vnexpress.net Open in urlscan Pro
111.65.250.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.vnexpress.net/
Effective URL:
https://vnexpress.net/
Submission: On June 04 via api (June 4th 2021, 6:14:12 am UTC) from AU

Summary HTTP 774 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 110 IPs in 15 countries across 78 domains to perform 774 HTTP transactions. The main IP is 111.65.250.2, located in Viet Nam and belongs to FPTONLINE-AS-VN FPT Online JSC, VN. The main domain is vnexpress.net.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on January 21st 2021. Valid for: a year.

This is the only time vnexpress.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	111.65.250.2 111.65.250.2	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	111.65.249.130 111.65.249.130	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
47	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
32	111.65.251.2 111.65.251.2	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
4	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	180.148.129.21 180.148.129.21	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
4	2a00:1450:400... 2a00:1450:4001:803::2010	15169 (GOOGLE) (GOOGLE)
7	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
10	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
13	1.55.119.34 1.55.119.34	18403 (FPT-AS-AP...) (FPT-AS-AP The Corporation for Financing & Promoting Technology)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
5	111.65.249.226 111.65.249.226	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1	180.148.141.233 180.148.141.233	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1	180.148.132.197 180.148.132.197	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
3	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	23.21.224.49 23.21.224.49	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2.16.186.113 2.16.186.113	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1901:0:9... 2600:1901:0:98f7::	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:1... 2600:1901:0:14e5::	15169 (GOOGLE) (GOOGLE)
1	111.65.249.225 111.65.249.225	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2606:4700:e6:... 2606:4700:e6::ac40:c319	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 73	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1 7	2606:4700:20:... 2606:4700:20::681a:b19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	180.148.132.75 180.148.132.75	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1	111.65.249.131 111.65.249.131	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
3	111.65.248.197 111.65.248.197	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3030::ac43:a1fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a02:26f0:6c0... 2a02:26f0:6c00:28a::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
59	54.91.110.216 54.91.110.216	14618 (AMAZON-AES) (AMAZON-AES)
37	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	35.171.145.49 35.171.145.49	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.28.33.202 52.28.33.202	16509 (AMAZON-02) (AMAZON-02)
2	52.1.101.77 52.1.101.77	14618 (AMAZON-AES) (AMAZON-AES)
4 5	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
1	193.122.130.38 193.122.130.38	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
6	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1	13.58.174.102 13.58.174.102	16509 (AMAZON-02) (AMAZON-02)
16	213.19.147.43 213.19.147.43	3356 (LEVEL3) (LEVEL3)
26	18.193.42.157 18.193.42.157	16509 (AMAZON-02) (AMAZON-02)
1	125.212.217.46 125.212.217.46	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
58	52.29.156.139 52.29.156.139	16509 (AMAZON-02) (AMAZON-02)
3 3	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.48.131.173 52.48.131.173	16509 (AMAZON-02) (AMAZON-02)
3	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
52	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
5 18	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
24	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
5	52.57.141.238 52.57.141.238	16509 (AMAZON-02) (AMAZON-02)
26	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
4	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
6	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
4 7	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
5 6	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
11 12	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 6	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
3 3	185.29.133.58 185.29.133.58	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.166 213.155.156.166	1299 (TELIANET ...) (TELIANET Telia Carrier)
21	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 3	52.49.40.147 52.49.40.147	16509 (AMAZON-02) (AMAZON-02)
1 1	162.55.6.210 162.55.6.210	24940 (HETZNER-AS) (HETZNER-AS)
3	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	51.210.112.63 51.210.112.63	16276 (OVH) (OVH)
2 2	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
3 3	52.58.102.227 52.58.102.227	16509 (AMAZON-02) (AMAZON-02)
2 2	52.17.151.21 52.17.151.21	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 1	178.62.202.251 178.62.202.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
1 1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 3	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
1	111.65.248.227 111.65.248.227	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
2	2606:4700:10:... 2606:4700:10::6816:36ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1 1	94.23.73.243 94.23.73.243	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	72.251.241.204 72.251.241.204	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 2	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.190.87 185.64.190.87	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
1 1	52.18.52.16 52.18.52.16	16509 (AMAZON-02) (AMAZON-02)
2 2	2606:4700:303... 2606:4700:3037::6815:18da	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	5.178.65.245 5.178.65.245	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1 1	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
774	110

8 111.65.250.2 (Viet Nam) 1 redirects

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

www.vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 111.65.249.130 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

s.eclick.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 111.65.251.2 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
PTR: mx1.gatemail.vn

s1.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.148.129.21 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

logperf.vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

vcdn1-suckhoe.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scdn.eclick.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vcdn1-kinhdoanh.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vcdn1-giaitri.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

vcdn1-vnexpress.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1cdn.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 1.55.119.34 (Ho Chi Minh City, Viet Nam)

ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN)

octopus-stream01-cads.fpt.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 111.65.249.226 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

adp.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.148.141.233 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

la.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.148.132.197 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

la2.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.224.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-224-49.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.113 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-113.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:98f7:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.hbplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:14e5:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.fuseplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.65.249.225 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

g.eclick.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:e6::ac40:c319 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
user-sync.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

73 37.252.172.36 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:b19 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rtb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-ads.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.148.132.75 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

gw.vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.65.249.131 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

static.eclick.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 111.65.248.197 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

usi-saas.vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9a764399024fdc78cc2fffc302774acb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ae13331e079e874449f5596ea7cebb9a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::ac43:a1fd (United States)

ASN13335 (CLOUDFLARENET, US)

solution.urekamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bd.urekamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 54.91.110.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-110-216.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.171.145.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-145-49.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.33.202 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.1.101.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-101-77.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.197.47.23 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.58.174.102 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-174-102.us-east-2.compute.amazonaws.com

rtb.gamoshi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 18.193.42.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 125.212.217.46 (Ho Chi Minh City, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)

dmp.urekamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 52.29.156.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.52 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.131.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

acds.prod.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 37.157.6.242 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

cdn-ssl.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.57.141.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

trk.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.49 (Frankfurt am Main, Germany) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.131 (United States) 5 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.66 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.58 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.40.147 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.6.210 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.210.6.55.162.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.210.112.63 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3174889.ip-51-210-112.eu

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.126.47 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.102.227 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.151.21 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.202.251 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.65.248.227 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

core.polyad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.44 (United Kingdom) 1 redirects

ASN26120 (RHYTHMONE, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.73.243 (Lisbon, Portugal) 1 redirects

ASN16276 (OVH, FR)

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.137.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Hjørring, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.52.16 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:18da (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dmp.rtbsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.245 (Woerden, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.236 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	adnxs.com 7 redirects ib.adnxs.com secure.adnxs.com acdn.adnxs.com	135 KB
70	aniview.com player.aniview.com track1.aniview.com go1.aniview.com sync.aniview.com	404 KB
66	rubiconproject.com prebid-server.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	53 KB
64	googlesyndication.com pagead2.googlesyndication.com fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com tpc.googlesyndication.com 9a764399024fdc78cc2fffc302774acb.safeframe.googlesyndication.com ae13331e079e874449f5596ea7cebb9a.safeframe.googlesyndication.com	588 KB
64	doubleclick.net securepubads.g.doubleclick.net Failed stats.g.doubleclick.net googleads.g.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net	445 KB
58	googleapis.com storage.googleapis.com ajax.googleapis.com fonts.googleapis.com imasdk.googleapis.com	8 MB
55	vnecdn.net s1.vnecdn.net Failed vcdn1-suckhoe.vnecdn.net vcdn1-vnexpress.vnecdn.net s1cdn.vnecdn.net adp.vnecdn.net la.vnecdn.net la2.vnecdn.net vcdn1-kinhdoanh.vnecdn.net vcdn1-giaitri.vnecdn.net s.vnecdn.net	1 MB
38	google.com 1 redirects www.google.com analytics.google.com adservice.google.com	6 KB
35	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com aud.pubmatic.com simage4.pubmatic.com	69 KB
31	advertising.com 4 redirects pixel.advertising.com ads.adaptv.advertising.com	8 KB
26	2mdn.net s0.2mdn.net	426 KB
26	spotxchange.com 1 redirects sync.search.spotxchange.com search.spotxchange.com	24 KB
19	adform.net 6 redirects adx.adform.net c1.adform.net cm.adform.net	9 KB
17	unrulymedia.com 1 redirects tag.targeting.unrulymedia.com sync.targeting.unrulymedia.com	6 KB
13	fpt.vn octopus-stream01-cads.fpt.vn	133 KB
13	vnexpress.net 1 redirects www.vnexpress.net vnexpress.net logperf.vnexpress.net Failed gw.vnexpress.net usi-saas.vnexpress.net	155 KB
10	googletagservices.com www.googletagservices.com	309 KB
9	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	254 KB
8	yahoo.com 4 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	7 KB
8	vidible.tv acds.prod.vidible.tv cdn-ssl.vidible.tv trk.vidible.tv	111 KB
8	eclick.vn s.eclick.vn Failed scdn.eclick.vn g.eclick.vn static.eclick.vn	283 KB
7	adpone.com 1 redirects rtb.adpone.com eu-ads.adpone.com ads.adpone.com	5 KB
7	openx.net ureka-d.openx.net Failed u.openx.net eu-u.openx.net us-u.openx.net rtb.openx.net	2 KB
7	adxpremium.services rtb.adxpremium.services user-sync.adxpremium.services	8 KB
6	adsrvr.org 5 redirects match.adsrvr.org	3 KB
6	google.de www.google.de adservice.google.de	642 B
5	ampproject.org cdn.ampproject.org	100 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
4	adtelligent.com 1 redirects s.adtelligent.com sync.adtelligent.com	2 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net	1 KB
4	urekamedia.com solution.urekamedia.com bd.urekamedia.com dmp.urekamedia.com	30 KB
4	google-analytics.com www.google-analytics.com Failed	57 KB
4	googletagmanager.com www.googletagmanager.com Failed	182 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	exelator.com 2 redirects loada.exelator.com loadm.exelator.com	2 KB
3	bidr.io 2 redirects match.prod.bidr.io	2 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	1rx.io 2 redirects sync.1rx.io	1 KB
3	criteo.com 1 redirects bidder.criteo.com gum.criteo.com dis.criteo.com	2 KB
2	e-planning.net 1 redirects ads.us.e-planning.net	471 B
2	rtbsrv.com 2 redirects dmp.rtbsrv.com	1 KB
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	1 KB
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	558 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	connectad.io cdn.connectad.io sync-eu.connectad.io	970 B
2	avct.cloud 2 redirects ads.avct.cloud	894 B
2	onaudience.com 1 redirects pixel.onaudience.com	733 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	quantserve.com 2 redirects pixel.quantserve.com	941 B
2	moatads.com z.moatads.com px.moatads.com	44 KB
2	sonobi.com sync.go.sonobi.com	895 B
2	360yield.com 2 redirects ad.360yield.com	722 B
2	criteo.net static.criteo.net	53 KB
2	yandex.ru 1 redirects mc.yandex.ru	69 KB
1	gumgum.com 1 redirects rtb.gumgum.com	337 B
1	playground.xyz 1 redirects ads.playground.xyz	484 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	337 B
1	zeotap.com mwzeom.zeotap.com	490 B
1	contextweb.com 1 redirects bh.contextweb.com	462 B
1	adgrx.com cm.adgrx.com	408 B
1	ad4m.at ad4m.at	900 B
1	erne.co 1 redirects green.erne.co	328 B
1	polyad.net core.polyad.net	508 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	turn.com 1 redirects ad.turn.com	518 B
1	loopme.me 1 redirects csync.loopme.me	212 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	gamoshi.io rtb.gamoshi.io	321 B
1	onetag-sys.com onetag-sys.com	818 B
1	technoratimedia.com sync.technoratimedia.com
1	creativecdn.com prebid-asia.creativecdn.com	175 B
1	fuseplatform.net cdn.fuseplatform.net	78 KB
1	hbplatform.com cdn.hbplatform.com	16 KB
1	sascdn.com ced.sascdn.com	12 KB
1	ipify.org api.ipify.org	229 B
0	simpli.fi Failed um.simpli.fi Failed
774	78

	Domain	Requested by
73	ib.adnxs.com	4 redirects s.eclick.vn player.aniview.com acdn.adnxs.com
59	track1.aniview.com	vnexpress.net player.aniview.com
58	prebid-server.rubiconproject.com	player.aniview.com
52	imasdk.googleapis.com	player.aniview.com imasdk.googleapis.com
42	pagead2.googlesyndication.com	securepubads.g.doubleclick.net vnexpress.net tpc.googlesyndication.com srcdoc www.googletagservices.com
31	s1.vnecdn.net	vnexpress.net s1.vnecdn.net
29	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
26	pubads.g.doubleclick.net	imasdk.googleapis.com
26	s0.2mdn.net	imasdk.googleapis.com
26	ads.adaptv.advertising.com	player.aniview.com cdn-ssl.vidible.tv
24	search.spotxchange.com	player.aniview.com
21	securepubads.g.doubleclick.net	vnexpress.net www.googletagservices.com securepubads.g.doubleclick.net bd.urekamedia.com
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net vnexpress.net fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com cdn.ampproject.org tpc.googlesyndication.com
16	tag.targeting.unrulymedia.com	player.aniview.com
14	simage2.pubmatic.com	ads.pubmatic.com
13	octopus-stream01-cads.fpt.vn	vnexpress.net octopus-stream01-cads.fpt.vn
12	cm.g.doubleclick.net	11 redirects u.openx.net
12	adx.adform.net	player.aniview.com
10	www.googletagservices.com	vnexpress.net securepubads.g.doubleclick.net fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
8	vcdn1-vnexpress.vnecdn.net	vnexpress.net
7	image2.pubmatic.com	ads.pubmatic.com
7	ups.analytics.yahoo.com	4 redirects vnexpress.net
7	www.google.com	1 redirects vnexpress.net securepubads.g.doubleclick.net tpc.googlesyndication.com
7	vnexpress.net	vnexpress.net s1.vnecdn.net
6	c1.adform.net	5 redirects ads.pubmatic.com
6	match.adsrvr.org	5 redirects u.openx.net
6	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com user-sync.adxpremium.services
6	ads.pubmatic.com	player.aniview.com ads.pubmatic.com s.eclick.vn user-sync.adxpremium.services
6	player.aniview.com	solution.urekamedia.com player.aniview.com
5	trk.vidible.tv	vnexpress.net
5	pixel.advertising.com	4 redirects player.aniview.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	rtb.adpone.com	s.eclick.vn
5	rtb.adxpremium.services	s.eclick.vn s.adtelligent.com ads.pubmatic.com
5	mc.yandex.com	2 redirects vnexpress.net
5	adp.vnecdn.net	s1cdn.vnecdn.net s.eclick.vn
5	s.eclick.vn	vnexpress.net s1cdn.vnecdn.net
4	sync-tm.everesttech.net	4 redirects
4	acdn.adnxs.com	player.aniview.com s.eclick.vn
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	vcdn1-suckhoe.vnecdn.net	vnexpress.net
4	storage.googleapis.com	vnexpress.net storage.googleapis.com
4	www.google-analytics.com	vnexpress.net www.google-analytics.com
4	www.googletagmanager.com	vnexpress.net www.googletagmanager.com
3	sync.adtelligent.com	1 redirects s.adtelligent.com
3	x.bidswitch.net	3 redirects
3	match.prod.bidr.io	2 redirects ads.pubmatic.com
3	sync.mathtag.com	3 redirects
3	image6.pubmatic.com	ads.pubmatic.com
3	secure.adnxs.com	3 redirects
3	sync.1rx.io	2 redirects player.aniview.com
3	go1.aniview.com	player.aniview.com
3	encrypted-tbn3.gstatic.com	fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
3	adservice.google.de	securepubads.g.doubleclick.net
3	usi-saas.vnexpress.net	s1.vnecdn.net
3	www.google.de	vnexpress.net
2	ads.us.e-planning.net	1 redirects user-sync.adxpremium.services
2	dmp.rtbsrv.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	visitor.fiftyt.com	2 redirects
2	ads.avct.cloud	2 redirects
2	loada.exelator.com	2 redirects
2	pixel.onaudience.com	1 redirects ads.pubmatic.com
2	image4.pubmatic.com	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	us-u.openx.net	u.openx.net
2	pixel.quantserve.com	2 redirects
2	eu-u.openx.net	u.openx.net
2	user-sync.adxpremium.services	s.eclick.vn user-sync.adxpremium.services
2	u.openx.net	1 redirects s.eclick.vn
2	token.rubiconproject.com	eus.rubiconproject.com
2	cdn-ssl.vidible.tv	acds.prod.vidible.tv player.aniview.com
2	sync.go.sonobi.com	player.aniview.com
2	sync.aniview.com	player.aniview.com
2	ad.360yield.com	2 redirects
2	encrypted-tbn0.gstatic.com	fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
2	static.criteo.net	s.eclick.vn static.criteo.net
2	solution.urekamedia.com	vnexpress.net
2	fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	sync.search.spotxchange.com	1 redirects vnexpress.net
2	analytics.google.com	www.googletagmanager.com
2	mc.yandex.ru	1 redirects vnexpress.net
2	s1cdn.vnecdn.net	vnexpress.net s1.vnecdn.net
1	cm.adform.net	1 redirects
1	simage4.pubmatic.com	ads.pubmatic.com
1	rtb.gumgum.com	1 redirects
1	ads.playground.xyz	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	loadm.exelator.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	match.taboola.com	ads.pubmatic.com
1	trc.taboola.com	1 redirects
1	bh.contextweb.com	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	ad4m.at	ads.pubmatic.com
1	green.erne.co	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	sync-eu.connectad.io	cdn.connectad.io
1	cdn.connectad.io	user-sync.adxpremium.services
1	core.polyad.net	s.vnecdn.net
1	rtb.openx.net	1 redirects
1	s.adtelligent.com	user-sync.adxpremium.services
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	match.adsby.bidtheatre.com	1 redirects
1	ad.turn.com	1 redirects
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	csync.loopme.me	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	1 redirects
1	ads.adpone.com	s.eclick.vn
1	eu-ads.adpone.com	1 redirects
1	s.vnecdn.net	www.googletagmanager.com
1	gum.criteo.com	static.criteo.net
1	px.moatads.com	vnexpress.net
1	z.moatads.com	cdn-ssl.vidible.tv
1	acds.prod.vidible.tv	player.aniview.com
1	dmp.urekamedia.com	vnexpress.net
1	rtb.gamoshi.io	player.aniview.com
1	onetag-sys.com	player.aniview.com
1	sync.technoratimedia.com	player.aniview.com
1	ae13331e079e874449f5596ea7cebb9a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	bd.urekamedia.com	player.aniview.com
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn1.gstatic.com	fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
1	encrypted-tbn2.gstatic.com	fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
1	www.gstatic.com	fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
1	fonts.googleapis.com	fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
1	googleads.g.doubleclick.net	vnexpress.net
1	vcdn1-giaitri.vnecdn.net	vnexpress.net
1	vcdn1-kinhdoanh.vnecdn.net	vnexpress.net
1	9a764399024fdc78cc2fffc302774acb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.eclick.vn	vnexpress.net
1	gw.vnexpress.net	s1.vnecdn.net
1	prebid-asia.creativecdn.com	s.eclick.vn
1	hbopenbid.pubmatic.com	s.eclick.vn
1	bidder.criteo.com	s.eclick.vn
1	g.eclick.vn	scdn.eclick.vn
1	cdn.fuseplatform.net	cdn.hbplatform.com
1	scdn.eclick.vn	s.eclick.vn
1	cdn.hbplatform.com	vnexpress.net
1	ced.sascdn.com	storage.googleapis.com
1	ajax.googleapis.com	storage.googleapis.com
1	api.ipify.org	storage.googleapis.com
1	la2.vnecdn.net	vnexpress.net
1	la.vnecdn.net	s1cdn.vnecdn.net
1	logperf.vnexpress.net	vnexpress.net
1	www.vnexpress.net	1 redirects
0	um.simpli.fi Failed	ads.pubmatic.com
0	ureka-d.openx.net Failed	s.eclick.vn
774	152

This site contains links to these domains. Also see Links.

