813020324bf1248ac5271fc
27b6996a0f7ea420886fcb7b079d023a65391f41b283c92c38b60e8a157d6559
28c34d137ec2cc383f7177e97e1d0d1855ec48e45536b9ae395b6ac1f26ee3f5
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
29bdfdc0a7ced1bb9fe2ef4ef8ed398fda68230e32ce738ca2dbf4b62d0b7545
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bcfd666de44d15622d077fdb8bafb5bc9d44bf361734774517a0b645845b7d2
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d6cd0b1b71fe98fadc892f373ca3bb5b944af92b88c217c77eef230dff533c5
2da11667e58e95ebe2ae796b3dadd0a6f9f7e396f2c0cdad994943b05650d7ec
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8914e6dd92c219070cdde625d806573b173fc3940952916fb175478f4086b2
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2ee59d38a0b6e22516ff9096fd0508ce0f7a371cbfecbc0fce155d596f6b1100
2f35b8d4226543a73f9d27d49fa952120af16bd60cda49342480bf73380f1c88
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3025c771b0e5d02ae41131f2d026f505732c7c9b9411fecf1f2a265befc4611e
306992531af884f2b6b9f2225ce9b8d7bde2de547318db0f2ae954375abd93ab
310643e1c4ce188602ab77ca57e727934c1d8b17554f9a29de28005ad23625fe
327a47c788480c9218317e7b9319654949d9c81fbe83b939de78976f0c54bf0e
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33fb41d35aefbc4e339e6adfef2b1df1f71781071fdcf872d9635c54d415fd41
342d0d162896254b4aab352892144b14059f2660ccd3ee440ad5f2acd6340da7
34e9a619897b9223115c6588f352612268c90c3d83990829768973759b0d1a6e
35ff101a93a8fc0f7e275bb3f413eabdf7626d7378035cd4118f9a36244dd410
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36cc442f0b710c2211d58862d342f493eeed296054819ff819dcbc241838b757
3790cbf905ad6e0d7a40201d4bd88b27abfe3ca257021514448238ab76048f02
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3835fee216cae83b87ffa3b38bbdafb098b465f0d4b51944c1c31b7b3ccbc4d8
386a97504e4c614c13ab722494bddd53cfa47c2f078cf374a5ec835bd37ff5c6
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3b9cd6acc4156213e43f68d0cadc72e4791e9c605084439207a3cc6de146bd01
3d03a95be8e5be9ae60bed968907fccbb64eb0190e8c85ba668b928b501e13f5
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40413613e174b4a82cbf34c5a985a8415314c391d54fcc036a237fa65ebb8a15
4058b5f40b738fec397114829f6de02dbc2617699081d8ed644b7abad6cc7345
419c28a2c1d6b35d0fc6ffbe2b6632bcd02e01b79be1cfa3ea624d17b7ab773a
42ca0818657afad8f93b95bde68d46220e2f9437f4f93f1d7a0ef22697becada
434762a76dfd6af3bdeeb1f2de8dad923633467deb93e7c15ac71cd87e5b99df
448bbb82769ac61ff51ab6584fce6baf1cd44e60927c21a35106b2fb8c48475b
454bf94f0aa5a953934e691ba3d56b3ebbf11756574856404428f24727ef3fb4
45b83f6b6a8fc5a941655b074f10b26bc4dfca4035c372326e1dba7307c82c43
464afcd8128470af2c00e32101a2df60a792586747321dd5afa9a21816a385ba
47e46f426dd625027d7377f8ee62113bec0b6e8b39c2987a82d291a6d37bb29c
47f377c3555535581c28d43c044f2b5395b53273142b865b7f1e1fc0dc4e17c9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4b213bc6161490d20ce4607a2f578653dbc6ab6fedf2c155c49469e561bc2070
4b9567f947e6f537c8c6858b78d5f31598d63aeb8e9013709494ce3a22fca803
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
506c98450840987a8c887e24ccea34e9893af345d7df8aacedbe9aa5085f594a
50f279761c523938ab4343556f143bb1ac4bd3874aa2c4e95b6d3b4ae5f5fab6
510b0974ca6692dc3a22902492bd0913c7b201d63bff9c35f5099ea74a018219
52c93e3062d05ac961d93f0dcb33e826673778109ee29bb1c3ec82e3ccddcde3