Domain
e.vnexpress.net
video.vnexpress.net
startup.vnexpress.net
vhome.vnexpress.net
vm.vnexpress.net
vrace.vnexpress.net
diemthi.vnexpress.net
kidlab.vnexpress.net
raovat.vnexpress.net
shop.vnexpress.net
pay.vnexpress.net
vlight.vnexpress.net
eclick.vn
ai4vn.vnexpress.net
www.facebook.com
twitter.com
www.youtube.com
appgallery5.huawei.com
click.google-analytics.com
play.google.com
itunes.apple.com

Subject Issuer	Validity	Valid
*.vnexpress.net GlobalSign GCC R3 DV TLS CA 2020	`2021-01-21` - `2022-02-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.eclick.vn GlobalSign GCC R3 DV TLS CA 2020	`2021-01-21` - `2022-02-22`	a year	crt.sh
*.vnecdn.net Sectigo RSA Domain Validation Secure Server CA	`2019-12-09` - `2022-03-08`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.fpt.vn DigiCert TLS RSA SHA256 2020 CA1	`2021-04-14` - `2022-05-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.sascdn.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
*.cdn.fuseplatform.net R3	`2021-05-30` - `2021-08-28`	3 months	crt.sh
cdn.fuseplatform.net GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-07` - `2021-07-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
rtb.gamoshi.io R3	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
dmp.urekamedia.com R3	`2021-05-08` - `2021-08-06`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
acds.prod.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-01-26` - `2021-07-20`	6 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
cdn-ycs.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-05-17` - `2021-11-10`	6 months	crt.sh
trk.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-02-09` - `2021-08-03`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.onaudience.com Certyfikat SSL	`2021-05-28` - `2022-05-28`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-04-07` - `2021-07-06`	3 months	crt.sh
sync.adtelligent.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
*.polyad.net Sectigo RSA Domain Validation Secure Server CA	`2021-01-22` - `2022-02-22`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
ads.us.e-planning.net R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh

This page contains 140 frames:

Primary Page: https://vnexpress.net/
Frame ID: F3628B10C45E7022C2224B3AAA8B962B
Requests: 435 HTTP requests in this frame

Frame: https://g.eclick.vn/delivery/eclookup.html?fosp_aid=cji599zdy7vhcdc8.1622787229.des&orig_aid=cji599zdy7vhcdc8.1622787229.des&myvne_user_id=0
Frame ID: E592122DA7F7678AC6E51A0E6A93AA2C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvs9-62If5XgzWQhaWtpzHgnTVpBmp2SQyfvZN-EXhBN2E2BfyjR161LrFZpcv71WOA1GXYXnWe5jyXKFyOatUaQdGFbZmisSk3iZhzDCV38BMGwDfdlcS5OSGe--BSz1eEWO3kMpgSI67nAVAvwBu3LwiYp_yXdi8yUYgT-o5NgfeWgm9YIDUgEo5kfLbFyOcQQ1IK9GasndTjYJyGiza6-NTg56OjBcUIxT98m2oR6_CU6wEwxOE4WljmUDH7Yo5CLS5r9Ij0-0qUU04jV2sk9AA-6e8u1VwH2PW8DkCe61mkJQqU7bgBqADQv8WCS2PL3Owp07FUL8C7Obc5&sai=AMfl-YTYamLIvgSAKE8oUlLdre_6v6hCvwv-751Xg76oDWkgaorBMRplm313B1HNQaIC-OXoN56coCY_mwdp7mlCZmqDA7pghvckqcEm91UaqPxxQhCZOz0_CKSMHnAh7pRa&sig=Cg0ArKJSzHHpKzEst5FzEAE&urlfix=1&adurl=
Frame ID: 6DBB78B84EFAA72E55DD1A3E1D734930
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzJ-ieZCQWXCiSb9pL-6vsRqu1A8MEWo5gxgSq0hePWk2AIg2Jd0EmlB-St5LGcE-vonMA5Fq7VND9G-F9A2xU7IlB9nJsN8Ven1TzO9CDHFseii4O2ey3q1oDy5S3IZjG1xPKUsKvCmm5xSK0EfDZcRFu-MnYoGvyMKJcxeEZtf8Ytxj6StAYo80vVc1Zo3YdExBRdslZTufG2AX_5nZ7LjG-jN6t6xq9DDtOyHF50JrvPXIUICUMZhu1u7h90Mzo7w110r2lEiZr00I_AJDuA3RtRMUaEHXAi73_V87IKAhZAosBugegMQHWp_Tyygc&sai=AMfl-YQ0pl5btv_AwpfUAoldUdZEbvwcy9AfQvOKJU0gzQaQTjH8CQ3_XUpJTIJQg4KDObXPB28l2gCTvGKjpU6ldQJweFdilWzFZKG5svM731SPZ1dKAxG2vIJLylaCBkI&sig=Cg0ArKJSzG9MPOu8OABOEAE&adurl=
Frame ID: 84C170A8A7F974388DBA226ED4825E30
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsso4HhnQe1wmU4iWfiqsG5D67STP2eXLQd5OI7IF9ZGFNWeisn73nDCc9GpBKhDfKq9MxsX-jX6qsfH_hJ3TqDilIyGsu-rCIujX2S7rEHb5A_ThrHLiUsd-QcD4mMwVuujxKm2XAJy5YFuWA_9WsIWDlCq6l31plGzeXrLZquaM8tYHADpgu1AoU5Xum2VzM-GfWawwpHEGRk2P1lTN8cXHsLUC9hY2QOe80ZNctNKqcpZyZ9BWCnJV8AI_zGk7WoKCkxQd3jzGbXllnEFzODJIlTbKCDXl_UgPHFdWcM623jWy0qaG8gP8UUQBGxZ2w1-Ia0RleUHMSRBn23m_QOBVXqW&sig=Cg0ArKJSzJe1R61vaA6OEAE&urlfix=1&adurl=
Frame ID: 7279804EC4D1471646B13BB1B2185D89
Requests: 4 HTTP requests in this frame

Frame: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ACD426C7352E2EDF7B46200EB85B6378
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs
Frame ID: D76A9A09EC7C8FFC2265A19CED4B666F
Requests: 16 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Frame ID: 5FAD1D3C9F3C90E250DB252ADF26E7FB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 64B568D174E367D53B275AFC570148B1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 783B60375A0239D6CAF8B507F3766958
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 647BBFAB55FC50D04D22846871FC297F
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrRb2WH7Fc5G1znu65bypttLDEjMfSGLKPLAryWlNbplKABKS6iUFpKc0p9OUJdrPiFD1QlvkulyunBDaQ-mO3q1i04gyGZohh0JkOmoDjLg15vWG5M4dkicO4OJ6N7cXimRxUy4geMCB7IPixR2DDDZScM6CVdwH-YaaWdH1o_f07ms8EG86en7N3xcGWO9AiibP_fiaMzmWjIpXREnwrIZUMAzs7zrTkwwe7XmfhRT1yhFg3ZMEhXZj8bDU2H19SSNWsy5qNPtWHDhG36DCHkOYHoPKyIOoO-JL8u1q3SenK27W284fS18O3UB2Im1zY8kCk_zDJInTspg&sig=Cg0ArKJSzEyjuZePygqvEAE&urlfix=1&adurl=
Frame ID: A79A18728E1E4C8B98243375D63E425D
Requests: 3 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Frame ID: A08590495B9DBDAEBD36EA4DD323B156
Requests: 3 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1622787232412-992337078722-007368-009-000140&biddername=22&key=a13f939c-6e81-4d61-9056-0b6dad7ebd93
Frame ID: 00627371D535860FAB600F287898A8F2
Requests: 1 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: 9C5801F8D07A0CA079AFB923EF9D977F
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1622787232412-992337078722-007368-009-000140&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: 9045BC6CBB0C631D6E03CA67C6E9564B
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D60%26key%3D%5BUID%5D
Frame ID: FBB3C77735837AE247F163AE48218D15
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=
Frame ID: BAC04C67F8F1CF58F1E91241D9B3F799
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 2FBBC556827E2F98D05B3BF6F045A357
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D1%26key%3D
Frame ID: 942376FDC473B2A5769FD58CB570319C
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D200%26key%3D%5BRX_UUID%5D
Frame ID: B26372EAB119E065FCD5E157157D4942
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gamoshi.io/user_sync?bidder=16245&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D71%26pid%3D5ef33c8abcf1750da1720e91%26key%3D%5Bgusr%5D
Frame ID: 02F4CA19966D2CF93A732A4FDED5DD09
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 8E598BD5F2B9329A51662945DEE459B7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D526C16EDF887CE1EB3EE35E07698C86
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A8FACF830F7D7B22283990252DBFF3CE
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1622787232412-992337078722-007368-009-000140&biddername=55&key=5745970665548912630
Frame ID: F229B62CDE64030D041A6F70C1CF12B2
Requests: 1 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1245982&orgId=23089&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=http%3A%2F%2Fvnexpress.net&vrid=6522e6bb-3076-4a0a-8587-7299ce90a5a8&pblob=
Frame ID: 4AEB3ED5FFA70CB024CE0A1B9B87F0BD
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 9AFF7E506708DDE9A53D0E30490A9D38
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: A8B973DA2750746358EF316C4B91602D
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 2316A9E35C24EFD8A0504F9966761A82
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: BAF0D84D47F1EA317FC71456405DB845
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5793692E6F2BC3712E9E28D740737EB2
Requests: 1 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: DA6EA841ADCF0D00BEEC901319341183
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0328B12CAB709C78C534847FED86B3EC
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: E2ED10B05577C8A00E56CEFE4268D4B5
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 17310725FC008F364EE3E5C001CC76DB
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 825BED3ACD8AD79E3A7563C73B3823B2
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: CF0A2E7DFB3D4FDC5BD46F852AB60973
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6AEE3083A62350FEEA2C7DE2315DDB2C
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CE6203FDEA2D31D636137F14A7450379
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D56A387688713E6213C0CE7450E5B67E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AF6BE0FDC32199C0616469146DCC7171
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 38AD866F85985C0516C563F76E909569
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 89A465EEE6013A69C2B369F779CF5A40
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7E4637FB1D3A6F23C088616015576DEE
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: E9FEB4965476DF8A516A29780B502785
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: B72B1DD1800F2A9FB0B893991BA76112
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 625D19B8FE6795D7CFD040C6A6AAAB37
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5003DF0566911A91D74F4E928664A869
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 4D769A23AB170392ACD3E42C79804181
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8E840219493D4F00BD8FD6AC1FF28ABF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=vnexpress.net
Frame ID: 3D6C21CFDD7996DDB0D6BB80E57C10C9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: DCC8FFF27FB666C5C08A161FE9A69DEC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 17AE55E8F37C2C0E0AC5AEC45B52ED7F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: 0694DAE2CF85EB4F477775FE448F1CE1
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1B7623497581F5B35F04BDD596FFB1F2
Requests: 3 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Frame ID: 2F906EBBB1990593707A18D9E0FE8F81
Requests: 4 HTTP requests in this frame

Frame: https://ads.adpone.com/index.html
Frame ID: F75560B139E4D45CC6C95BD7E6A75F35
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2338BB270925CC8E0947A7D5B8FB8BB9
Requests: 21 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=78FB9484-B111-4990-8D9D-2105A54BB762
Frame ID: 429B9A5DE2B2326B66784F2F6ED4A288
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5093725860197012021
Frame ID: CA6C8BD4B686FC29F8B514EEA364CE03
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: 431BCFA161D2A16BE9D9319DB3FBB034
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969818098401867916
Frame ID: 04EB5E63ABB2363EFFB6162068CFB2C2
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 406D68673585838BCAA09A4EEAF4693F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 20798A189C6A6883E51EB5270F4E04E1
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 84B9EC530ABEAD52F085027CB03D99BA
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 3A1BBC53843AA027BA66D5010B94EF42
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: D4B5F3B78255ADF6DA4644C39071C641
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 22FD63C986366D60B0121065EDB86943
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D9226D32345FF1B23639811B6ABA9869
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8A0B0CAB3518D7882FB57F5F347780B4
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=601760
Frame ID: 7BFFCB8C999698A08DCD514D45F9E4BB
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: E4B8BDFD1A3045C931971339241E5685
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: A8FD6A75E1B98F81788E480CE04C9505
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 5AD1C60D4CE50AA5B6FA4DFDCAD16950
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 47C3C90E1EE8E968EBD1C3D0BB6D6590
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 884D41FE02940703DCDEE1A2179C9E7B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 64CABCC32710653E148E0B8C7009516D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: A8E3436B1526C47B2431120D1BD88DC9
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: DDE634D14C90F7574CA6154AE07AC06E
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: CDAA23A1FFB9336E13D70426647C127B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 1DB184357DE76ADBA85B438AF6145508
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 7FEEF92E2022638040D2EC8679A5D688
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6793EF84F82112C3CB7CEC161CD87F86
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 63960AE8DEC652FACA9898964EFFCE32
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 1BDC6868C51B294569528A8303804986
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 793AE80C49B2FEB4C9A0076CC54984CB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 18688A11F5A90B442F954A845D304C39
Requests: 9 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a86525d3-96cb-4a35-a0f1-a1af289b488d-003
Frame ID: 864B4838E787C151A4B53AAA2068BDB5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=j4HhmjXVYB9IeWyJEqNyW6z1
Frame ID: 7A9C3E227D6D9865938580C0CC748A44
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 4AB3D5A9125E24776A488E702726DDFB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: D1561AADF7030DBF661B7CAACC21BD8B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: EED5A38CA99CDA690566097CCF00E911
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=QuBqvr4klGLM&pid=557219
Frame ID: 99471CB2E2526C0F7B8AE406EA047476
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1a574f6b-0906-4dd2-b4f8-b4eb40da7ad1-tuct7b34a23&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: D96B18EBB1A1F24173C6F9C4C7417A1E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=78FB9484-B111-4990-8D9D-2105A54BB762
Frame ID: 3F980AF2947CE86A75C3925342BE9A60
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 3E7AE0B1A4EC126C10ED6D39C58EFC1C
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 3D4B4E3C2EB64F4E533101CD22E323BF
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: D62FCB0175686BFF1C47385484460B02
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: F41C62566FE785C6D70043AA46A51E24
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A868662EAE71CCC2BFB7D1CFFC03E054
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A74447556FB85918C543C21257C83711
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Frame ID: 405D88F220435538EAEA3C6630B5CE6C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Frame ID: 9012F5781A44AB573A7C5D0DD39081C5
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 17C2786292B4477090C54E6ED408F68E
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 7324FAE16EB26301CBBBDBE1FA57C834
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 1F7D5731B26DE117225A77555E5790A9
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 927778F35DC0597EFAC2CE47CE7DD101
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3B579C109CA87D68B6A152C80362BE79
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B113C8E01039FBC53A99A9F9B3C7CA83
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: D94F8F1FCAC49A2B8C6D63C33857F82A
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 8A1D579A20B06EDDBD6B747ED9817C44
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 01102CA0F8102D6634D590AE2F0283E3
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: EE034FE4CAA44F79468AF12FCCD1C656
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DF1F436083CEEADE12EF5FF4032B5B34
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 285206AC7C2C15101811C8FB0AD5A880
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 1DAB75F148A4BDBC6F20586D8DDD9DCD
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 6768B7CD07D543010466C43817F65D82
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: D7C414105C770AA646F07FE9413B459D
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 5ECA9CF64D676E6DB8698E99E46D8893
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1693D6C15F720FCAEC1E0D9438FF410E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0FBE88E503FE70B906D492B3CAC3C708
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 7182C747924C44D54D6D41F1807C9CF7
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 58C00537DD7A71F2F5BEF456956C046F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 190EA3D048627226B13038F0D935445F
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 80B8C92E8D75CE25085041B03D493265
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8E7EA326296851A41A69CBBCB69B7488
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 29939C56BF3988E72808233C4EA7B470
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 8E146424874B1006CCB497161D4FEB5D
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: C2DBEBB5EACAC371ABCB3E8BFB9D4D00
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 1656CE8A763D1276ABC9AF28D48B96D5
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: EC25B292752AE017D616F389ED42167D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9BC820877A79DE3880C4AC297706426E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 97937D456E18CC1503D5C63A5788CE67
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 43D5C2FFF1E9F94B6A1FC4207FECB936
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 014752DC8DE168CA5543F8FE7C9C085D
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 139B847C5077ECF9E550577D0D7ED717
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 2CDC75DE158025C0B13CB0A36724AAED
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 42EC587E2A9E8BB222FACCEEAF74C1F0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 748305D6F5DD633809AC142ACF659015
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.vnexpress.net/ HTTP 301
https://vnexpress.net/ Page URL
https://vnexpress.net/ Page URL

Page Statistics

774
Requests

98 %
HTTPS

40 %
IPv6

78
Domains

152
Subdomains

110
IPs

15
Countries

13324 kB
Transfer

36779 kB
Size

0
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: https://e.vnexpress.net/
Title: International

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/
Title: Video

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/thoi-su
Title: Thời sự

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/nhip-song
Title: Nhịp sống

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/sports-life
Title: Sports Life

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/food
Title: Food

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/cuoc-song-4-0
Title: Cuộc sống 4.0

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/toi-ke
Title: Tôi kể

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/chuyen-nui-rung
Title: Chuyện núi rừng

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/toa-dam-kinh-te
Title: Tọa đàm kinh tế

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/giai-tri
Title: Giải trí

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/du-lich
Title: Du lịch

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/the-gioi
Title: Thế giới

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/phap-luat
Title: Pháp luật

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/kinh-doanh
Title: Kinh doanh

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/khoa-hoc
Title: Khoa học

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/giao-duc
Title: Giáo dục

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/suc-khoe
Title: Sức khỏe

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/kid-lab
Title: Kid-lab

Search URL Search Domain Scan URL

URL: https://startup.vnexpress.net/
Title: Startup

Search URL Search Domain Scan URL

URL: https://vhome.vnexpress.net/?utm_source=VnExpress_Desktop&utm_medium=KinhDoanh_Menu&utm_campaign=DropMenu_Startup
Title: Vhome

Search URL Search Domain Scan URL

URL: https://vm.vnexpress.net/
Title: VM 2021

Search URL Search Domain Scan URL

URL: https://vrace.vnexpress.net/
Title: V-Race

Search URL Search Domain Scan URL

URL: https://diemthi.vnexpress.net/
Title: Điểm thi

Search URL Search Domain Scan URL

URL: https://diemthi.vnexpress.net/diem-chuan-tuyen-sinh-dai-hoc
Title: Tra cứu đại học

Search URL Search Domain Scan URL

URL: https://kidlab.vnexpress.net/
Title: Kid-lab

Search URL Search Domain Scan URL

URL: https://raovat.vnexpress.net/o-to-xe
Title: Mua bán

Search URL Search Domain Scan URL

URL: https://raovat.vnexpress.net/?utm_campaign=VNEXPRESS&utm_source=footer&utm_medium=menu
Title: Rao vặt

Search URL Search Domain Scan URL

URL: https://shop.vnexpress.net/?utm_campaign=VNEXPRESS&utm_source=footer&utm_medium=menu
Title: Shop VnExpress

Search URL Search Domain Scan URL

URL: https://pay.vnexpress.net/
Title: Pay VnExpress

Search URL Search Domain Scan URL

URL: https://vlight.vnexpress.net/
Title: Mua ảnh VnExpress

Search URL Search Domain Scan URL

URL: https://vhome.vnexpress.net/?utm_source=VnExpress_Desktop&utm_medium=Footer_Menu&utm_campaign=Menu_Home_AllFolder
Title: Vhome

Search URL Search Domain Scan URL

URL: https://eclick.vn/lien-he/?utm_source=VNE&utm_medium=CPC_BOX&utm_campaign=LienHeQuangCao
Title: Quảng cáo

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/tin-tuc/thoi-su/khac-nhau-cua-bon-loai-vaccine-covid-19-ve-viet-nam-4288755.html
Title: Khác nhau của bốn loại vaccine Covid-19 về Việt Nam

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/tin-tuc/thoi-su/khac-nhau-cua-bon-loai-vaccine-covid-19-ve-viet-nam-4288755.html#box_comment_vne
Title: 30