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5429c9d50e6222c5a8082411c59146871a585b8eadc84a9d7843ec0953274ef3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5510a24a68541fae68f7e5be52a61e9f447de8ed9ac5f11ea5fa17e7395877bd
57b34107b8f7999e55b91489c92d84cb8b966dc48efaf173ea6e3333b39ef1c9
5869b042f014f2d4e765b8b4b0814979a2d9677614df1336782ab54aa962bd43
59989085c1a3b8a2f0dde501b5226f26af844f4dbf7b5596790aa10db5fafa80
59edc5d7fe4bfb5de8ffd5a3f130d3130364d1c8a3eae58eccf1992f28e97f87
5a2a2f24c639410a4fd5c593bf36a582f6b0dbf810820169205564a6fa4d689b
5a7360ce5db7ebcecb6a673d3a64c46fd55d474486ce305119c9a126bfb26ed7
5b17c23278ae0ab76fb2b6ab5307cf419799906e3b5701f6a21597c3e3dec77d
5b69cf62e19fbb21159314d29076e81d8cfc025c27dc7da0b48384c7f93c425e
5bccba449f381b293246b8e45d6c3598c8833eeae555a26d01a61a3ca95b6c09
5c72a0385dd3de1a3b9408c21fe294dd7a7e1b5c890c9f8d591758bb501c307b
5eb763740d8b0da04a2b24ae137d482593148ba1aa6110291309e57597d9e14d
60db5803979fb5421405dc7aefa50e13ab40291b930155f3df513858fe530043
61788ab6e5520e7be2f63cbfd958f5f31aadbd8c887c8d44a6d77f06e5f83c1b
6419c8923bcd1a5e445edcbc8b321f47851f1df786aae1b8a337d75d47c79702
65eb49afbd07314a1a4cf6051900abfe1223e12a239850cfac13825aad060639
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68d2cc4486c92a0541f96c95d990873464c25dfc943cc9eb573b60b32044f673
693fbd0ab5fc53069137459b79a060d087dc2a1ce0c5e13277297799a38ce621
6a454bcc9437ff9876a65a7b2a8d26d2f02eb845e1ac2800b6fa5bc64f0ff39f
6abc2434abfe8bbfe104529364729f23d4de16bcf260ff1513d6f6a1937d3fa1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f3ef15a05a6c449824a234c7e657aa77abb0830fd22dc552c9738a039ff0443
713aa0cabaa57ebe333b3069a6975bd48987b8f3d1fe7da9f5fd52b5b626b017
720c489cf3c99750479c3f665efaf1da3521b5487807fd46e85352726eabdd3b
722421dd28b15ea3fa535b59e3be42d770357b16758b77e0c883a485ca2fc29e
7308a2c8fc393c0af6acae7a1069ddb3e8a80439658d2eb130da76aaae010291
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
74fa59feb45b26f79a6bded627c5101766dfdca4211c58c4bb83ec4f33b9f40e
750759df166f9a8a921c974710f98d37d359afb542fb9b6fd73cac7b0986445a
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876
75ace966726add1583567ab2520409b8f0518c16bda739e5e736450a02c1458d
765afd4fecb7007452c0ca77ea09b9c06da6b5ca5717025d7fd3ade66affb18d
767c43e9a6452ee93f57eccbe8f847745bd6f3c358418837ce7c81fce59e152a
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7769c9b4112d1e148c888f982320cf2aea0f57caa002f26ac5e13138920b66a2
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7a864431ec20f276a8f8d6300379b9394d293edf080a4e47f2c7f8ffc98d382c
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
8327b8e8cf877b87688ffc35ac6117b1632c0916e128ee022a8a97a8f53017b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83556e374a8532bd416337334025d17a893977ba869925e7a6d027e89ca8ee0b
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8780b1a6e2364266ca186c7cbf8bdaad698cfebb84d63f8d19d5de3744b442cf
8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da016b06200293e16824fc3902a1635bdb162d8993a6033c7fb044f0b52c2b3
8e243c93e05650e30b9a0452a43e0a2a36010ccffa590c96c2917a2f518e715c
8ee9cda94cba89922d98afd5814c8c5502f71ff2ae88235d9ffaacd3c00f7f6e
8f1310c655588faf022662db268ce663d4e320266162b2f8bc84a687a91232f1