Search URL Search Domain Scan URL

URL: https://vhome.vnexpress.net/?utm_source=VnExpress_Desktop&utm_medium=Home_Menu&utm_campaign=HaVien_KinhDoanh
Title: Vhome

Search URL Search Domain Scan URL

URL: https://ai4vn.vnexpress.net/
Title: AI4VN

Search URL Search Domain Scan URL

URL: https://www.facebook.com/congdongvnexpress/

Search URL Search Domain Scan URL

URL: https://twitter.com/VnEnews

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVRqZH5QnrnbMWhElPBD-MQ?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://appgallery5.huawei.com/#/app/C101519049

Search URL Search Domain Scan URL

URL: https://click.google-analytics.com/redirect?tid=UA-41193011-3&url=https%3A%2F%2Fitunes.apple.com%2Fvn%2Fapp%2Fvnexpress-net%2Fid488630446%3Fl%3Dvi%26mt%3D8&aid=net.vnexpress.iphone&idfa={idfa}&cs=google&cm=cpc&anid=admob&hash=md5

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=fr.playsoft.vnexpress&referrer=utm_source%3Dgoogle%26utm_medium%3Dbanner%26anid%3Dadmob

Search URL Search Domain Scan URL

URL: https://appgallery5.huawei.com/#/app/C101530095

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/vn/app/vnexpress-international/id1435726486?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=fo.vnexpress.eng

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.vnexpress.net/ HTTP 301
https://vnexpress.net/ Page URL
https://vnexpress.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.vnexpress.net/ HTTP 301
https://vnexpress.net/

Request Chain 58

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9294.EaMu8WsOP51QbRZQKoB_1gNKe9jyqeCkSJHMEnbXL8k2lmp5Iz8WWkyF5xgIVlAF.F2uNT_MKsJSTMACd8pFCz6PkOzo%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9294.3_5dCfJylpUxoheH782NvQHd6cZZbLvrrXJHDSrp29B_LuFL-8GvfQc2Hw0xdrYv9UcpNZbT4fslS--hE_-lAA%2C%2C.VenbMku1298wZTVZ75DnmBHmjjc%2C

Request Chain 69

https://mc.yandex.com/watch/62978707?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A463%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A551%3Acn%3A1%3Adp%3A0%3Als%3A1506790211772%3Ahid%3A391675299%3Az%3A120%3Ai%3A20210604081349%3Aet%3A1622787230%3Ac%3A1%3Arn%3A5956569%3Au%3A1622787230796261105%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622787228822%3Ads%3A0%2C0%2C413%2C13%2C1%2C0%2C%2C82%2C1%2C%2C%2C%2C499%3Adsn%3A0%2C0%2C412%2C14%2C0%2C0%2C%2C71%2C0%2C%2C%2C%2C499%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622787230%3At%3AVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t HTTP 302
https://mc.yandex.com/watch/62978707/1?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A463%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A551%3Acn%3A1%3Adp%3A0%3Als%3A1506790211772%3Ahid%3A391675299%3Az%3A120%3Ai%3A20210604081349%3Aet%3A1622787230%3Ac%3A1%3Arn%3A5956569%3Au%3A1622787230796261105%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622787228822%3Ads%3A0%2C0%2C413%2C13%2C1%2C0%2C%2C82%2C1%2C%2C%2C%2C499%3Adsn%3A0%2C0%2C412%2C14%2C0%2C0%2C%2C71%2C0%2C%2C%2C%2C499%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622787230%3At%3AVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t

Request Chain 87

https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5 HTTP 302
https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=07d2b414-c4fc-11eb-982b-156973b60106

Request Chain 178

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 234

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1622787232412-992337078722-007368-009-000140&biddername=22&key=a13f939c-6e81-4d61-9056-0b6dad7ebd93

Request Chain 260

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D55%26key%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1622787232412-992337078722-007368-009-000140%2526biddername%253D55%2526key%253D%2524UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1622787232412-992337078722-007368-009-000140&biddername=55&key=5745970665548912630

Request Chain 328

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YLnEoQABT-ehuABg HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=YLnEoQABT-ehuABg&_origin=0&gdpr=0&gdpr_consent=&_test=YLnEoQABT-ehuABg HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YLnEoQABT-ehuABg&_origin=0&gdpr=0&gdpr_consent=&_test=YLnEoQABT-ehuABg&apid=UP09802e5a-c4fc-11eb-8cdb-02770eac6a52

Request Chain 329

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=4c886008-8679-4759-b93a-23cfeaccb530&_origin=1&gdpr=1&gdpr_consent=

Request Chain 330

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP09802e5a-c4fc-11eb-8cdb-02770eac6a52 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP09802e5a-c4fc-11eb-8cdb-02770eac6a52&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAwOTgwMmU1YS1jNGZjLTExZWItOGNkYi0wMjc3MGVhYzZhNTI%3D HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEHzoAV9keNJjYOW1WsIqrp8&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEHzoAV9keNJjYOW1WsIqrp8&google_cver=1&apid=UP09802e5a-c4fc-11eb-8cdb-02770eac6a52

Request Chain 393

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 396

https://eu-ads.adpone.com/ HTTP 301
https://ads.adpone.com/index.html

Request Chain 399

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 412

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=92b660b9-c4a1-4800-ae91-377c5c814a08

Request Chain 413

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1auxqYCvsqLOr-Ojga_-9IWu4aXOq-uigqOg3Det

Request Chain 414

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1864747289177740627

Request Chain 416

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDlhY2ZjMzQtNWNhNC0yMGY0LWY4MzUtMjQ5ZmJiY2VmMmRi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDlhY2ZjMzQtNWNhNC0yMGY0LWY4MzUtMjQ5ZmJiY2VmMmRi&google_tc=

Request Chain 417

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGPaRytZ0_dg12LSogoDndI&google_cver=1

Request Chain 418

https://c1.adform.net/serving/cookie/match?party=14&cid=78FB9484-B111-4990-8D9D-2105A54BB762 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=78FB9484-B111-4990-8D9D-2105A54BB762

Request Chain 419

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5093725860197012021

Request Chain 420

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=

Request Chain 421

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969818098401867916

Request Chain 422

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCRlBVN0JjNGtBQURNSW5NVzBvZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 423

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

Request Chain 424

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ePuUhLERSZCNnSEFpUu3Yg%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ePuUhLERSZCNnSEFpUu3Yg%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 425

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d90f60b9-c4a2-4900-8806-00bb498eb164

Request Chain 426

https://pixel.onaudience.com/?partner=214&mapped=78FB9484-B111-4990-8D9D-2105A54BB762 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9f755fa5ebecbd7bc66a5720fe2dc0da

Request Chain 427

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzhGQjk0ODQtQjExMS00OTkwLThEOUQtMjEwNUE1NEJCNzYy&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzhGQjk0ODQtQjExMS00OTkwLThEOUQtMjEwNUE1NEJCNzYy&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 428

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBSuauW8Fovee9nvF591cQs&google_cver=1

Request Chain 430

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1461932128129215169

Request Chain 431

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c62960b9-c4a2-4000-bb81-e938691d0713&gdpr=0&gdpr_consent=

Request Chain 432

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=53975fcb-e6bd-4ffa-878d-5c11df38f871

Request Chain 433

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2304656518715799563&gdpr=0&gdpr_consent=

Request Chain 435

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=78FB9484-B111-4990-8D9D-2105A54BB762&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=78FB9484-B111-4990-8D9D-2105A54BB762&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XPugLAJE2uXjLqJegGEH30EsA87u0c0-~A&gdpr=0&gdpr_consent=

Request Chain 436

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=C60kuV6pJ7IQqXazX6lr5FuodLUQrX6yXKXCCOfY

Request Chain 437

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=977669bb-6604-4e62-baf6-4e4db0538725&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bac580a2-9d3c-4095-8ecc-a0421c7e4387&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 438

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YLnEogABh8DaSQA4 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLnEogABh8DaSQA4&gdpr=0&gdpr_consent=&_test=YLnEogABh8DaSQA4

Request Chain 439

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8667061566952908037&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 440

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d647f870-dba9-4a4b-a303-31c20067c6e2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 461

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1c1da031-2c4c-4db9-8659-be33f077fe36

Request Chain 462

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2304656518715799563

Request Chain 463

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D HTTP 302
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=e27ec9a2ad420ea2

Request Chain 518

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2301299599 HTTP 302
https://sync.1rx.io/usersync/tradedesk/53975fcb-e6bd-4ffa-878d-5c11df38f871 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-a86525d3-96cb-4a35-a0f1-a1af289b488d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-a86525d3-96cb-4a35-a0f1-a1af289b488d-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a86525d3-96cb-4a35-a0f1-a1af289b488d-003

Request Chain 519

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=j4HhmjXVYB9IeWyJEqNyW6z1

Request Chain 522

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 523

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=QuBqvr4klGLM&pid=557219

Request Chain 524

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1a574f6b-0906-4dd2-b4f8-b4eb40da7ad1-tuct7b34a23&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 526

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=78FB9484-B111-4990-8D9D-2105A54BB762&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=78FB9484-B111-4990-8D9D-2105A54BB762&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=78FB9484-B111-4990-8D9D-2105A54BB762&addseg=19,36,42

Request Chain 527

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=78FB9484-B111-4990-8D9D-2105A54BB762&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=78FB9484-B111-4990-8D9D-2105A54BB762&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 530

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 531

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2304656518715799563

Request Chain 532

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_47eaa6d1-b8e2-4c0f-b373-54d8d91571b8

Request Chain 561

https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D HTTP 302
https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=SVVy1AR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9FcIQNBA HTTP 302
https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=2304656518715799563&mpk=SVVy1AR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9FcIQNBA HTTP 302
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=2304656518715799563

Request Chain 562

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID

Request Chain 566

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://rtb.adxpremium.services/setuid?bidder=adform&gdpr=1&gdpr_consent=&uid=1461932128129215169

774 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
vnexpress.net/
Redirect Chain

http://www.vnexpress.net/
https://vnexpress.net/

182 KB
37 KB

931ms
242ms

Document
text/html

111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

677whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: vnexpress.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:48 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: device_env=4; Expires=Fri, 04 Jun 2021 14:13:48; Domain=.vnexpress.net; Path=/
v-cache: VNE4
cache-control: max-age=60, stale-while-revalidate=6, stale-if-error=864000, private
etag: W/"824c2df6b189b00eff29153749a685dd"
server: 677whgldd10bf7c7468e873e79ba2ad139
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

Date: Fri, 04 Jun 2021 06:13:47 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://vnexpress.net/
Server: 777whgldd10bf7c7468e873e79ba2ad139
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET eclick.js
s.eclick.vn/delivery/ 0
0

GET
H2 200 gpt.js
www.googletagservices.com/tag/js/ 62 KB
21 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "892 / 220 of 1000 / last-modified: 1622758284"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21347
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:48 GMT

GET dfpbrand.js
s.eclick.vn/delivery/dfp/ 0
0

GET prebid.js
s.eclick.vn/delivery/dfp/ 0
0

GET gpt.js
securepubads.g.doubleclick.net/tag/js/ 0
0

GET ov_pc_vne_home_home.js
s.eclick.vn/delivery/dfp/ 0
0

GET 1000000.js
s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/blocks/site/ 0
0

GET gtm.js
www.googletagmanager.com/ 0
0

GET analytics.js
www.google-analytics.com/ 0
0

GET
H2 200 Primary Request / Show response
vnexpress.net/ 182 KB
37 KB 414ms
413ms Document
text/html 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

677whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

291586dcbfa372a7d476a30b58f5233a78cb2e3146aca09d6d1d615df0eb1e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: vnexpress.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: device_env=4; sw_version=1; _efr=1622787180000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

date: Fri, 04 Jun 2021 06:13:48 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
v-cache: VNE4
cache-control: max-age=60, stale-while-revalidate=6, stale-if-error=864000, private
etag: W/"824c2df6b189b00eff29153749a685dd"
server: 677whgldd10bf7c7468e873e79ba2ad139
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

GET perf
logperf.vnexpress.net/ 0
0

GET
H2 200 eclick.js Show response
s.eclick.vn/delivery/ 537 B
582 B 516ms
218ms Script
application/x-javascript 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/delivery/eclick.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_46 /
Resource Hash: 6f95aa4d0f7e2770465337f912f435d712d620a0b4458d2c0afb3f1644ca72ba

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:49 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 04:38:42 GMT
server: FPT-static_eclick_141_46
etag: W/"60a5e7d2-219"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=0, static_eclick_141_46,no-cache
expires: Fri, 04 Jun 2021 06:13:49 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d3b1e91595e00d961f95eee4229b527cb8790f1e5718734ea0c85ffb69471cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "892 / 309 of 1000 / last-modified: 1622758284"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21373
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:49 GMT

GET
H2 200 dfpbrand.js Show response
s.eclick.vn/delivery/dfp/ 69 KB
70 KB 1134ms
850ms Script
application/javascript 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/delivery/dfp/dfpbrand.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_46 /
Resource Hash: 50f279761c523938ab4343556f143bb1ac4bd3874aa2c4e95b6d3b4ae5f5fab6

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: FOL
date: Fri, 04 Jun 2021 06:13:49 GMT
last-modified: Thu, 03 Jun 2021 03:42:25 GMT
server: FPT-static_eclick_141_46
etag: "60b84fa1-115c9"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
content-length: 71113
expires: Fri, 04 Jun 2021 07:13:49 GMT

GET
H2 200 prebid.js Show response
s.eclick.vn/delivery/dfp/ 291 KB
91 KB 714ms
430ms Script
application/x-javascript 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/delivery/dfp/prebid.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_46 /
Resource Hash: 4b9567f947e6f537c8c6858b78d5f31598d63aeb8e9013709494ce3a22fca803

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:49 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 03:58:02 GMT
server: FPT-static_eclick_141_46
etag: W/"6046f24a-48d9c"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
expires: Fri, 04 Jun 2021 07:13:49 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 71ms
35ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

5d3b1e91595e00d961f95eee4229b527cb8790f1e5718734ea0c85ffb69471cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "892 / 321 of 1000 / last-modified: 1622758284"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21373
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:49 GMT

GET
H2 200 ov_pc_vne_home_home.js Show response
s.eclick.vn/delivery/dfp/ 106 KB
106 KB 1133ms
850ms Script
application/javascript 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_46 /
Resource Hash: cd7f7ccc5bd9430069c8ab0ee21279ef536cd7a6f25f266fec86655468393280

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: FOL
date: Fri, 04 Jun 2021 06:13:49 GMT
last-modified: Fri, 28 May 2021 09:25:46 GMT
server: FPT-static_eclick_141_46
etag: "60b0b71a-1a78f"
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
content-length: 108431
expires: Fri, 04 Jun 2021 07:13:49 GMT

GET
H2 200 1000000.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/blocks/site/ 155 KB
33 KB 1180ms
431ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/blocks/site/1000000.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 1406d6721214263c0df42d8a2be9ec16531dacc36403dc3054997ea856dabab7

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 04:10:43 GMT
etag: W/"60adca43-26ac9"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 310 KB
52 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25d92c816baee223df1fc4f7f23b40e96e897474f0c28457d5ce7b93ba1da18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53556
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3746
date: Fri, 04 Jun 2021 05:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 04 Jun 2021 07:11:23 GMT

GET
H/1.1 200
OK perf
logperf.vnexpress.net/ 0
0 1254ms
458ms Image
text/html 180.148.129.21
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logperf.vnexpress.net/perf?lt=0&dclt=0&sr=0&url=vne_reload&iscache=0&device_env=4&domain=vnexpress.net&timeserver=1622787180000&timecookie=1622787180000&timeclient=1622805229000&action=no_reload
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 180.148.129.21 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 avmLibrary.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/library/ 16 KB
17 KB 317ms
282ms Script
text/javascript 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 434762a76dfd6af3bdeeb1f2de8dad923633467deb93e7c15ac71cd87e5b99df

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:49 GMT
content-encoding
age: 0
x-guploader-uploadid: ABg5-Uy6Jsy8RdJeeKu3AzZOPrBZZlG6QG4N0BJ1Fdyt3rm4GBSb6aGcxpUnLZ75UVLOSHu5SK5KBjtqHoOi8fz5BQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 1
x-goog-stored-content-encoding
content-disposition
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16656
x-goog-meta-
last-modified: Tue, 11 Aug 2020 07:31:10 GMT
server: UploadServer
etag: "9dfc4ebc8c94abdb09c9fb98143eff5e"
x-goog-hash: crc32c=61K1/A==, md5=nfxOvIyUq9sJyfuYFD7/Xg==
content-language
x-goog-generation: 1597131070573686
cache-control: public, max-age=60
x-goog-stored-content-length: 16656
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 04 Jun 2021 06:14:49 GMT

GET
H2 200 general-file.css
s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/ 117 KB
21 KB 972ms
221ms Stylesheet
text/css 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/general-file.css
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: da08e3c9ffa013580c65b3b8da2f39f3f866a96408b3df35e7d343d149899847

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 04:52:12 GMT
etag: W/"60af257c-1d4d4"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 vod.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/ 1 KB
779 B 1381ms
640ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/vod.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 5429c9d50e6222c5a8082411c59146871a585b8eadc84a9d7843ec0953274ef3

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:32 GMT
etag: W/"60934550-446"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 logo.svg
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 5 KB
5 KB 1166ms
431ms Image
image/svg+xml 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/logo.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: cd456e897b78da5e11de8896786c7224774c71b21f46d04bc65ee6f32b040958

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
last-modified: Thu, 06 May 2021 01:23:20 GMT
etag: "60934508-13b6"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5046
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 banner_tiepsuc_tamdich_home_pc.jpg
s1.vnecdn.net/vnexpress/restruct/i/v391/banner/ 73 KB
73 KB 363ms
363ms Image
image/jpeg 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/i/v391/banner/banner_tiepsuc_tamdich_home_pc.jpg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 0c84cf92322d1cced22a12ae95bb96fb0758c950f9fde7476934ec5915787005

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
last-modified: Sat, 08 May 2021 07:41:49 GMT
etag: "609640bd-12419"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 74777
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 icon-vne.svg Show response
s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/images/graphics/ 57 KB
57 KB 970ms
216ms XHR
image/svg+xml 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/images/graphics/icon-vne.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 45b83f6b6a8fc5a941655b074f10b26bc4dfca4035c372326e1dba7307c82c43

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
last-modified: Thu, 06 May 2021 01:23:00 GMT
etag: "609344f4-e3ec"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 58348
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 category.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/config/ 42 KB
9 KB 567ms
566ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/config/category.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 82164fb5aefd701319705aaf466529fb2ac1a91e6219bced5c1d02b594efba75

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 08:21:53 GMT
etag: W/"60b89121-a959"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 fonts.css
s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/webfonts/ 971 B
521 B 1159ms
430ms Stylesheet
text/css 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/webfonts/fonts.css
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: d54b99754769e4c871583c276d4fae52d6fe493fa188ac09027a9deec6c46c7c

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:23:00 GMT
etag: W/"609344f4-3cb"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 2-1622781813-3965-1622781897.jpg
vcdn1-suckhoe.vnecdn.net/2021/06/04/ 56 KB
56 KB 341ms
17ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-suckhoe.vnecdn.net/2021/06/04/2-1622781813-3965-1622781897.jpg?w=680&h=408&q=100&dpr=1&fit=crop&s=ZL6IwDKqANVQG7VcA_l-xw
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 626bbb4ffad79dc1bb295cefb5cca07ab811e5c79ad9651b72c39561d237bb74

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:49 GMT
last-modified: Fri, 04 Jun 2021 04:47:46 GMT
server: keycdn-engine
link: <http://i1-suckhoe.vnecdn.net/2021/06/04/2-1622781813-3965-1622781897.jpg?w=680&h=408&q=100&dpr=1&fit=crop&s=ZL6IwDKqANVQG7VcA_l-xw>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 57066
expires: Sat, 04 Jun 2022 12:02:49 GMT

GET
H2 200 ngothiphuonglepng-1527792998.png
vcdn1-vnexpress.vnecdn.net/2018/06/01/ 17 KB
18 KB 28ms
6ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2018/06/01/ngothiphuonglepng-1527792998.png?w=100&h=100&q=100&dpr=1&fit=crop&s=9U-LZyiOsvZ4TyiBWkd_kg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 757319d72d19e7b6cb63668eae4b99a71034b21823786c4efce125f8de370b5d

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:49 GMT
x-edge-location: defr
x-cache: MISS, HIT
content-length: 17597
x-shield: active
last-modified: Thu, 03 Jun 2021 12:18:53 GMT
server: keycdn-engine
x-handle: 242-19
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/png
link: <http://i1-vnexpress.vnecdn.net/2018/06/01/ngothiphuonglepng-1527792998.png?w=100&h=100&q=100&dpr=1&fit=crop&s=9U-LZyiOsvZ4TyiBWkd_kg>; rel="canonical"
expires: Sat, 04 Jun 2022 12:02:49 GMT

GET
H2 200 sinopharm-1622773956-9795-1622773961.jpg
vcdn1-suckhoe.vnecdn.net/2021/06/04/ 8 KB
9 KB 333ms
12ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-suckhoe.vnecdn.net/2021/06/04/sinopharm-1622773956-9795-1622773961.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=-nzXfjDxfa-AU4Lhbk90Ow
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: ed87b0dd26c35d91acc05af619eb30a77f9580500ecc6d6cea465c5f2cd1a534

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:49 GMT
last-modified: Fri, 04 Jun 2021 02:33:15 GMT
server: keycdn-engine
link: <http://i1-suckhoe.vnecdn.net/2021/06/04/sinopharm-1622773956-9795-1622773961.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=-nzXfjDxfa-AU4Lhbk90Ow>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 8273
expires: Sat, 04 Jun 2022 12:02:49 GMT

GET
H2 200 lazyload.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/ 10 KB
4 KB 567ms
566ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/lazyload.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: e5235b9bab8f3e03517428422f94e0cfc8f356ce0089cfc60a0a7032af1825c2

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:31 GMT
etag: W/"6093454f-27d4"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 home.defer.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/modules/ 35 KB
11 KB 567ms
566ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/modules/home.defer.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 6419c8923bcd1a5e445edcbc8b321f47851f1df786aae1b8a337d75d47c79702

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 04:51:15 GMT
etag: W/"60b85fc3-8c43"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H3-29 200 pubads_impl_2021060301.js Show response
securepubads.g.doubleclick.net/gpt/ 312 KB
109 KB 56ms
29ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Jun 2021 08:37:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112073
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:49 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 119 KB
46 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06cc3d19bf2b158e26fb13dc2d0e5459ade5762868b0d4b5ddac3cbbe2a882f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46778
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:49 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 120 KB
46 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83943b7860887d42283f38d38ba313f207ec1c32b3fd45fd89d08507f17c50bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46841
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:49 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
86 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-50285069-28&cid=946823756.1622787229&jid=1586533226&gjid=1380556773&_gid=1114537071.1622787229&_u=aGDAgEABAAAAAE~&z=102735638

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 04 Jun 2021 06:13:49 GMT
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 103 KB
38 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-P5FWR6V&t=gtm9&cid=946823756.1622787229

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14ec0fdecdcf147cba1354c6eccec7908d10a3b44b87c6bdbbd6267b9e5bdb8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38526
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:49 GMT

GET
H2 200 ea3.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ 36 KB
14 KB 16ms
6ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 2158f6295fd6de1f85e8230b955e5707d717af210d28722ba3f194e9a07f5b12

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:49 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Wed, 14 Apr 2021 07:38:01 GMT
server: keycdn-engine
etag: W/"60769bd9-8e99"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js>; rel="canonical"
expires: Sat, 04 Jun 2022 12:02:49 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 217 KB
69 KB 45ms
45ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

472c14b69dab114052924354027353019f4c1e5372c1c28be768be17b227192e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:49 GMT
content-encoding: br
last-modified: Thu, 03 Jun 2021 20:58:15 GMT
etag: "60b77459-113b0"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 70576
expires: Fri, 04 Jun 2021 07:13:49 GMT

GET
H/1.1 200
OK cdp.js Show response
octopus-stream01-cads.fpt.vn/ 128 KB
129 KB 885ms
222ms Script
application/javascript 1.55.119.34
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: b476050bd16f18678b3061ad5e0a1181fce5592005cd9f2e632f97bf677de83a

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:13:50 GMT
Last-Modified: Wed, 19 May 2021 07:24:28 GMT
Server: nginx
ETag: "60a4bd2c-20170"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 131440

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=130940412&t=pageview&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEAB~&jid=1586533226&gjid=1380556773&cid=946823756.1622787229&tid=UA-50285069-28&_gid=1114537071.1622787229&gtm=2wg621N3FNJF&cg1=Home&cg4=Home&cd1=1000000&cd8=Home&cd17=No&cd19=Web&cd22=1&cd24=0&cd27=Home&cd37=&cd55=946823756.1622787229&z=256692596

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Jun 2021 15:46:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52061
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
118 B 29ms
28ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-50285069-28&cid=946823756.1622787229&jid=1586533226&_u=aGDAgEABAAAAAE~&z=543142376

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-50285069-28&cid=946823756.1622787229&jid=1586533226&_u=aGDAgEABAAAAAE~&z=543142376

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bad.js Show response
s.eclick.vn/ 17 B
258 B 814ms
814ms Script
application/x-javascript 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/bad.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_46 /
Resource Hash: ed4ef2139cd317225ee317868a334ddb6218915eeb808fa9d8017ab6e9dbabdc

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:49 GMT
content-encoding: gzip
last-modified: Sun, 09 Aug 2020 14:01:42 GMT
server: FPT-static_eclick_141_46
etag: W/"5f3001c6-11"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
expires: Sat, 05 Jun 2021 06:13:49 GMT

GET
H/1.1 200
OK syncuser Show response
adp.vnecdn.net/ 110 B
886 B 981ms
229ms XHR
application/json 111.65.249.226
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://adp.vnecdn.net/syncuser?fosp_aid=cji599zdy7vhcdc8.1622787229.des&orig_aid=cji599zdy7vhcdc8.1622787229.des&myvne_user_id=0
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.226 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 5498c97ef258d3703a0d206ef1a06404e928092a5869309ff52123a91051c993

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:13:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 04 Jun 2021 13:13:50 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With

GET
H/1.1 200
OK get Show response
la.vnecdn.net/ 288 B
474 B 1235ms
237ms Script
application/javascript 180.148.141.233
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://la.vnecdn.net/get?action_name=vnexpress.net%2FVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&idsite=6&rec=1&r=610276&h=8&m=13&s=49&url=https%3A%2F%2Fvnexpress.net%2F&urlref=https%3A%2F%2Fvnexpress.net%2F&_id=dcfb7c3c6ea3063e&_idts=1622787229&_idvc=1&_idn=1&_refts=0&_viewts=1622787229&cvar=%7B%222%22%3A%5B%22tt_category_id%22%2C%221000000%22%5D%2C%223%22%3A%5B%22tt_article_id%22%2C%221000000%22%5D%2C%226%22%3A%5B%22keyword%22%2C%22VnExpress%2C%20tin%20t%E1%BB%A9c%2C%20tin%20the%20gioi%2C%20tin%20nhanh%2C%20tin%20tuc%20viet%20nam%2C%20doc%20bao%20VnExpress%20tin%20t%E1%BB%A9c%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20-%20Th%C3%B4ng%20tin%20nhanh%20%26%20ch%C3%ADnh%20x%C3%A1c%20%C4%91%C6%B0%E1%BB%A3c%20c%E1%BA%ADp%20nh%E1%BA%ADt%20h%C3%A0ng%20gi%E1%BB%9D.%20%C4%90%E1%BB%8Dc%20b%C3%A1o%20tin%20t%E1%BB%A9c%20online%20Vi%E1%BB%87t%20Nam%20%26%20Th%E1%BA%BF%20gi%E1%BB%9Bi%20n%C3%B3ng%20%22%5D%7D&cookie=1&res=1600x1200&_cvar=%7B%224%22%3A%5B%22fosp_aid%22%2C%22cji599zdy7vhcdc8.1622787229.des%22%5D%7D&gt_ms=426&fosp_id=cji599zdy7vhcdc8.1622787229.des
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 180.148.141.233 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: /
Resource Hash: fe8eb198a315d2b2646e15b00d02bcb13d98ca5267b5a46744397e8ad07e674e

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/javascript
Content-Length: 288
P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE IND PHY ONL COM NAV OTC NOI DSP COR IDC'

GET
H/1.1 204
No Content get
la2.vnecdn.net/ 0
197 B 704ms
231ms Image
text/plain 180.148.132.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://la2.vnecdn.net/get?app_id=100&ss_id=0&pg_id=f3f12c5ec53cea8628991893ccb6bc41&site_id=1000000&page_type=1&idsite=1000000&type=site&fid=1000000&aid=1000000&fosp_aid=cji599zdy7vhcdc8.1622787229.des&orig_aid=cji599zdy7vhcdc8.1622787229.des&fosp_country=&fosp_gender=&fosp_ip=&fosp_isp=&fosp_zone=&fosp_location=&adblock=0&myvne_user_id=0&referrer=https%3A%2F%2Fvnexpress.net%2F&url=https%3A%2F%2Fvnexpress.net%2F&publication=&author=&article_type=&wordcount=&list_folder=1000000&vn_source=&vn_medium=&vn_campaign=&vn_term=&vn_content=&utm_source=&utm_medium=&utm_campaign=&utm_term=&utm_content=&index_topic=0&index_format=0&index_type=&r=0.9696367236332473&v=0809&action=pv
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 180.148.132.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FT /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 04 Jun 2021 06:13:50 GMT
Cache-Control: no-cache
Server: FT
Connection: keep-alive
Expires: Fri, 04 Jun 2021 06:13:49 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 27ms
26ms Ping
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-DQJ7NF9DN2&gtm=2oe621&_p=130940412&sr=1600x1200&_gaz=1&ul=en-us&cid=946823756.1622787229&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&dr=https%3A%2F%2Fvnexpress.net%2F&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sid=1622787229&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 collect
stats.g.doubleclick.net/g/ 0
17 B 40ms
19ms Ping
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DQJ7NF9DN2&cid=946823756.1622787229&gtm=2oe621&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 51ms
49ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DQJ7NF9DN2&cid=946823756.1622787229&gtm=2oe621&aip=1&z=1684736111

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
135 B 26ms
25ms Ping
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-57577CKS2C&gtm=2oe621&_p=130940412&sr=1600x1200&_gaz=1&ul=en-us&cid=946823756.1622787229&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&dr=https%3A%2F%2Fvnexpress.net%2F&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sid=1622787229&sct=1&seg=0&en=page_view&_fv=2&_ss=1&_c=1&ep.vn_segment=%7Bvn_segment%7D%7D&up.page_category=Home&up.page_category_id=1000000&up.page_subcategory_id=&up.page_type=Home&up.page_platform=Web&up.user_logged_in=No
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 collect
stats.g.doubleclick.net/g/ 0
17 B 26ms
19ms Ping
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-57577CKS2C&cid=946823756.1622787229&gtm=2oe621&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 50ms
48ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-57577CKS2C&cid=946823756.1622787229&gtm=2oe621&aip=1&z=630405845

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-169340704-1&cid=946823756.1622787229&jid=1017813775&gjid=1692034816&_gid=1114537071.1622787229&_u=aGDAgEADQAAAAE~&z=1441204251

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 04 Jun 2021 06:13:49 GMT
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=130940412&t=pageview&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQAAAAE~&jid=1017813775&gjid=1692034816&cid=946823756.1622787229&tid=UA-169340704-1&_gid=1114537071.1622787229&gtm=2wg621N3FNJF&cg1=Home&cg4=Home&cd1=1000000&cd2=Home&cd3=&cd5=Home&cd6=Web&cd55=946823756.1622787229&z=508566631

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Jun 2021 15:46:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52061
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9294.EaMu8WsOP51QbRZQKoB_1gNKe9jyqeCkSJHMEnbXL8k2lmp5Iz8WWkyF5xgIVlAF.F2uNT_MKsJSTMACd8pFCz6PkOzo%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9294.3_5dCfJylpUxoheH782NvQHd6cZZbLvrrXJHDSrp29B_LuFL-8GvfQc2Hw0xdrYv9UcpNZbT4fslS--hE_-lAA%2C%2C.VenbMku1298wZTVZ75DnmBHmjjc%2C

75 B
75 B

45ms
45ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9294.3_5dCfJylpUxoheH782NvQHd6cZZbLvrrXJHDSrp29B_LuFL-8GvfQc2Hw0xdrYv9UcpNZbT4fslS--hE_-lAA%2C%2C.VenbMku1298wZTVZ75DnmBHmjjc%2C

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:49 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9294.3_5dCfJylpUxoheH782NvQHd6cZZbLvrrXJHDSrp29B_LuFL-8GvfQc2Hw0xdrYv9UcpNZbT4fslS--hE_-lAA%2C%2C.VenbMku1298wZTVZ75DnmBHmjjc%2C
date: Fri, 04 Jun 2021 06:13:49 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 45ms
45ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:49 GMT
last-modified: Thu, 03 Jun 2021 20:58:15 GMT
etag: "60b77459-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Jun 2021 07:13:49 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 45 B
229 B 400ms
101ms Script
application/javascript 23.21.224.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=adAsiaTM.writeIpData
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.224.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-224-49.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: cfd8d4e3f8de816bd53eb22bc272ade620d73bfcba29b43f442a386c89ddd1a9

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:13:50 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 45
Vary: Origin
Content-Type: application/javascript

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
94 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 23:24:35 GMT
x-content-type-options: nosniff
age: 24555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95931
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jun 2022 23:24:35 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/2060/ 35 KB
12 KB 82ms
25ms Script
application/javascript 2.16.186.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/2060/smart.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-113.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f4a1f2dfe79b751c36aca5e01379145e3842614d4363b6384267f0b514abd133

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:13:50 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=154
Content-Length: 12553
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8

GET
H3-29 200 atmSticky.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/library/ 6 KB
6 KB 36ms
9ms Script
application/javascript 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/atmSticky.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 57b34107b8f7999e55b91489c92d84cb8b966dc48efaf173ea6e3333b39ef1c9

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:17 GMT
age: 1172
x-guploader-uploadid: ABg5-UxhGAyqlSdYHx6hkZTtmtnAbFEo8Q2GsIvgPHWqip8NkVre4LE5uLRr78Pnfabr5Ix_vlOnc5_woowMS7SmbLM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
last-modified: Fri, 24 Aug 2018 08:30:39 GMT
server: UploadServer
etag: "0f158b74b82b73279189624ff4bee981"
x-goog-hash: crc32c=HUYPNw==, md5=DxWLdLgrcyeRiWJP9L7pgQ==
x-goog-generation: 1535099439593447
cache-control: public, max-age=31536000
x-goog-stored-content-length: 6232
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 04 Jun 2022 05:54:17 GMT

GET
H3-29 200 domain.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/config/ 11 KB
11 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/config/domain.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 693fbd0ab5fc53069137459b79a060d087dc2a1ce0c5e13277297799a38ce621

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:49:57 GMT
age: 1432
x-guploader-uploadid: ABg5-UxVI-w0YLaR3jwzXiHuzXRXAbfmVCF1zudFqo0ppMbZU7B1HsZW--B33VYAloZ83q7I75U0C4wz3B0ysLG-WrE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11525
last-modified: Tue, 27 Oct 2020 09:28:39 GMT
server: UploadServer
etag: "9ea740f3ffa53339fa0a55540ed53fd8"
x-goog-hash: crc32c=IZZ5fQ==, md5=nqdA8/+lMzn6ClVUDtU/2A==
x-goog-generation: 1603790919481748
cache-control: public, max-age=3600
x-goog-stored-content-length: 11525
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 04 Jun 2021 06:49:57 GMT

GET
H3-29 200 vn_block_keywords.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/config/ 97 B
124 B 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/config/vn_block_keywords.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bbfab80d791a853415a874777184fa442df7d5f61e4da3171bfb5278e16cc6bf

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:45:15 GMT
age: 1714
x-guploader-uploadid: ABg5-UxjxHxzE0OA88qr02QgABTpTLJ3uXvzm3qNGlC8rSLMd3yrmbd2E42iMEPsqjXfoq63q28a-eS7OFPEAAb1cJg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97
last-modified: Tue, 20 Aug 2019 03:10:31 GMT
server: UploadServer
etag: "9ab805e8e5990ef2f6e5490772bebde8"
x-goog-hash: crc32c=yqWvcg==, md5=mrgF6OWZDvL25UkHcr696A==
x-goog-generation: 1566270631279906
cache-control: public, max-age=3600
x-goog-stored-content-length: 97
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 04 Jun 2021 06:45:15 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
38 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KJGNLDW&l=adAsiaDataLayer

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c68bcc46dd3611e973e651a6c7dfa131a61468552cee3870c9bf9b207ab1839a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39190
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:49 GMT

GET
H2 200 adasia.js Show response
cdn.hbplatform.com/adasia/tags/2/1121/ 53 KB
16 KB 41ms
6ms Script
application/javascript 2600:1901:0:98f7::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hbplatform.com/adasia/tags/2/1121/adasia.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:98f7:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8327b8e8cf877b87688ffc35ac6117b1632c0916e128ee022a8a97a8f53017b1

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:49:16 GMT
content-encoding: gzip
age: 1474
x-guploader-uploadid: ABg5-UxJVdl2G-crHSsnATbsO47mpouMjRBTn2nAb_YvI0Twp6FqpwI5dJzRLMH0wKRiGgu35dSD17c3jvXn6vaVa5El0fwGrA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 15806
last-modified: Wed, 02 Jun 2021 03:51:13 GMT
server: UploadServer
etag: "2cc0fc6e4711fb90a33fd00f5ac57395"
vary: Accept-Encoding
x-goog-hash: crc32c=p/At9g==, md5=LMD8bkcR+5CjP9APWsVzlQ==
x-goog-generation: 1622605873646236
cache-control: public, max-age=1800
x-goog-stored-content-length: 15806
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
expires: Fri, 04 Jun 2021 06:19:16 GMT

GET
H2 200 adsbyeclick.js Show response
scdn.eclick.vn/delivery/asset/324297083/ 25 KB
10 KB 30ms
7ms Script
application/x-javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.eclick.vn/delivery/asset/324297083/adsbyeclick.js
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/eclick.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: fdef617a43d55e729cf502763d6f83b4db3e916ef26999422227c2564a30c9e6

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 04:37:20 GMT
server: keycdn-engine
link: <http://s.eclick.vn/delivery/asset/324297083/adsbyeclick.js>; rel="canonical"
x-edge-location: defr
etag: W/"60a5e780-621f"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-shield: active
expires: Fri, 04 Jun 2021 07:13:50 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/62978707/
Redirect Chain

https://mc.yandex.com/watch/62978707?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A463%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen...
https://mc.yandex.com/watch/62978707/1?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A463%3Afu%3A1%3Aen%3Autf-8%3Ala%3A...