8f32cf48f76572cff6f8a4d3b625fe0cb6d636171d62f36c4efcabe35d8c64e4
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046
92482f69cf8b488f4e0364ce1ead48d89a0bac67ae2d147e7028fd14afb42aae
924c1858e7c0e8ccd848ff5842d73f4fe5f1ba197a8dd245b62e76980f0636d5
93845c8e01fbf1e9111c164cd508bff9480567310557e22686d876037ce82c44
9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4
95346e98c3799b0a4dcbd652c9cbeac6b95ac0c6f065134bfe81a81497ccdf44
9742ad08db82dedf33acd2fe9bea9390d6197e672ccc2a6d3f40d87ed964824c
98299e7fdaea04de37a4a123fd9cef3055d82d786c7d1b31aac0f5d695c81143
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99dbb9172793f46b0040538838e27cbd9126db6df8dc890c486747d6b00c8ade
9ac2998d4e99833ab4417e5b48647d75425a4ea0cb625e0b6ad6f4b5303bb809
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9ec1653dde6d914ae835ee438a1b98eff4dbdac3417c47d55fbb6eed630ef2a7
9f04075a8f74c386680f9f68ddfa07f4d237f2d12453e5b438adefaac9f8d1fd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a12927b85c095cc89c174883aa90c0237337f596166dd9ba33753bcb8d1d0bbf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4fc849a380369d205028b7c6e076f934e44c34b8245f0ca3c4055bce9e556e6
a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8
a5eb51b5d415cb723251bb4fe4632e82437a176a51152f071d3cec99e1ba99df
a6fd348793c16aaf8ad37966e528325582aad94ffbe93729bc6ab51fe9c639f5
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78c4567f3c559f0c9cf1b697ca875fbe45d0abc9534e3fbecf4226d73304bc9
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa0d9012f20be3af5983d14a5107e2d2c0d60b1f4f6a13a14d53f6e3b8cc84ba
aa643a5b66acbe2786ef53b666e30d03dc07944b8bbb2aa1a19a7b55c81f0691
abc1d2a1c394f0b113548fddc57625a04014ec946114242cbfaddfbf9e3ae631
ac343b25f7d83b692cef6d00c10063585d5ce700dc20732ced701de9d643b043
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
aca4f78f6565cf5c888ff9101625789895680f616dd9c2daf62f8396c54a5152
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad29f2f1dd0f3e65be64c8c50673b20671760d7251811b8362da31193aba7625
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b
aee499367f84b43aedd97a2eef055e2892bf736b579ee47e0b39dad9ce2f781c
afb24970f48d7aae6cc543dfed6a1a3df272e2dea2d013eea31110d83db82a19
b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b290faf8254387bdc79ff5096d2e13ab4420efb6f4b369325caed85fdd70543c
b476050bd16f18678b3061ad5e0a1181fce5592005cd9f2e632f97bf677de83a
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4
b5a03eb067faca6c52c15bbadbea7037cef24580119560fd2307d1fe0b01ecb4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbfab80d791a853415a874777184fa442df7d5f61e4da3171bfb5278e16cc6bf
bc9d5e09558279565ec0682c25b6e19e7ba308333de0d5f4b50ca21e8dc6ce83
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bdc5b6285200a4ad876a007b56df59a28638bc6462711033260101d5184f6bc8
bfd4123ab2a2a83c90fd333cd848570b353105c9764cfdecb729db92849fe21b
c0d2bb46c68e084f258f3728375c0351cb47075647142ba7df6f0059ae0b2581
c1aaa55814285881f3a1c66c81ffb6dc823f9baf956b4cdc424b7c33abb306af
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ed4ecefc330034306015d331ef8c362cad5198df653f7e323966e1b329043
c34427a72c83454517d14b31a7ad99d35cd96bd62c69e8e68aa06de14b6858fc
c40a16e0f41f6e30f803e859e3f825d987e1a66a0081f7428697268c47ede09d
c4d10214d66669b2cc88ea8affa688376b10bce29d513a0401f4e44b3b187710