236 B
318 B

45ms
45ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/62978707/1?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A463%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A551%3Acn%3A1%3Adp%3A0%3Als%3A1506790211772%3Ahid%3A391675299%3Az%3A120%3Ai%3A20210604081349%3Aet%3A1622787230%3Ac%3A1%3Arn%3A5956569%3Au%3A1622787230796261105%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622787228822%3Ads%3A0%2C0%2C413%2C13%2C1%2C0%2C%2C82%2C1%2C%2C%2C%2C499%3Adsn%3A0%2C0%2C412%2C14%2C0%2C0%2C%2C71%2C0%2C%2C%2C%2C499%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622787230%3At%3AVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c24ed4ecefc330034306015d331ef8c362cad5198df653f7e323966e1b329043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:49 GMT
x-content-type-options: nosniff
last-modified: Fri, 04-Jun-2021 06:13:49 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vnexpress.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 236
x-xss-protection: 1; mode=block
expires: Fri, 04-Jun-2021 06:13:49 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:49 GMT
last-modified: Fri, 04-Jun-2021 06:13:49 GMT
location: /watch/62978707/1?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A463%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A551%3Acn%3A1%3Adp%3A0%3Als%3A1506790211772%3Ahid%3A391675299%3Az%3A120%3Ai%3A20210604081349%3Aet%3A1622787230%3Ac%3A1%3Arn%3A5956569%3Au%3A1622787230796261105%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622787228822%3Ads%3A0%2C0%2C413%2C13%2C1%2C0%2C%2C82%2C1%2C%2C%2C%2C499%3Adsn%3A0%2C0%2C412%2C14%2C0%2C0%2C%2C71%2C0%2C%2C%2C%2C499%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622787230%3At%3AVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t
strict-transport-security: max-age=31536000
access-control-allow-origin: https://vnexpress.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 04-Jun-2021 06:13:49 GMT

GET
H2 200 Merriweather-Bold.woff2
s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/fonts/ 59 KB
60 KB 216ms
216ms Font
application/octet-stream 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/fonts/Merriweather-Bold.woff2
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/webfonts/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 119ec1d9a42611e9ff521ffd50a5a8b85df6006c9c19ce856ebcef1ea373f506

Request headers

Origin: https://vnexpress.net
Referer: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/webfonts/fonts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
last-modified: Thu, 06 May 2021 01:23:00 GMT
etag: "609344f4-ed40"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 60736
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 Merriweather-Regular.woff2
s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/fonts/ 61 KB
61 KB 396ms
396ms Font
application/octet-stream 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/fonts/Merriweather-Regular.woff2
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/webfonts/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 92482f69cf8b488f4e0364ce1ead48d89a0bac67ae2d147e7028fd14afb42aae

Request headers

Origin: https://vnexpress.net
Referer: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/webfonts/fonts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
last-modified: Thu, 06 May 2021 01:23:00 GMT
etag: "609344f4-f2a8"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 62120
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 prebid.js Show response
cdn.fuseplatform.net/adasia/tags/2/1121/ 249 KB
78 KB 27ms
7ms Script
application/javascript 2600:1901:0:14e5::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/adasia/tags/2/1121/prebid.js
Requested by: Host: cdn.hbplatform.com
URL: https://cdn.hbplatform.com/adasia/tags/2/1121/adasia.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:14e5:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 13791f74085348e02137240ad8a3fa0f5b85c92c2b04867b064f2e8bda4733a0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:02:22 GMT
content-encoding: gzip
age: 688
x-guploader-uploadid: ABg5-UxRLxnHY-by_ABQipG-0qOkKoISXoMcMRPgIdZfrk67ElwTOJDnV-uwDgcIoJLAv3_SDVLXSaPxupDt9prvwK8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 79353
last-modified: Mon, 16 Nov 2020 06:56:24 GMT
server: UploadServer
etag: "3a55bf7e0d0dcf5840cafc850adf7d3f"
vary: Accept-Encoding
x-goog-hash: crc32c=4Cx9rw==, md5=OlW/fg0Nz1hAyvyFCt99Pw==
x-goog-generation: 1605509784906332
cache-control: public, max-age=1800
x-goog-stored-content-length: 79353
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
expires: Fri, 04 Jun 2021 06:32:22 GMT

GET
H/1.1 200
OK eclookup.html Show response
g.eclick.vn/delivery/ Frame E592 5 KB
3 KB 963ms
217ms Document
text/html 111.65.249.225
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.eclick.vn/delivery/eclookup.html?fosp_aid=cji599zdy7vhcdc8.1622787229.des&orig_aid=cji599zdy7vhcdc8.1622787229.des&myvne_user_id=0
Requested by: Host: scdn.eclick.vn
URL: https://scdn.eclick.vn/delivery/asset/324297083/adsbyeclick.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.225 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: c4d10214d66669b2cc88ea8affa688376b10bce29d513a0401f4e44b3b187710

Request headers

Host: g.eclick.vn
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Server: nginx/1.12.2
Date: Fri, 04 Jun 2021 06:13:51 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK fopt.js Show response
adp.vnecdn.net/ 139 B
691 B 229ms
229ms Script
application/json 111.65.249.226
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://adp.vnecdn.net/fopt.js?aid=cji599zdy7vhcdc8.1622787229.des
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.226 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ce4e2f85e3de28b69ec7582d9ae02cfef2caa132ebcd204fa7fe5c5c6af86253

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:13:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 04 Jun 2021 13:13:50 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: max-age=86400, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With
Expires: Sat, 05 Jun 2021 14:13:50 GMT

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5863
x-xss-protection: 0
server: cafe
etag: 12453517290502062038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 07:13:43 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
186 B 58ms
19ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=75375130586
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Fri, 04 Jun 2021 06:13:49 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 auction Show response
rtb.adxpremium.services/openrtb2/ 325 B
897 B 259ms
241ms XHR
application/json 2606:4700:e6::ac40:c319
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd0696cfeb70e138eb8c3b91789e0ad7999759537d53abc185595e2ae9967645

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a774123bf000005bbfca74000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ylGK%2FIBi4VmW3%2FTWJEfsXF0Wh0RBCbP8PuRIsObJxHm4X%2F2BOKFemDQESTqffo3qKHGtrmuZo9xuKx6fubFP99gM4sIt0OGm%2B5UHAWXTpIRI6uFX5fwesKDWLH6JhLLettj%2BRIJP9Fwa8z6RH9S6xhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 659f047f9fcc05bb-FRA
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
713 B 48ms
17ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:50 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.81:80
AN-X-Request-Uuid: 84a7625f-581d-4e57-a4d3-02694c7e5348
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET arj
ureka-d.openx.net/w/1.0/ 0
0

POST
H2 200 bid-request Show response
rtb.adpone.com/ 727 B
714 B 64ms
40ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=1201181228390
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0956e10d2aea9078e471dbdef07d31fc46d2ab3117e50daf1165d33b44d4c20

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aOr8nWPKMS8iP13kgJklu%2BkTfefEIMbaPIoy3%2FnSSSsqrbJPEWtnO%2FAeTO5oSRQ%2F8C02nIv9Bb9N3mi2PYOM5kOKxWZjpih5gi%2BK0sf%2B%2FVWkqYusXB076cpfoNwRGHOvavqhpoK78A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
cf-ray: 659f047fa8be4de2-FRA
cf-request-id: 0a774123c900004de25c1d3000000001

POST
H2 200 bid-request Show response
rtb.adpone.com/ 765 B
727 B 70ms
46ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=120118122658647
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25352926b5c64cad67d81343ab4569d4c848a2a7e887c004348b1c3d66fc198f

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LJXWfwayCgOsnuXC0rLwHARhPDGgE2Alqrg66uItC7j0AaVySeKIj1%2FaZZ8fgQemh8ctw4NbiX1gYaJ5HUA9QpmekDgx8IPY62CydPFPEDDZm5VwzlNODo7HSLXE2ud%2BsNjPfN7G%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
cf-ray: 659f047fa8c04de2-FRA
cf-request-id: 0a774123c900004de26f871000000001

POST
H2 200 bid-request Show response
rtb.adpone.com/ 765 B
992 B 61ms
38ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=120118122658647
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be7368e0f4ce7bc15dcebc8245dddcb9bae48ca2a50178109620ce4f5e4d07d

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=r06Qx6NE8RLV%2BBaiva%2BqpQoH7IEgPg1mtSuXI5ANTebCPZIsvzrXQHADObmFKiNQhKQyg8mnOzxedF%2BUss1l9KugqlnjS%2BkUp2d0gn%2BStLxpkFVZXT0tWg0ZRbJFiVlkUPafevJqow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
cf-ray: 659f047fa8c14de2-FRA
cf-request-id: 0a774123c900004de2823a3000000001

POST
H2 200 bid-request Show response
rtb.adpone.com/ 765 B
725 B 67ms
44ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=120118122658647
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 743646567a4f543c24f68edca119af892f59de506a146c3a0e5285181b8d6d75

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=t%2BaAYaPss8bSKJfHuYbqRnHnYk0ZUHnY6EDe9krJf9iw9pWgqQbMLkL8iaA9xANKVO8ovQugn8XeLGrdMU7Rh9sv1mCSnKV1Z%2FUl4%2Bvk8vceDglWuPeQ6BLN3j6s50lIxnLc7qIpYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
cf-ray: 659f047fa8c24de2-FRA
cf-request-id: 0a774123c900004de2b5340000000001

POST
H2 200 bid-request Show response
rtb.adpone.com/ 732 B
710 B 62ms
39ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=120118122658647
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b53395330a1ee3b7643e963a119021bb8f527550b321d4c1e70ded8bf86a0e62

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cWp7DLtmt39dsPhrfhqRx0uREBgUDgCdy81WvSjnGupJ7gnoSl%2BciYY54nwKQUsBr53eCIBNIU9x7o87Cgw1aCp%2F8YWrufQPDPbW1ncnSgvLX5bCT6yXlrQxjHz0egaNUmGPfJBEFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
cf-ray: 659f047fa8c44de2-FRA
cf-request-id: 0a774123c900004de25fa5a000000001

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 143ms
111ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Fri, 04 Jun 2021 06:13:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
175 B 479ms
162ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Fri, 04 Jun 2021 06:13:51 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5
https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=07d2b414-c4fc-11eb-982b-156973b60106

0
588 B

14ms
14ms

Image
text/plain

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=07d2b414-c4fc-11eb-982b-156973b60106
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Fri, 04 Jun 2021 06:13:50 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 12
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Fri, 04 Jun 2021 06:13:50 GMT
Server: nginx
Location: /partner?source=307342&sync_limit=5&__user_check__=1&sync_id=07d2b414-c4fc-11eb-982b-156973b60106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 5
Connection: keep-alive
Content-Length: 0

GET
H2 200 hls.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1733/v2/helper/vod/ 239 KB
70 KB 221ms
220ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v2/helper/vod/hls.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: e31abfba9498eb99c83e4d738058db4f316f1a3ef6d33e8dbb2cd5cf077096cd

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:27 GMT
etag: W/"6093454b-3bc3b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 embed_vod.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1733/v2/helper/ 55 KB
15 KB 409ms
408ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v2/helper/embed_vod.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: a6fd348793c16aaf8ad37966e528325582aad94ffbe93729bc6ab51fe9c639f5

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:27 GMT
etag: W/"6093454b-dcbf"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 video-js.css
s1.vnecdn.net/vnexpress/restruct/j/v1733/v2/helper/vod/ 75 KB
23 KB 407ms
407ms Stylesheet
text/css 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v2/helper/vod/video-js.css
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/vod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: cce58d4c04c5bc1c3c6cf3687222a843bc8f65c7425d10cb3ade72a7912e49c8

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:27 GMT
etag: W/"6093454b-12c5c"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 ads.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1733/v2/helper/vod/ 29 KB
7 KB 409ms
408ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v2/helper/vod/ads.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 9742ad08db82dedf33acd2fe9bea9390d6197e672ccc2a6d3f40d87ed964824c

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:27 GMT
etag: W/"6093454b-7595"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 covid.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/widget/ 36 KB
9 KB 310ms
310ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/widget/covid.js
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/blocks/site/1000000.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: fdde09ec902ff630c0ee1f01f78665b4da34a828bf30c70e6dc85cd23cb20fc1

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 03:56:52 GMT
etag: W/"609ca384-8eb7"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 home Show response
vnexpress.net/microservice/ 371 KB
60 KB 252ms
251ms Fetch
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/microservice/home

Requested by

Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/blocks/site/1000000.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

677whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

16d6cac734ab48ecb1eec6cb659721f8a10196eadf2dd95f61f15db5c38d85e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /microservice/home
pragma: no-cache
cookie: device_env=4; sw_version=1; _efr=1622787180000; _gid=GA1.2.1114537071.1622787229; _dc_gtm_UA-50285069-28=1; fosp_aid=cji599zdy7vhcdc8.1622787229.des; orig_aid=cji599zdy7vhcdc8.1622787229.des; _pk_cvar=%7B%224%22%3A%5B%22fosp_aid%22%2C%22cji599zdy7vhcdc8.1622787229.des%22%5D%7D; _pk_id=dcfb7c3c6ea3063e.1622787229.1.1622787229.1622787229.; _pk_ses=*; _ga_DQJ7NF9DN2=GS1.1.1622787229.1.0.1622787229.60; _ga_57577CKS2C=GS1.1.1622787229.1.0.1622787229.60; _ga=GA1.2.946823756.1622787229; _dc_gtm_UA-169340704-1=1; _ym_uid=1622787230796261105; _ym_d=1622787230; _ym_isad=2; _ym_visorc=b; adAsiaUserIp=89.249.64.171; display_cpd=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: vnexpress.net
referer: https://vnexpress.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: 677whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=60, no-cache
x-xss-protection: 1; mode=block
v-cache: VNE4

GET
H2 200 th Show response
gw.vnexpress.net/ 39 KB
7 KB 991ms
224ms Fetch
application/json 180.148.132.75
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.vnexpress.net/th?types=gia_vang_v2,ty_gia_vcb,data_shop_v2_home_vne_160,data_egift,data_shop_v2_home,rao_vat_v2,ewiki,bank_rate_offline,bank_rate_online
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/blocks/site/1000000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 180.148.132.75 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-ams_global_139_54 /
Resource Hash: 7ae835aa3ea5b0d70cc0a7a1af1394545e3082cb20ec5e5dd0e87584e61c5cae

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
server: FPT-ams_global_139_54
x-kong-server: kong_api_139_55
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
via: kong/1.2.1

GET
H2 200 4245034 Show response
vnexpress.net/microservice/getconsultants/aid/ 33 KB
7 KB 702ms
701ms Fetch
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/microservice/getconsultants/aid/4245034

Requested by

Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/blocks/site/1000000.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

677whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

d7a18af60149d105e1df041653f4306ba534e6d39ec10c1886ee31644e9306a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /microservice/getconsultants/aid/4245034
pragma: no-cache
cookie: device_env=4; sw_version=1; _efr=1622787180000; _gid=GA1.2.1114537071.1622787229; _dc_gtm_UA-50285069-28=1; fosp_aid=cji599zdy7vhcdc8.1622787229.des; orig_aid=cji599zdy7vhcdc8.1622787229.des; _pk_cvar=%7B%224%22%3A%5B%22fosp_aid%22%2C%22cji599zdy7vhcdc8.1622787229.des%22%5D%7D; _pk_id=dcfb7c3c6ea3063e.1622787229.1.1622787229.1622787229.; _pk_ses=*; _ga_DQJ7NF9DN2=GS1.1.1622787229.1.0.1622787229.60; _ga_57577CKS2C=GS1.1.1622787229.1.0.1622787229.60; _ga=GA1.2.946823756.1622787229; _dc_gtm_UA-169340704-1=1; _ym_uid=1622787230796261105; _ym_d=1622787230; _ym_isad=2; _ym_visorc=b; adAsiaUserIp=89.249.64.171; display_cpd=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: vnexpress.net
referer: https://vnexpress.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: 677whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=60, no-cache
x-xss-protection: 1; mode=block
v-cache: VNE4

GET
H2 200 zepto.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/libs/ 39 KB
12 KB 218ms
218ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/libs/zepto.js
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/modules/home.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 464afcd8128470af2c00e32101a2df60a792586747321dd5afa9a21816a385ba

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:31 GMT
etag: W/"6093454f-9c7d"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 simple-scrollbar.min.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/libs/ 4 KB
2 KB 217ms
217ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/libs/simple-scrollbar.min.js
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/modules/home.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 1601c1cfc82d718d46138f6a4205cae60449697b94e6abf7586735ec2e05c3d0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:31 GMT
etag: W/"6093454f-10a7"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 usi.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/ 10 KB
3 KB 218ms
218ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/usi.js
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/modules/home.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: d6e3b5703ddd016c902373aed3e30d9532fc56bb712addc7365664d73e02d584

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 09:08:48 GMT
etag: W/"60af61a0-298b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:50 GMT

GET
H2 200 eclick_logo.png
static.eclick.vn/delivery/css/images/graphics/ 2 KB
2 KB 1001ms
229ms Image
image/png 111.65.249.131
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.eclick.vn/delivery/css/images/graphics/eclick_logo.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.131 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_36 /
Resource Hash: 28c34d137ec2cc383f7177e97e1d0d1855ec48e45536b9ae395b6ac1f26ee3f5

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
last-modified: Tue, 28 Apr 2020 05:02:00 GMT
server: FPT-static_eclick_141_36
etag: "5ea7b8c8-76a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1898
expires: Sun, 04 Jul 2021 06:13:51 GMT

GET
H2 200 gg-1622777796-8760-1622777969.jpg
vcdn1-suckhoe.vnecdn.net/2021/06/04/ 17 KB
18 KB 8ms
6ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-suckhoe.vnecdn.net/2021/06/04/gg-1622777796-8760-1622777969.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=Q40ckZbgzCHx2pH1XnZ31w
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 78694eea42993409215dd038b586ee86c1e314460b58ca4441f5fda36dedce44

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
last-modified: Fri, 04 Jun 2021 03:41:07 GMT
server: keycdn-engine
link: <http://i1-suckhoe.vnecdn.net/2021/06/04/gg-1622777796-8760-1622777969.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=Q40ckZbgzCHx2pH1XnZ31w>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 17691
expires: Sat, 04 Jun 2022 12:02:50 GMT

GET
H2 200 1000-1622781326-8065-1622781421.jpg
vcdn1-vnexpress.vnecdn.net/2021/06/04/ 14 KB
15 KB 8ms
7ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/06/04/1000-1622781326-8065-1622781421.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=SKEK26QobWEp0IDKG2zhLw
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: fe089a44eef9aee80ece8d6836c5fcbd964c16d720aa918a5a0ff0da028416e4

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
last-modified: Fri, 04 Jun 2021 04:37:18 GMT
server: keycdn-engine
link: <http://i1-vnexpress.vnecdn.net/2021/06/04/1000-1622781326-8065-1622781421.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=SKEK26QobWEp0IDKG2zhLw>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 14571
expires: Sat, 04 Jun 2022 12:02:50 GMT

GET
H2 200 XuanNgocCuuPhochutichPhuYen1-1-2602-1729-1622782268.jpg
vcdn1-vnexpress.vnecdn.net/2021/06/04/ 39 KB
39 KB 14ms
12ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/06/04/XuanNgocCuuPhochutichPhuYen1-1-2602-1729-1622782268.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=xsdJJsBkJsEWQUYJNJKI2Q
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: bad8f3f5c56ccff8f84e17cfeb6f423499ff60395f6b944573337604a3c55729

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
last-modified: Fri, 04 Jun 2021 04:51:27 GMT
server: keycdn-engine
link: <http://i1-vnexpress.vnecdn.net/2021/06/04/XuanNgocCuuPhochutichPhuYen1-1-2602-1729-1622782268.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=xsdJJsBkJsEWQUYJNJKI2Q>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 39603
expires: Sat, 04 Jun 2022 12:02:50 GMT

GET
H2 200 1-1622777654-4406-1622777697.jpg
vcdn1-vnexpress.vnecdn.net/2021/06/04/ 11 KB
11 KB 19ms
18ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/06/04/1-1622777654-4406-1622777697.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=sJbKAbchnlNlwTb4DZ-3Ow
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 41236151b4b86d0524124513a83612ab4fca5af59ac0b5e9e7640a4976778350

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
last-modified: Fri, 04 Jun 2021 03:35:06 GMT
server: keycdn-engine
link: <http://i1-vnexpress.vnecdn.net/2021/06/04/1-1622777654-4406-1622777697.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=sJbKAbchnlNlwTb4DZ-3Ow>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 10874
expires: Sat, 04 Jun 2022 12:02:50 GMT

GET
H2 200 cacloaivaccine1mp400001108stil-9910-6653-1622772068.png
vcdn1-vnexpress.vnecdn.net/2021/06/04/ 32 KB
33 KB 19ms
18ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/06/04/cacloaivaccine1mp400001108stil-9910-6653-1622772068.png?w=220&h=132&q=100&dpr=1&fit=crop&s=h7bYGRxa7Dn7aKh-lAdXBw
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 60d6d20e0b165b589f3424d8b4b0f76ca317d2d7d05cc31bba0b3a888daae40a

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
last-modified: Fri, 04 Jun 2021 02:01:23 GMT
server: keycdn-engine
link: <http://i1-vnexpress.vnecdn.net/2021/06/04/cacloaivaccine1mp400001108stil-9910-6653-1622772068.png?w=220&h=132&q=100&dpr=1&fit=crop&s=h7bYGRxa7Dn7aKh-lAdXBw>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 33017
expires: Sat, 04 Jun 2022 12:02:50 GMT

GET
H2 200 cuuhoa-1622781574-4767-1622781605.jpg
vcdn1-vnexpress.vnecdn.net/2021/06/04/ 11 KB
11 KB 24ms
23ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/06/04/cuuhoa-1622781574-4767-1622781605.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=7cY9zQDDp-i1CIW1TsxARw
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 6e4a2fc305aea9f7e9c57e7882e06153e90c7db71b6600d98ebb462d08e86c12

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
last-modified: Fri, 04 Jun 2021 04:42:53 GMT
server: keycdn-engine
link: <http://i1-vnexpress.vnecdn.net/2021/06/04/cuuhoa-1622781574-4767-1622781605.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=7cY9zQDDp-i1CIW1TsxARw>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 11232
expires: Sat, 04 Jun 2022 12:02:50 GMT

GET
H2 200 AstraZeneca020621-1622775529-5055-1622778065.jpg
vcdn1-suckhoe.vnecdn.net/2021/06/04/ 18 KB
19 KB 13ms
12ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-suckhoe.vnecdn.net/2021/06/04/AstraZeneca020621-1622775529-5055-1622778065.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=XdgIqUAFEfXj8yCzBRRBQA
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: b845cc761bcdc97fdd5108472145f300a11a6dc6446b1e0edbf293fcf9c25c3c

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
last-modified: Fri, 04 Jun 2021 03:41:41 GMT
server: keycdn-engine
link: <http://i1-suckhoe.vnecdn.net/2021/06/04/AstraZeneca020621-1622775529-5055-1622778065.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=XdgIqUAFEfXj8yCzBRRBQA>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 18610
expires: Sat, 04 Jun 2022 12:02:50 GMT

GET
H2 200 55631871721476a-ufo-1363-16164-7449-9352-1622779419.jpg
vcdn1-vnexpress.vnecdn.net/2021/06/04/ 16 KB
16 KB 24ms
24ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/06/04/55631871721476a-ufo-1363-16164-7449-9352-1622779419.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=oFN_OVyuRlXxM4KAEu6-LA
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: f838a783f1e2c3d9a71f360d449ef72f52a59b4ba07855ca1cd41459bb0cea50

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:50 GMT
last-modified: Fri, 04 Jun 2021 04:04:19 GMT
server: keycdn-engine
link: <http://i1-vnexpress.vnecdn.net/2021/06/04/55631871721476a-ufo-1363-16164-7449-9352-1622779419.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=oFN_OVyuRlXxM4KAEu6-LA>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 16361
expires: Sat, 04 Jun 2022 12:02:50 GMT

GET
H/1.1 200
OK sync_user Show response
octopus-stream01-cads.fpt.vn/analytics/ 51 B
416 B 222ms
222ms XHR
application/json 1.55.119.34
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=c0b97a89-f683-479d-afab-36e784ab08e8
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: dd3d1551228dc80db17a265c182adb8f2b099d1dd733863ce8006c9048fc488e

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vnexpress.net
Date: Fri, 04 Jun 2021 06:13:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Content-Length: 51
Content-Type: application/json

GET
H/1.1 200
OK sync_user Show response
octopus-stream01-cads.fpt.vn/analytics/ 51 B
416 B 443ms
221ms XHR
application/json 1.55.119.34
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=c0b97a89-f683-479d-afab-36e784ab08e8
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: dd3d1551228dc80db17a265c182adb8f2b099d1dd733863ce8006c9048fc488e

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vnexpress.net
Date: Fri, 04 Jun 2021 06:13:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Content-Length: 51
Content-Type: application/json

POST
H/1.1 200
OK p Show response
octopus-stream01-cads.fpt.vn/analytics/ 17 B
199 B 892ms
224ms XHR
application/octet-stream 1.55.119.34
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/p
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 04 Jun 2021 06:13:51 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H2 200 video.lib.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1733/v2/helper/vod/ 461 KB
131 KB 225ms
224ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v2/helper/vod/video.lib.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 765afd4fecb7007452c0ca77ea09b9c06da6b5ca5717025d7fd3ade66affb18d

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:27 GMT
etag: W/"6093454b-73376"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:51 GMT

GET
H2 200 covid19_2021_by_location Show response
vnexpress.net/microservice/sheet/type/ 13 KB
1 KB 379ms
379ms XHR
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/microservice/sheet/type/covid19_2021_by_location

Requested by

Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/widget/covid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

677whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

e63c80d00a745ebf3f7461021781c798604a3a9bd97b2ba34139ef8e203af5b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /microservice/sheet/type/covid19_2021_by_location
pragma: no-cache
cookie: device_env=4; sw_version=1; _efr=1622787180000; _gid=GA1.2.1114537071.1622787229; _dc_gtm_UA-50285069-28=1; fosp_aid=cji599zdy7vhcdc8.1622787229.des; orig_aid=cji599zdy7vhcdc8.1622787229.des; _pk_cvar=%7B%224%22%3A%5B%22fosp_aid%22%2C%22cji599zdy7vhcdc8.1622787229.des%22%5D%7D; _pk_id=dcfb7c3c6ea3063e.1622787229.1.1622787229.1622787229.; _pk_ses=*; _ga_DQJ7NF9DN2=GS1.1.1622787229.1.0.1622787229.60; _ga_57577CKS2C=GS1.1.1622787229.1.0.1622787229.60; _ga=GA1.2.946823756.1622787229; _dc_gtm_UA-169340704-1=1; _ym_uid=1622787230796261105; _ym_d=1622787230; _ym_isad=2; _ym_visorc=b; adAsiaUserIp=89.249.64.171; display_cpd=1; fosp_loc=0-0-; fosp_country=; fosp_location=0; fosp_location_zone=0; fosp_isp=0; fosp_gender=3; f_opt=a%257B%2522id%2522%253bA%2522cji599zdyc7vhcdc8.16227d87229.des%2522%25e2C%2522utime%25221%253A16227872302%257D; fpt_uuid=%22c0b97a89-f683-479d-afab-36e784ab08e8%22; ajs_group_id=null
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: vnexpress.net
referer: https://vnexpress.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: 677whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=60, no-cache
v-type: 1
x-xss-protection: 1; mode=block
v-cache: VNE4

GET
H2 200 / Show response
usi-saas.vnexpress.net/widget/index/ 1 KB
1 KB 1182ms
222ms Script
text/javascript 111.65.248.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://usi-saas.vnexpress.net/widget/index/?cid=4288991-1;4289020-1;4288927-1;4288740-1;4288865-1;4288949-1;4288856-1;4289002-1;4288959-1;4288755-1;4289005-1;4288932-1;4288955-1;4288041-1;4288326-1;4288931-1;4288323-1;4288781-1;4288458-1;4288713-1;4288805-9;4288912-1;4288819-1;4288803-1&
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/usi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.248.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: 10277inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash: 00f8e70e5cca0acf651b7015decad2f6cffcaa252fec8ede2c28aa50eac2e3dc

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: max-age=30
last-modified: Fri, 04 Jun 2021 06:13:37 GMT
server: 10277inhcdd10bf7c7468e873e79ba2ad134
etag: "BYr9qjkFBLpgI6jjoxlS0g=="
content-length: 1138
content-type: text/javascript; charset=utf-8

GET
H2 200 myvne_users_redesign.js Show response
s1cdn.vnecdn.net/myvne/j/v5/ 41 KB
10 KB 7ms
6ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/myvne/j/v5/myvne_users_redesign.js
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/modules/home.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 98299e7fdaea04de37a4a123fd9cef3055d82d786c7d1b31aac0f5d695c81143

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Fri, 23 Apr 2021 08:24:44 GMT
server: keycdn-engine
etag: W/"6082844c-a31f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/myvne/j/v5/myvne_users_redesign.js>; rel="canonical"
expires: Sat, 04 Jun 2022 12:02:51 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 27ms
27ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 27ms
27ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 125 KB
28 KB 343ms
342ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=486255244444979&correlator=2741042900896577&output=ldjh&impl=fifs&eid=31061371%2C21064367%2C21068110%2C31060412%2C31061142&vrg=2021060301&ptt=17&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CMasthead%2CHome%2CLarge1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F5%2F4&prev_iu_szs=320x50%7C1x1%7C728x90%7C900x225%7C970x250%7C1200x150%7C1800x180%7C1920x270%2C320x50%7C1x1%7C300x500%7C300x450&fluid=height%2Cheight&prev_scp=hb_format_adpone%3Dbanner%26hb_source_adpone%3Dclient%26hb_size_adpone%3D0x0%26hb_pb_adpone%3D0.40%26hb_adid_adpone%3D638d8eeab26f77a%26hb_bidder_adpone%3Dadpone%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D0x0%26hb_pb%3D0.40%26hb_adid%3D638d8eeab26f77a%26hb_bidder%3Dadpone%7Chb_format_adpone%3Dbanner%26hb_source_adpone%3Dclient%26hb_size_adpone%3D300x250%26hb_pb_adpone%3D0.50%26hb_adid_adpone%3D65936093e66dccf%26hb_bidder_adpone%3Dadpone%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.50%26hb_adid%3D65936093e66dccf%26hb_bidder%3Dadpone&eri=1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dvnexpress.net%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB12%26inskin_yes%3Dtrue%26article_type%3D1%26article%3D1000000%26category%3D1000000%26cpd%3D1%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dnone&cookie_enabled=1&bc=31&abxe=1&lmt=1622787231&dt=1622787231174&dlt=1622787229239&idt=221&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1050&adys=0%2C391&adks=1832943895%2C1680299014&ucis=1%7C2&ifi=1&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvnexpress.net%2F&ref=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x270%7C300x0&msz=1600x0%7C300x0&ga_vid=946823756.1622787229&ga_sid=1622787231&ga_hid=130940412&ga_fc=false&ga_cid=1114537071.1622787229&fws=4%2C4&ohw=1600%2C300&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

09cfecd1d412733f90e2f18a56072aa9ec222cf0669271d4bdf6b90d0687eb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28549
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 72ms
20ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
8 KB 174ms
173ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=486255244444979&correlator=1902954816795025&output=ldjh&impl=fifs&eid=31061371%2C21064367%2C21068110%2C31060412%2C31061142&vrg=2021060301&ptt=17&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CLarge2%2CHome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C300x250%7C300x300%7C300x500%7C300x540%7C300x600&fluid=height&prev_scp=hb_format_adpone%3Dbanner%26hb_source_adpone%3Dclient%26hb_size_adpone%3D300x250%26hb_pb_adpone%3D0.50%26hb_adid_adpone%3D612a86688723e74%26hb_bidder_adpone%3Dadpone%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.50%26hb_adid%3D612a86688723e74%26hb_bidder%3Dadpone&eri=1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dvnexpress.net%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB12%26inskin_yes%3Dtrue%26article_type%3D1%26article%3D1000000%26category%3D1000000%26cpd%3D1%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dnone&cookie_enabled=1&bc=31&abxe=1&lmt=1622787231&dt=1622787231180&dlt=1622787229239&idt=221&frm=20&biw=1600&bih=1200&oid=3&adxs=1030&adys=3838&adks=4260787118&ucis=3&ifi=3&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvnexpress.net%2F&ref=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x0&msz=340x250&ga_vid=946823756.1622787229&ga_sid=1622787231&ga_hid=130940412&ga_fc=false&ga_cid=1114537071.1622787229&fws=516&ohw=340&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

bec1563922472b83555ebc07a1a592ac72c44e300f6352746eaa91ede53c6720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7879
x-xss-protection: 0
google-lineitem-id: 5260177185
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138299409600
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 57ms
56ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=486255244444979&correlator=2522557489092560&output=ldjh&impl=fifs&eid=31061371%2C21064367%2C21068110%2C31060412%2C31061142&vrg=2021060301&ptt=17&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CRichmedia%2CHome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1&fluid=height&eri=1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dvnexpress.net%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB12%26inskin_yes%3Dtrue%26article_type%3D1%26article%3D1000000%26category%3D1000000%26cpd%3D1%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dnone&cookie_enabled=1&bc=31&abxe=1&lmt=1622787231&dt=1622787231183&dlt=1622787229239&idt=221&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=4285&adks=3988550624&ucis=4&ifi=4&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvnexpress.net%2F&ref=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&ga_vid=946823756.1622787229&ga_sid=1622787231&ga_hid=130940412&ga_fc=false&ga_cid=1114537071.1622787229&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d7b5a36d61bc8b3f4da377120e1fcd30b34783b28e49ea71f52355b260aa9485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4349
x-xss-protection: 0
google-lineitem-id: 5632170936
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138341523710
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6DBB 0
0 24ms
23ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvs9-62If5XgzWQhaWtpzHgnTVpBmp2SQyfvZN-EXhBN2E2BfyjR161LrFZpcv71WOA1GXYXnWe5jyXKFyOatUaQdGFbZmisSk3iZhzDCV38BMGwDfdlcS5OSGe--BSz1eEWO3kMpgSI67nAVAvwBu3LwiYp_yXdi8yUYgT-o5NgfeWgm9YIDUgEo5kfLbFyOcQQ1IK9GasndTjYJyGiza6-NTg56OjBcUIxT98m2oR6_CU6wEwxOE4WljmUDH7Yo5CLS5r9Ij0-0qUU04jV2sk9AA-6e8u1VwH2PW8DkCe61mkJQqU7bgBqADQv8WCS2PL3Owp07FUL8C7Obc5&sai=AMfl-YTYamLIvgSAKE8oUlLdre_6v6hCvwv-751Xg76oDWkgaorBMRplm313B1HNQaIC-OXoN56coCY_mwdp7mlCZmqDA7pghvckqcEm91UaqPxxQhCZOz0_CKSMHnAh7pRa&sig=Cg0ArKJSzHHpKzEst5FzEAE&urlfix=1&adurl=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 04 Jun 2021 06:13:51 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6DBB 62 KB
21 KB 29ms
28ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "892 / 846 of 1000 / last-modified: 1622758190"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21347
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:51 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DBB 121 KB
37 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656031336809"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37735
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:51 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656037121142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28114
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:51 GMT

GET
H3-29 200 pubads_impl_2021052601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6DBB 311 KB
109 KB 28ms
28ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 08:37:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111649
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:51 GMT

GET
DATA 200
OK truncated
/ Frame 6DBB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76a3c7b3170e12de737f05774e3974e2dad68d57f9d7ac9975cf65a557335c44

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 84C1 0
0 24ms
23ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzJ-ieZCQWXCiSb9pL-6vsRqu1A8MEWo5gxgSq0hePWk2AIg2Jd0EmlB-St5LGcE-vonMA5Fq7VND9G-F9A2xU7IlB9nJsN8Ven1TzO9CDHFseii4O2ey3q1oDy5S3IZjG1xPKUsKvCmm5xSK0EfDZcRFu-MnYoGvyMKJcxeEZtf8Ytxj6StAYo80vVc1Zo3YdExBRdslZTufG2AX_5nZ7LjG-jN6t6xq9DDtOyHF50JrvPXIUICUMZhu1u7h90Mzo7w110r2lEiZr00I_AJDuA3RtRMUaEHXAi73_V87IKAhZAosBugegMQHWp_Tyygc&sai=AMfl-YQ0pl5btv_AwpfUAoldUdZEbvwcy9AfQvOKJU0gzQaQTjH8CQ3_XUpJTIJQg4KDObXPB28l2gCTvGKjpU6ldQJweFdilWzFZKG5svM731SPZ1dKAxG2vIJLylaCBkI&sig=Cg0ArKJSzG9MPOu8OABOEAE&adurl=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 84C1 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 06:09:32 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 84C1 121 KB
37 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656031336809"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37735
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:51 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 84C1 0
0 41ms
39ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQha9uBjnFaAyD4xRupYik99tB6odQxAToTXl7WR_3F_RwCoekjtd2rluY7LhMRuzI7S3fX
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 3457675740344115268
tpc.googlesyndication.com/simgad/ Frame 84C1 41 KB
41 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3457675740344115268

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db231183198cda64eba1c88974c1d7de8b06a44c5a44a119394c402309b1543d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 23:21:57 GMT
x-content-type-options: nosniff
age: 283914
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42192
x-xss-protection: 0
last-modified: Fri, 03 Jan 2020 07:59:10 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 May 2022 23:21:57 GMT

GET
H2 200 icon-eclick.svg
s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/images/graphics/ 2 KB
2 KB 216ms
216ms Image
image/svg+xml 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/images/graphics/icon-eclick.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:51 GMT
last-modified: Thu, 06 May 2021 01:23:00 GMT
etag: "609344f4-757"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1879
expires: Sun, 05 Jun 2022 06:13:51 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/libs/ 20 KB
7 KB 218ms
218ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/libs/jquery.magnific-popup.min.js
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/modules/home.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:31 GMT
etag: W/"6093454f-4ef8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:51 GMT

GET
H2 200 Download_Huawei.png
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 7 KB
7 KB 219ms
218ms Image
image/png 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/Download_Huawei.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 713aa0cabaa57ebe333b3069a6975bd48987b8f3d1fe7da9f5fd52b5b626b017

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:51 GMT
last-modified: Thu, 06 May 2021 01:23:20 GMT
etag: "60934508-1c11"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 7185
expires: Sun, 05 Jun 2022 06:13:51 GMT

GET
H2 200 Download_AppStore.png
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 4 KB
5 KB 219ms
218ms Image
image/png 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/Download_AppStore.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 5a7360ce5db7ebcecb6a673d3a64c46fd55d474486ce305119c9a126bfb26ed7

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:51 GMT
last-modified: Thu, 06 May 2021 01:23:20 GMT
etag: "60934508-11d9"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 4569
expires: Sun, 05 Jun 2022 06:13:51 GMT

GET
H2 200 Download_PlayStore.png
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 7 KB
7 KB 219ms
218ms Image
image/png 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/Download_PlayStore.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 8f1310c655588faf022662db268ce663d4e320266162b2f8bc84a687a91232f1

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:51 GMT
last-modified: Thu, 06 May 2021 01:23:20 GMT
etag: "60934508-1b18"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 6936
expires: Sun, 05 Jun 2022 06:13:51 GMT

GET
H2 200 qr_app.svg
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 65 KB
66 KB 219ms
219ms Image
image/svg+xml 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/qr_app.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 1f66620f7dae42af4a6a3d1217e1e15a05090cac7bba5828b69e6d3321e5f924

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:51 GMT
last-modified: Thu, 06 May 2021 01:23:20 GMT
etag: "60934508-104d3"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 66771
expires: Sun, 05 Jun 2022 06:13:51 GMT

GET
H2 200 qr_app_en.svg
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 68 KB
69 KB 221ms
221ms Image
image/svg+xml 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/qr_app_en.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: aca4f78f6565cf5c888ff9101625789895680f616dd9c2daf62f8396c54a5152

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:51 GMT
last-modified: Thu, 06 May 2021 01:23:20 GMT
etag: "60934508-1110a"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 69898
expires: Sun, 05 Jun 2022 06:13:51 GMT

GET
H2 200 icon-eclick.svg
s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/images/graphics/ 2 KB
2 KB 220ms
220ms Image
image/svg+xml 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/images/graphics/icon-eclick.svg
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/general-file.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768

Request headers

Referer: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/general-file.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:51 GMT
last-modified: Thu, 06 May 2021 01:23:00 GMT
etag: "609344f4-757"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1879
expires: Sun, 05 Jun 2022 06:13:51 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 6DBB 107 B
122 B 55ms
28ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6DBB 107 B
122 B 56ms
28ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6DBB 8 KB
4 KB 58ms
58ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4376781648200082&correlator=3897117163565454&output=ldjh&impl=fif&eid=31061184%2C44744007&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=2627062%2CUreka_Supply_ov.vnexpress.net_SliderPC_1x1_230221&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3D08ff522daf32ca61-222ed1f955c8009f%3AT%3D1622787231%3AS%3DALNI_Mbqvf27ulCfh9_WXFTjbwjqlueTcA&cdm=vnexpress.net&bc=31&abxe=1&lmt=1622787231&dt=1622787231477&dlt=1622787231262&idt=198&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=3&adxs=800&adys=4301&adks=2652662923&ucis=rdcadbmofccp&ifi=1&ifk=1452496933&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fvnexpress.net%2F&top=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x1&msz=1x-1&ga_vid=1114537071.1622787229&ga_sid=1622787231&ga_hid=586172100&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