c5018d4b7000cc685a9a98a4b4ff1b1c60c365718bc9d839215373d78be23b50
c6754c3241a18169afee078352f5e11c9c8eec97b9e2fb173f541ce2d07dd210
c6c70bed7988058d1392f5087760bdd959376ef56d9321a0b2c38fa06ca1b1b9
c77a25dbbade2ec24c03f4324157444e2a05ded901bc13176ce3b9fe559718b2
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cb05db2074e85effa58188f0ca4f09827c0aec1d6d1ad0e320495029f31209ba
cb17305d1e2a40e9ad673aa940019676c4a200753ec1b71b50513d6fa73732bd
cce58d4c04c5bc1c3c6cf3687222a843bc8f65c7425d10cb3ade72a7912e49c8
cd456e897b78da5e11de8896786c7224774c71b21f46d04bc65ee6f32b040958
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0ef65994f902570cc0e1e3afbc84bb0be54d4931149a45b34353eeda616900c
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d54b99754769e4c871583c276d4fae52d6fe493fa188ac09027a9deec6c46c7c
d7a18af60149d105e1df041653f4306ba534e6d39ec10c1886ee31644e9306a6
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
da08e3c9ffa013580c65b3b8da2f39f3f866a96408b3df35e7d343d149899847
dab395a64d1a6cba64d52ecd6524989fe041021e28556459c01bdad4123ce60f
daebd145157d7ca1556565519c6dde0a2a5a83987996cf8c6a485b1177a48483
dbeab631703e1b23d7decf6db30a400d75bf9e828200079453fe68ea0b7cbfda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd9d86263e6d1919435eb92f4d26e08fc4a71fa01cb1b8210f06e8697bbaf0da
de172aa4488f78ff6970fb9d8f7b9ae9130312c7ffb49d2e18647f9d563cf464
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e31abfba9498eb99c83e4d738058db4f316f1a3ef6d33e8dbb2cd5cf077096cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5235b9bab8f3e03517428422f94e0cfc8f356ce0089cfc60a0a7032af1825c2
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e6f2aa870878e958ac32046864decbef2b2dfbbc6ff7461b41e5d8d9cd653c04
e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f
eaa270639e4720dbc0aebcb4fab01fda29fd2558d40a43b371c5277c04085239
ed2746ea3b16938fb6bc3ac5543c6c97cb979480aa3f594b669095468649c157
ed4ef2139cd317225ee317868a334ddb6218915eeb808fa9d8017ab6e9dbabdc
edbb94901d3cec29434d8f6437a16a07a545c54c27cbb2e90a4f8c9dfff946db
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09769d783a6f6cd0be02b874c4b7fedfbafbc50b7bfc3438725c459cb127961
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f147d51ca1828989e34d52c0f1353fa5de941a990f82a06635c541276cb3f7d2
f4502544b0f9392899bbadbe1a27f5bbfbb61062e923c62ade252fd6f06c4cf2
f4a1f2dfe79b751c36aca5e01379145e3842614d4363b6384267f0b514abd133
f63578aaca44c74ccd2433797e68d584d2bd4700b5364415361ec36dd664b476
f68f022727f62a1ab9f65add90c9cd182ac485636a913b0a7b2bf373298e3ccd
f797dbc5fa904abe1c9d677401ae6cc44dd102c65466222a8024632a0855b814
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f89bc9410c120f0d1a7f7fdb051799d9cf934545274442fd2f32dd7ec21c7bf2
f967365a2897b82414b800af0b6aeece9e965025c5a71784308ee7dfe32214eb
fae447a5d17a18f722a82ed5bb897ef1b03b86b343284df2b163df49aa171140
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fbe5b18cc265b48f99162c9eef709b443deef937b546d81666812d9215cdad57
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5
fccf89e81758062302f831090978d5a9617276eba4655e7d55e8304d09a7790e
fdae7aa3d6cc6b55e2d58c02b2656789a7b8d4b63f33d847209142c68f3089b1
fdbff22433fc544b6b59137c52403166a36b718bb79d4ceefdf541b1cba95b19
feb017b733b79119e3e7cd79f4bba02ee5eed276736eeb7ef37bf77af899e8c0