894d82b7757970f47cb0df1d21a470aba50a19709853ef7d05da5193f664f819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4102
x-xss-protection: 0
google-lineitem-id: 5655933059
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138344979505
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
9a764399024fdc78cc2fffc302774acb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6DBB 0
0 79ms
26ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9a764399024fdc78cc2fffc302774acb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
BLOB 200
OK 82f5de53-7528-451d-8836-c3214955d085
https://vnexpress.net/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vnexpress.net/82f5de53-7528-451d-8836-c3214955d085
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 84C1 0
0 50ms
23ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvV6h7LZiZo3V0VjqWn45nSneHbuPfzxpL0Ad4unX99JAM2X_TEZPsPTL_dQI5l1WFgG1p3Kwm6GHWuFJ7TtaCxW4Oq3TnXuzZQ7B_y7_BE8Nki71s21uae6YkKwDoc7PADM4Vs-3Zi3AGsC1klp2nXDf9H819ZmcXXQjr44KOYCDpxu-nODUTkwjT2rj_nGTtbUG88PkPAKvNfSH1my-dFTluT4iuWK14uWN-YhMdq3Sy49jZyJE3lRMaoa-n7JvVD7K-DnZPsJbX3wYvENwMUDBpm3EeG3rJ2-XUyvH2_Hz2o6YAVACiQkXebzo1JsQsw5g&sai=AMfl-YSIPs5qBhPLxmtceFvk0nQ6qZwSQcyU9LvTK6k2PaS2Zcv6LYsLavB6CJ4IZnWC7SYnPIQZGQwNrHgETdUusccmXOmiDeP1-4yhaKqpr-1fJkYycTm7xfwnILR-KC8&sig=Cg0ArKJSzH4b9kQnoLVSEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 04 Jun 2021 06:13:51 GMT

GET
DATA 200
OK truncated
/ Frame 84C1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c30bff21de7d22fe0c7ad5dd7b4e9ad10516ca004628815b5bcb79853ffa8262

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 covid19_2021_hanoi Show response
vnexpress.net/microservice/sheet/type/ 2 KB
698 B 232ms
231ms XHR
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/microservice/sheet/type/covid19_2021_hanoi

Requested by

Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/widget/covid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

677whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

25655740127e9b01b0e3702f6761f86273f17fa2580a3ce7c737402602b27d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /microservice/sheet/type/covid19_2021_hanoi
pragma: no-cache
cookie: device_env=4; sw_version=1; _efr=1622787180000; _gid=GA1.2.1114537071.1622787229; _dc_gtm_UA-50285069-28=1; fosp_aid=cji599zdy7vhcdc8.1622787229.des; orig_aid=cji599zdy7vhcdc8.1622787229.des; _pk_cvar=%7B%224%22%3A%5B%22fosp_aid%22%2C%22cji599zdy7vhcdc8.1622787229.des%22%5D%7D; _pk_id=dcfb7c3c6ea3063e.1622787229.1.1622787229.1622787229.; _pk_ses=*; _ga_DQJ7NF9DN2=GS1.1.1622787229.1.0.1622787229.60; _ga_57577CKS2C=GS1.1.1622787229.1.0.1622787229.60; _ga=GA1.2.946823756.1622787229; _dc_gtm_UA-169340704-1=1; _ym_uid=1622787230796261105; _ym_d=1622787230; _ym_isad=2; _ym_visorc=b; adAsiaUserIp=89.249.64.171; display_cpd=1; fosp_loc=0-0-; fosp_country=; fosp_location=0; fosp_location_zone=0; fosp_isp=0; fosp_gender=3; f_opt=a%257B%2522id%2522%253bA%2522cji599zdyc7vhcdc8.16227d87229.des%2522%25e2C%2522utime%25221%253A16227872302%257D; fpt_uuid=%22c0b97a89-f683-479d-afab-36e784ab08e8%22; ajs_group_id=null; login_system=1; __gads=ID=08ff522daf32ca61-222ed1f955c8009f:T=1622787231:S=ALNI_Mbqvf27ulCfh9_WXFTjbwjqlueTcA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: vnexpress.net
referer: https://vnexpress.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: 677whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=60, no-cache
x-xss-protection: 1; mode=block
v-cache: VNE4

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7279 0
0 24ms
23ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsso4HhnQe1wmU4iWfiqsG5D67STP2eXLQd5OI7IF9ZGFNWeisn73nDCc9GpBKhDfKq9MxsX-jX6qsfH_hJ3TqDilIyGsu-rCIujX2S7rEHb5A_ThrHLiUsd-QcD4mMwVuujxKm2XAJy5YFuWA_9WsIWDlCq6l31plGzeXrLZquaM8tYHADpgu1AoU5Xum2VzM-GfWawwpHEGRk2P1lTN8cXHsLUC9hY2QOe80ZNctNKqcpZyZ9BWCnJV8AI_zGk7WoKCkxQd3jzGbXllnEFzODJIlTbKCDXl_UgPHFdWcM623jWy0qaG8gP8UUQBGxZ2w1-Ia0RleUHMSRBn23m_QOBVXqW&sig=Cg0ArKJSzJe1R61vaA6OEAE&urlfix=1&adurl=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ani-uk-slider-vnexpress.js Show response
solution.urekamedia.com/vnexpress.net/ 6 KB
3 KB 49ms
21ms Script
application/javascript 2606:4700:3030::ac43:a1fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://solution.urekamedia.com/vnexpress.net/ani-uk-slider-vnexpress.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfd4123ab2a2a83c90fd333cd848570b353105c9764cfdecb729db92849fe21b

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2368
cf-polished: origSize=9355
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7741276d00004a55653ce000000001
last-modified: Mon, 12 Apr 2021 08:28:01 GMT
server: cloudflare
etag: W/"248b-5bfc24aad8640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0HI2wQHhsGc0lhWGo5kg%2ByXesGZS8HZZW%2BAxpTQ9daKXBEaVvP8TlPAxsMy4mlBSeC2I7HPOtlrO3EvydeVws8Sz69nR%2FFCADhY2xufbe2XARSMvRqdogSlRBWc31oXDpljpaPC%2FnFEnmKxhqgJ3KNg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 659f048578c54a55-FRA
cf-bgj: minify

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7279 121 KB
37 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656031336809"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37735
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:51 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DBB 73 KB
27 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656037121142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28114
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:51 GMT

GET
H3-29 200 container.html Show response
fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ACD4 6 KB
3 KB 32ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 04 Jun 2021 06:13:51 GMT
expires: Sat, 04 Jun 2022 06:13:51 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105242203000/ Frame D76A 191 KB
54 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b90f60459b17f2ddf447768e249c21c662e70bde6148deff13643982f93f9a6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 193159
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55246
x-xss-protection: 0
server: sffe
date: Wed, 02 Jun 2021 00:34:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9907e100ee706e0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:34:32 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame D76A 12 KB
5 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8de063d7075aa9a9a68120f3eb37178e85777138d4154903a2d4b187b4a893d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 193161
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4568
x-xss-protection: 0
server: sffe
date: Wed, 02 Jun 2021 00:34:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b435c2fa80137a0e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:34:30 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame D76A 87 KB
27 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12993a139a46e15abb56308ef8656d80812fb748dfa88116ee6e20ad3494ae98

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 193161
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27371
x-xss-protection: 0
server: sffe
date: Wed, 02 Jun 2021 00:34:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6687a81702b10306"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:34:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame D76A 4 KB
2 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de4196056e2ffb92e9e6eb78502d3ed77f71a1e8045434a907251ff0b998357

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 193161
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1521
x-xss-protection: 0
server: sffe
date: Wed, 02 Jun 2021 00:34:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5a9e085610d63d0a"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:34:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame D76A 41 KB
13 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e53b8865f7f1e34e44d14f6ff8789dd7f421e7d3c69e48dab33188ff4d99f4e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 193161
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13132
x-xss-protection: 0
server: sffe
date: Wed, 02 Jun 2021 00:34:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1bd5431ac5ac76b7"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:34:30 GMT

GET
DATA 200
OK truncated
/ Frame D76A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed1393afc9faa8f11f9e44d2e7316ab3d3be0a1241bca9addec882889f09a1f1

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 14438698368372146472
tpc.googlesyndication.com/simgad/ Frame D76A 60 KB
60 KB 30ms
27ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14438698368372146472?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql2MahrJjUXrQIajWyH0BNzt9HIOQ

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

520be604b0799a1d9774251af08ebf9ca298190249c7a18b2e143ac91c42a042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 00:52:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 11:06:33 GMT
server: sffe
age: 192064
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61636
x-xss-protection: 0
expires: Thu, 02 Jun 2022 00:52:47 GMT

GET
H3-29 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D76A 3 KB
3 KB 30ms
26ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Jun 2021 22:34:37 GMT
x-content-type-options: nosniff
server: cafe
age: 27554
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3099
x-xss-protection: 0
expires: Fri, 04 Jun 2021 22:34:37 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D76A 344 B
368 B 29ms
26ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Jun 2021 06:55:38 GMT
x-content-type-options: nosniff
server: cafe
age: 83893
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:55:38 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame D76A 0
0 25ms
20ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9wUVLndWOXHZB4VrNkejvjyawzxl-k1d7RLs29vRiNDPELSR9D6rc1gEAuv7m4CpTm_Tm
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D76A 0
0 28ms
23ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ch0ACn8S5YKSVDqW07_UPu_-00A2QxJP9Yr3wxe3cDZS_tauuARABIMfHnyNglfrwgYwHoAHawpmHA8gBAuACAKgDAcgDCKoEyAFP0IYGVE_gEYjEky5SexNAsih7GBqJ3mCLHUCgqUZZ8fg8ytCwuXYA9n18hr3mPbeIXz5A5c8D2dafL3-UMlk0PFCN_w36ohNdJNhCHAywL6PP8hFuYIJIUv6JZqdlI1DvAKgUXJdSTfBLNGlfBOX77hYQkactc1MTPD24MDMzCLEhcdsheJJja_zxzcM49zrWK66h3W9ZcOhk2CROIxnTwDYG8HCttQcfr-ZDhbh90WJ2L5js8mkBBA75o6fSZeWFDFbNTLOxscAEz_Tf1KcD4AQBkgUECAQYAZIFBAgFGASgBgKAB4695nioB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwMQ8C7SCAkIiOGAcBABGB2ACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMTQ4MTAxOTc1NDE4NDk1NQ&sigh=tla8AJoYi7k
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
usi-saas.vnexpress.net/widget/index/ 951 B
1 KB 867ms
429ms Script
text/javascript 111.65.248.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://usi-saas.vnexpress.net/widget/index/?cid=4288396-1;4288940-1;4288797-1;4288772-1;4288765-1;4288952-1;4288832-5;4288839-1;4288829-1;4288899-1;4287712-1;4288867-1;4288943-1;4288967-1;4288868-1;4288930-1;4288833-1;4288560-1;4288823-1;4288761-1&
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/usi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.248.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: 10277inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash: 67acfaf924135b067c753e52a504a3a70654c600c315bc6bd28b7354fa692c4d

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: max-age=30
last-modified: Fri, 04 Jun 2021 06:13:52 GMT
server: 10277inhcdd10bf7c7468e873e79ba2ad134
etag: "7Z/43KLS+ay83ZncHFbFlQ=="
content-length: 951
content-type: text/javascript; charset=utf-8

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 86ms
41ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 05 Jun 2021 06:13:51 GMT

GET
H2 200 QUYN73332-1622718386-4918-1622737722.jpg
vcdn1-kinhdoanh.vnecdn.net/2021/06/03/ 30 KB
30 KB 325ms
9ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-kinhdoanh.vnecdn.net/2021/06/03/QUYN73332-1622718386-4918-1622737722.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=Lg1sh-ykf2oukJlzvvGDhw
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 063f9379e091c03bcf095b3dfab7429737dd1e46eb98ed9c597bb4cd7df731d0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:52 GMT
last-modified: Thu, 03 Jun 2021 16:29:05 GMT
server: keycdn-engine
link: <http://i1-kinhdoanh.vnecdn.net/2021/06/03/QUYN73332-1622718386-4918-1622737722.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=Lg1sh-ykf2oukJlzvvGDhw>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 30528
expires: Sat, 04 Jun 2022 12:02:52 GMT

GET
H2 200 vn-jpeg-1622778478-1622778487-6789-1622778543.jpg
vcdn1-vnexpress.vnecdn.net/2021/06/04/ 63 KB
63 KB 7ms
7ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/06/04/vn-jpeg-1622778478-1622778487-6789-1622778543.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=XDCZW6I4NBkwJ1_7fG172A
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: b2105aae1749b665f90ba0927c1a515eb774e50b7cd707f31b2f01851dbb17a4

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:51 GMT
last-modified: Fri, 04 Jun 2021 03:49:24 GMT
server: keycdn-engine
link: <http://i1-vnexpress.vnecdn.net/2021/06/04/vn-jpeg-1622778478-1622778487-6789-1622778543.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=XDCZW6I4NBkwJ1_7fG172A>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 64215
expires: Sat, 04 Jun 2022 12:02:51 GMT

GET
H2 200 hongdao2-1622611383-5919-1622612294.jpg
vcdn1-giaitri.vnecdn.net/2021/06/02/ 44 KB
45 KB 311ms
6ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-giaitri.vnecdn.net/2021/06/02/hongdao2-1622611383-5919-1622612294.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=NEn5YUd_2UR13q5OrPW6lg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 60bf0c88c6571057e5b800e3ce88a44a0f57cdc05dc56d214afad636db7a1d4f

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:52 GMT
last-modified: Wed, 02 Jun 2021 05:38:21 GMT
server: keycdn-engine
link: <http://i1-giaitri.vnecdn.net/2021/06/02/hongdao2-1622611383-5919-1622612294.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=NEn5YUd_2UR13q5OrPW6lg>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 45270
expires: Sat, 04 Jun 2022 12:02:52 GMT

GET
DATA 200
OK truncated
/ Frame 7279 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3acb670729090c5673d274d03b979875e167e55c4854c248fa5dd30217cb9a2d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7279 0
0 22ms
22ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjxMzGVEKi77YJ_kij7XnqAu66Fg1ghZ5wr9Ky9rCX8N0pwJFOCWpgqjBlkVv2RJWC8I235l_5cU289t7LGlUTMJGTCynwoYLP77zV6gpblTZrfzFfNMdDZnbcfthQhdgyfHlm1_hfbTaaIFAwJzK3G8Bo3RHu9J9PXOivKmQJDw94AbwWTm5al0r4FuvgV544G_R-9S55HkYdW6pkwX47zPa_w9oqkbcrykQD6WTAT1cjYZgYZZlbSy484CORB8nHXXWVbp13EPfijc0-0QryyWDawPUsmDwd6ZKchwqpvsCM5MalEwiXgXNv45DVK-phAmtCqUwWsc1NBrM4vqdNbxsnyeM&sig=Cg0ArKJSzIkOyTHWLIAVEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 04 Jun 2021 06:13:51 GMT

GET
H2 200 player.js Show response
player.aniview.com/script/6.1/ 25 KB
9 KB 26ms
6ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/player.js
Requested by: Host: solution.urekamedia.com
URL: https://solution.urekamedia.com/vnexpress.net/ani-uk-slider-vnexpress.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6ba54b0d518a916eb45f571557bc19a2ec243a2f33fa44ea9976b9ee2304266b

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Ux7wIL64mRyN0cK7p9H_w6TJ9lWBynkpvDwPMMboEJZ_E_0okH3XNFOk_4YB0sXwAUEQjUH3wkQsKtaek__joWrT0FQiA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 9068
last-modified: Sun, 30 May 2021 09:56:36 GMT
server: UploadServer
etag: "b1f97cca37ab44f0c91e4b974cb0eb16"
vary: Accept-Encoding
x-goog-hash: crc32c=S4NPWg==, md5=sfl8yjerRPDJHkuXTLDrFg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1622368596875915
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9068
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 04 Jun 2021 06:18:51 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 303ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5e63d10e28a0614d2b01395e&cid=5ea26963e792ea55c7264da7&e=playerLoaded&cb=1622787231770
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 Tracking.svg
s1.vnecdn.net/vnexpress/restruct/c/v583/images/graphics/ 870 B
1 KB 216ms
215ms Image
image/svg+xml 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v583/images/graphics/Tracking.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: f09769d783a6f6cd0be02b874c4b7fedfbafbc50b7bfc3438725c459cb127961

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:51 GMT
last-modified: Thu, 11 Feb 2021 01:51:47 GMT
etag: "60248db3-366"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 870
expires: Sun, 05 Jun 2022 06:13:51 GMT

GET
H2 200 News.svg
s1.vnecdn.net/vnexpress/restruct/c/v583/images/graphics/ 2 KB
2 KB 216ms
216ms Image
image/svg+xml 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v583/images/graphics/News.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 68d2cc4486c92a0541f96c95d990873464c25dfc943cc9eb573b60b32044f673

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:51 GMT
last-modified: Thu, 11 Feb 2021 01:51:47 GMT
etag: "60248db3-665"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1637
expires: Sun, 05 Jun 2022 06:13:51 GMT

GET
H2 200 covid19_2021_by_day Show response
vnexpress.net/microservice/sheet/type/ 9 KB
1 KB 232ms
231ms XHR
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/microservice/sheet/type/covid19_2021_by_day

Requested by

Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/widget/covid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

677whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

48c377ef6dbd2121079d1e52a65247920e23af449e1eeb5e31fd47c89284281e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /microservice/sheet/type/covid19_2021_by_day
pragma: no-cache
cookie: device_env=4; sw_version=1; _efr=1622787180000; _gid=GA1.2.1114537071.1622787229; _dc_gtm_UA-50285069-28=1; fosp_aid=cji599zdy7vhcdc8.1622787229.des; orig_aid=cji599zdy7vhcdc8.1622787229.des; _pk_cvar=%7B%224%22%3A%5B%22fosp_aid%22%2C%22cji599zdy7vhcdc8.1622787229.des%22%5D%7D; _pk_id=dcfb7c3c6ea3063e.1622787229.1.1622787229.1622787229.; _pk_ses=*; _ga_DQJ7NF9DN2=GS1.1.1622787229.1.0.1622787229.60; _ga_57577CKS2C=GS1.1.1622787229.1.0.1622787229.60; _ga=GA1.2.946823756.1622787229; _dc_gtm_UA-169340704-1=1; _ym_uid=1622787230796261105; _ym_d=1622787230; _ym_isad=2; _ym_visorc=b; adAsiaUserIp=89.249.64.171; display_cpd=1; fosp_loc=0-0-; fosp_country=; fosp_location=0; fosp_location_zone=0; fosp_isp=0; fosp_gender=3; f_opt=a%257B%2522id%2522%253bA%2522cji599zdyc7vhcdc8.16227d87229.des%2522%25e2C%2522utime%25221%253A16227872302%257D; fpt_uuid=%22c0b97a89-f683-479d-afab-36e784ab08e8%22; ajs_group_id=null; login_system=1; __gads=ID=cf7ec6c02d20ebcd-223cc6d655c8003f:T=1622787231:S=ALNI_MaRDlKL0jn1bR4yRfXXCcU0VPLDIw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: vnexpress.net
referer: https://vnexpress.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: 677whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=60, no-cache
x-xss-protection: 1; mode=block
v-cache: VNE4

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6DBB 0
0 23ms
23ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIZj4gHCz07AXyCT1lJ1WrTLb0q4hxi0FmjBdAcz_okyZsrCrI6LxhG_BdKNi6-gpr3AUrT6TwmnNOkJNP4gvJTqGBpwKA8IFqEgWsP7Xp93LEVpiVtj7nYzcml3u62axI17-Z9661dg0kMz83yhgJfIP6JmM76xGw4jPiZPuGaihcIaLJZZXLrx5806DpQEVznzC3FMtqGcTfz0OQ-NrhdD4WkcqPDO0oF59ceKG0Nuqkc-lFDvOnC-lKn08cyvoWZH3K2PW_1r8yELlZetPcWJ9Ucx9SdJiWzqSCF8AZVIWOTxfgN5T569CflGRvBztRAZYHgtsO_HM1W8tSjQ8&sai=AMfl-YTcpADGWOvG8JcYwOD-JAz-ErYu4O2hNBhCebA8wndyKSA4lti0gxP-6exHy3Qvr9Cp0tm-Tr7maDi_z-j49Phylk7qdTWTz5Ch_ORIb2g_gnmLgcvjM7z0LsGh4Cin&sig=Cg0ArKJSzLyHaki8QSZxEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 04 Jun 2021 06:13:51 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6DBB 11 KB
8 KB 56ms
55ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535c661e9e7b6517b3c3d838e651ba0898f5ce2b412f30ed16c8a00dcf84e4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8299
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D76A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

20ms
20ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 04 Jun 2021 06:13:51 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame ACD4 2 KB
627 B 27ms
27ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
URL: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 05:04:44 GMT
server: ESF
date: Fri, 04 Jun 2021 06:13:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Jun 2021 06:13:51 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame ACD4 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
URL: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 06:12:41 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame ACD4 0
0 24ms
24ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZSzJn8S5YKOVDqW07_UPu_-00A3w1oCFY5Wl9bi1DYv78_7EIhABIMfHnyNglfrwgYwHoAGT3cigAsgBCeACAKgDAcgDmwSqBMkBT9BhioW0kXBEBB8ufov3emWtSdrqdbs9WwYbE62RGWyn3iRBA3f7HtgJH-o_UX4SZeUUqOoxsImqdMjS9osSO93I2al2VNuluMz4FQncqLVzZZgb33OMwnA_L3mhLBB3wMO4od2YUaRIqYe3JQBx8a6M91tFtUShgBbl3HwDukTTvEKWIanHtycIk33GZ3XIq5KOZ0H0gSXcGLILupYFeRMaquEV4cEmg-60dra-reW1iMVMm0IGVuQD0DgTgAMKZXmsFdDb838twASgsfj2zwPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-_m13wGoB4qcsQKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEOikAtIICQiI4YBwEAEYHYAKA8gLAdgTDtAVAYAXAbIXGgoYCAASFHB1Yi0xNDgxMDE5NzU0MTg0OTU1&sigh=Etyyek-f4dI&template_id=494
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame ACD4 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js

Requested by

Host: fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
URL: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:09:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7001
x-xss-protection: 0
server: cafe
etag: 17954294202796946299
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 06:09:52 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame ACD4 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Host: fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
URL: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 06:09:32 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ACD4 121 KB
37 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
URL: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656031336809"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37735
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:51 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame ACD4 13 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
URL: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1091097466425408374
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 06:13:05 GMT

GET
H2 200 3b821d177d35ff0343c5a517c12ac1c9.js Show response
www.gstatic.com/mysidia/ Frame ACD4 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3b821d177d35ff0343c5a517c12ac1c9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
URL: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d7bc2e5c2959435469986ff3eb98d158edf428ed8eeccb0e8ffe31d3336c9ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 16:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Jun 2021 00:10:36 GMT
server: sffe
age: 136102
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10549
x-xss-protection: 0
expires: Tue, 31 Aug 2021 16:25:29 GMT

GET
H3-29 200 14438698368372146472
tpc.googlesyndication.com/simgad/ Frame D76A 60 KB
60 KB 8ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14438698368372146472?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql2MahrJjUXrQIajWyH0BNzt9HIOQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

520be604b0799a1d9774251af08ebf9ca298190249c7a18b2e143ac91c42a042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 00:52:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 11:06:33 GMT
server: sffe
age: 192064
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61636
x-xss-protection: 0
expires: Thu, 02 Jun 2022 00:52:47 GMT

GET
H3-29 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D76A 3 KB
3 KB 9ms
9ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Jun 2021 22:34:37 GMT
x-content-type-options: nosniff
server: cafe
age: 27554
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3099
x-xss-protection: 0
expires: Fri, 04 Jun 2021 22:34:37 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D76A 344 B
368 B 9ms
9ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Jun 2021 06:55:38 GMT
x-content-type-options: nosniff
server: cafe
age: 83893
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:55:38 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame ACD4 21 KB
21 KB 50ms
7ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTcxees7DkuaOVrLcUZUTgz4XmN6N10v-Ik5S5jtxD1ONYOw3fCeGf1yncLpA&usqp=CAI

Requested by

Host: fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
URL: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

409ed122e752c723ec625157d86183a8cc7727a794252aba803c11389be47009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 03:32:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Nov 2020 01:27:13 GMT
server: sffe
age: 182496
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21436
x-xss-protection: 0
expires: Thu, 02 Jun 2022 03:32:15 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame ACD4 46 KB
46 KB 56ms
13ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSMzpyR83t3zwjWJDwnivyqne3-bVGS8gcpYUMG454pG8w9UyEL5IiF4-wJ-3w&usqp=CAI

Requested by

Host: fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
URL: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab6f4de5516e5e5005d52c5c6f72cb63cc8fb4fe7cf864b1c9ffa979fbdc22cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 22:16:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 08 Nov 2020 02:09:16 GMT
server: sffe
age: 287840
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46858
x-xss-protection: 0
expires: Tue, 31 May 2022 22:16:31 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame ACD4 31 KB
31 KB 16ms
6ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTNON0xXconz64U068Q4IvPf2ZWZOnszjTwYnmcN0O-FQaHFZMoV9cgsongdU0&usqp=CAI

Requested by

Host: fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
URL: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86bc59e6e20be0b367afa3772aeecb5d29689c791492b5c7fcfda042eee894a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 06:25:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Nov 2020 01:23:31 GMT
server: sffe
age: 258519
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31335
x-xss-protection: 0
expires: Wed, 01 Jun 2022 06:25:12 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame ACD4 43 KB
43 KB 18ms
8ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT0LYIXotikxprUTNexCIzcKmuXXzzHcjTTI44IK6n80zY4hOGUNRz8-4eh1uc&usqp=CAI

Requested by

Host: fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
URL: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de4d77c31d4475cfa56f851e82f3854ab73cc359dfc15d5aca21b21d2334ab28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 03:41:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Oct 2020 13:02:24 GMT
server: sffe
age: 181918
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44374
x-xss-protection: 0
expires: Thu, 02 Jun 2022 03:41:53 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame ACD4 35 KB
35 KB 15ms
6ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRBFLQiHk1OAcwq_eZKoVJnywemtVL4zJV1gq7IwKBbF5YGBWj7YR0EhPJumQ&usqp=CAI

Requested by

Host: fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
URL: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccfddad2c1e5a4b2ece79fcef34c00cd5a1c024e252eef7fcf454e7c7027b9b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 03:25:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Nov 2020 06:19:35 GMT
server: sffe
age: 182887
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35421
x-xss-protection: 0
expires: Thu, 02 Jun 2022 03:25:44 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame ACD4 38 KB
38 KB 48ms
6ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR8ELQMh54SaKe0AhfrXvlV3zmL2fvKV-tDb4C_4vjDwYr5ZYyGkBgKH4zL4KM&usqp=CAI

Requested by

Host: fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
URL: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8b76096f9968180856a274ebdca6c80e739c4cd8348117934a9135373bd5f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 06:30:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 22 Nov 2020 01:38:15 GMT
server: sffe
age: 258179
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38435
x-xss-protection: 0
expires: Wed, 01 Jun 2022 06:30:52 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame ACD4 9 KB
9 KB 46ms
6ms Image
image/png 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRlso0fDM7b9AfW7ircwatAAQkB3OzrCWsJJS21vObJaBViUj8&usqp=CAI

Requested by

Host: fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
URL: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fdb0ffdaf37b5ce8c6faa41ae72a586095c09c44a87094c128859ff9234bd9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 13:13:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 20 Jun 2020 08:04:41 GMT
server: sffe
age: 234048
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8785
x-xss-protection: 0
expires: Wed, 01 Jun 2022 13:13:03 GMT

GET
H2 200 / Show response
usi-saas.vnexpress.net/widget/index/ 710 B
1 KB 393ms
222ms Script
text/javascript 111.65.248.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://usi-saas.vnexpress.net/widget/index/?cid=4288816-1;4288724-1;4287290-1;4288612-1;4288576-1;4287009-1;4288243-1;4288834-1;4288221-1;4288253-1;4288905-1;4288942-1;4288683-1;4288926-1;4288645-1&
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/usi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.248.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: 10277inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash: 17faf53fa26619c4dcf15708517a439fcda2f78ddafe2189a1a13191d69f0795

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: max-age=30
last-modified: Fri, 04 Jun 2021 06:13:51 GMT
server: 10277inhcdd10bf7c7468e873e79ba2ad134
etag: "wtFs/0F8l7LJSQ9jdcRX7A=="
content-length: 710
content-type: text/javascript; charset=utf-8

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 5FAD 338 KB
96 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 81309cd747361ca3e364f13173e7f29b533febe65d486ec2fb630e9e2377c073

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Uw2flfV9f9HbNB50711uyEU_YZXDyQY4LTeeElNnhXkaRegBxRI8D28MbGB1fT-Zwdi9aODFhtEcshMPhzJK7duw84XVA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 97849
last-modified: Sun, 30 May 2021 09:55:50 GMT
server: UploadServer
etag: "d682e3f833c30ce1545dcf578221f62a"
vary: Accept-Encoding
x-goog-hash: crc32c=/tJbYg==, md5=1oLj+DPDDOFUXc9XgiH2Kg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1622368550134728
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 97849
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 04 Jun 2021 06:18:51 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 73ms
25ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 05 Jun 2021 06:13:51 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6DBB 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:51 GMT

GET
DATA 200
OK truncated
/ Frame ACD4 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7a970ce3a3056ad1ba632654c9009231d98f431c2b4f45c63c98155dcba0539

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame ACD4 20 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 23:54:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
age: 195539
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Wed, 01 Jun 2022 23:54:53 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
105ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=vnexpress.net&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&apppkg=&fv=3&proto=https&pid=5e63d10e28a0614d2b01395e&cid=5ea26963e792ea55c7264da7&e=inventory&vi=100&cb=1622787232056
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 64B5 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 03 Jun 2021 23:40:57 GMT
expires: Fri, 03 Jun 2022 23:40:57 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 23575
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 783B 783 B
532 B 30ms
30ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e21fbf331cb5409d1ac2252b62c88ba8f544fa2c6dea037e10c24179257604b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CyI0fZ7/8Szfoe5sV/x1dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

expires: Fri, 04 Jun 2021 06:13:52 GMT
date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-CyI0fZ7/8Szfoe5sV/x1dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 740 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 782 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Ureka_Supply_vnexpress.net_Slider_passback_Aniview.js Show response
bd.urekamedia.com/publishers/code/vnexpress.net/ 1 KB
840 B 30ms
20ms Script
application/javascript 2606:4700:3030::ac43:a1fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bd.urekamedia.com/publishers/code/vnexpress.net/Ureka_Supply_vnexpress.net_Slider_passback_Aniview.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad29f2f1dd0f3e65be64c8c50673b20671760d7251811b8362da31193aba7625

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 45566
cf-polished: origSize=1072
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7741296a00004a55a5068000000001
last-modified: Wed, 12 Aug 2020 08:34:21 GMT
server: cloudflare
etag: W/"5f33a98d-430"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Y3MQt0Qe4I0CvWWPCESAmCXKl3OFu26nhTaDklgdIQZVmIeaTmu8PcmuGg4%2B6U2Bf8DIXUat1lydZRTo1myG%2B4YW0EzQBnI8J6b1viwM7pPHF4cXVxJsrcTO25PqfQ%2BJ87ST809R6waV4PI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 659f0488a8244a55-FRA
expires: Sat, 03 Jul 2021 17:34:26 GMT

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 26 KB
5 KB 379ms
117ms XHR
application/json 35.171.145.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fvnexpress.net%2F&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&AV_CHANNELID=5ea26963e792ea55c7264da7&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=vnexpress.net&AV_DADPOS=3&AV_PLACEMENT=5&v=6.1.1.243&avtoken=232055&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1622787232100
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-49.compute-1.amazonaws.com
Software: /
Resource Hash: a07d82dc523140ad08ee73c1d4b4d3d27d712c7cf2940a6c5c7d971f045cdbe5

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
expires: Sun, 23 May 2021 16:27:12 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 60ms
59ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=486255244444979&vrg=2021060301&nw_id=27973503&nslots=11&eid=31061371%2C21064367%2C21068110%2C31060412%2C31061142%2C676982961&pub_url=https%3A%2F%2Fvnexpress.net%2F&qid=COPg2sOp_fACFSXauwgduz8N2g&iu=%2F27973503%2FOV.Vnexpress%2FDesktop%2FMasthead%2FHome&e=512&ret=1600x250&req=320x50%7C1x1%7C728x90%7C900x225%7C970x250%7C1200x150%7C1800x180%7C1920x270&bm=0&efh=1&stk=0&ifi=4

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 647B 62 KB
21 KB 27ms
27ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bd.urekamedia.com
URL: https://bd.urekamedia.com/publishers/code/vnexpress.net/Ureka_Supply_vnexpress.net_Slider_passback_Aniview.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "892 / 653 of 1000 / last-modified: 1622758190"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21347
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:52 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 64B5 14 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 23:40:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 23:40:26 GMT

GET
H3-29 200 pubads_impl_2021052601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 647B 311 KB
109 KB 29ms
29ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 08:37:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111649
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:52 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 647B 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 647B 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 647B 7 KB
4 KB 57ms
57ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1818167748729405&correlator=627422198562762&output=ldjh&impl=fif&eid=31060789%2C31060989%2C31061223%2C31061186&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=2627062%2Can.passback_ov.vnexpress.net_SliderPC_240420&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3Dcf7ec6c02d20ebcd-223cc6d655c8003f%3AT%3D1622787231%3AS%3DALNI_MaRDlKL0jn1bR4yRfXXCcU0VPLDIw&cdm=vnexpress.net&bc=31&abxe=1&lmt=1622787232&dt=1622787232363&dlt=1622787232138&idt=138&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=984466752&ucis=1j13fx6rtryl&ifi=1&ifk=901199412&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fvnexpress.net%2F&top=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=1114537071.1622787229&ga_sid=1622787232&ga_hid=481197062&ga_fc=true&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9e0b36ec7149545595899bcc63deb3404cb34c030d4571745dee771d87b9a730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4030
x-xss-protection: 0
google-lineitem-id: 5416437550
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138316342509
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ae13331e079e874449f5596ea7cebb9a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 647B 0
0 47ms
27ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ae13331e079e874449f5596ea7cebb9a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DBB 0
20 B 22ms
21ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=4376781648200082&bg=!0NOl05fNAAY6sG-_OrA7ACkAdvg8WqrEHlaprBNDjLOpl19jttoLp18qENLQ4ECoVn1A3JW23PYj1wIAAABZUgAAAApoAQcKAQ1wQTzxpLi_IfQLnu1XLyhYdtevsITDziwwGNk2Uh4T3s8K2Tf4O2vrDsfaD7Lr-USOGtP3h8SrZ9Og802re4EI8sYfw4AODRnXyuPfFpGw2Cal_QbiXmK8B6iVb4LLapMViejmu5ueWHjApfrVfMrNeYYXHDVaqI5e3o2w5HIyKSia6RTm6BUZ3TYWz3NgGEA47aaOs92CNlPO5wcrMegWXPNlbIiS8-olm_ttSlYPjwafP1onMbBJ7f2UmOwFcO4ZvS-zdpjjgddPcfztn4cClzOa138bYnyk7BX0SYXUXmkocHTWTNWReMFG6HMbim_dQVYADdslBQJQ4nOm5Dva_A9qR3vEzSOYr-hZi5kCdI1IjGIrhHxnoDB5mO_nn-5KlMS4Gxmm3IzbhQ7HazK3i7VccZIHy2ZJNqVtg3re50GnHCT3aZyErFicJE3tWKgxpQw5TNcLnWmw-UmQaEbu-uMSGzSKr8Vgqa4hRGheLj4LpSqn5dK1914BqFkugySVFD1OPr4-WjbQfQ3QxFEPkUOMgKVvilJk0GnVfNHmlLRD0B-GD-pL7GW7yi9DiPt46UY98o6NkSE1svP-yzmHo_AAs6YDRYuqS_rP9EBmK4fdNqLJrgjAUg1plYyU-cgmRDKW_z5QM-tPjPrWan6hCMzI2BQ_tqFsGYn41J2LkFqtxWuy6j7smA8pwOTnod0UuHECMYA5z7CPaj5BPorj-9szjOTVMAoug3K9GQwi3en1EqboEMBfPSy-YoQZyIfUh_rveSAZXdq5V9d1Y0tqf1UG1N_-5CCbWVG-fG9dfOcnOs7K7UgwoMVvGfhbD8Qvl41IQ8EEVbQo780Uo3-1qanFE2ndQypIae365LXfAfHPEEOIWxLYv7PasTWfvX3aK8GUhwr3kNMATA7Q7DCs1_dsR8sJvi88tcGfh4Q5-HMOVOBYnrfX6cy_JVpYU2zT1n_KIeODNnvM6DZO5XZGF96CRAdBEftJow9VwFj68Pu6gWoF9TG228g6ha6iYMuBL8pH3tkNE9-RSAIQ_JS2IJyo_8OdIqyqvay8nj-TV4Cf1BsxUo3wPJ-rC562R76FRgfuLSam_Tm7gnK8gq2rUuXnpxxatc8LNXPqlFvICyKPHp0V1Tl7ZCUPPXGD1Qkw7lteCvERV4u9TRyUWbAHAP1Z_VdpPggRuTe3qdlawkTijQM

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A79A 0
0 23ms
23ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrRb2WH7Fc5G1znu65bypttLDEjMfSGLKPLAryWlNbplKABKS6iUFpKc0p9OUJdrPiFD1QlvkulyunBDaQ-mO3q1i04gyGZohh0JkOmoDjLg15vWG5M4dkicO4OJ6N7cXimRxUy4geMCB7IPixR2DDDZScM6CVdwH-YaaWdH1o_f07ms8EG86en7N3xcGWO9AiibP_fiaMzmWjIpXREnwrIZUMAzs7zrTkwwe7XmfhRT1yhFg3ZMEhXZj8bDU2H19SSNWsy5qNPtWHDhG36DCHkOYHoPKyIOoO-JL8u1q3SenK27W284fS18O3UB2Im1zY8kCk_zDJInTspg&sig=Cg0ArKJSzEyjuZePygqvEAE&urlfix=1&adurl=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 ani-uk-slider-vnexpress.net-avantis.js Show response
solution.urekamedia.com/vnexpress.net/avantis/ 5 KB
3 KB 30ms
18ms Script
application/javascript 2606:4700:3030::ac43:a1fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://solution.urekamedia.com/vnexpress.net/avantis/ani-uk-slider-vnexpress.net-avantis.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 448bbb82769ac61ff51ab6584fce6baf1cd44e60927c21a35106b2fb8c48475b

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2363
cf-polished: origSize=9754
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a77412ab9000063bf94a5b000000001
last-modified: Mon, 12 Apr 2021 08:30:38 GMT
server: cloudflare
etag: W/"261a-5bfc254092780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2F%2BEwr4%2FRe%2Fq%2FgSXj%2FSw%2BFCyqWZCdeu1C5i8Lueqcq8Vt4WAU75bmXnuSiCvamM3Cojbkfdetz9U%2B%2FqViyrld8rnrS4oN4wsQRUiLonvugtP1e7o0YxhprqetYiG8J8HDXohIe1R%2Bh1tlwECaS7C4AKc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 659f048ac8a063bf-FRA
cf-bgj: minify

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A79A 121 KB
37 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656031336809"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37735
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:52 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 647B 73 KB
27 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656037121142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28114
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:52 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 647B 10 KB
8 KB 34ms
34ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9ea721383ab8b781cf4e134974610fd06f6d4a458cd6f61a19170d681dc3b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7684
x-xss-protection: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5d81ec9228a0610a0033fe67&cid=5d81ed7928a06164620898f0&e=playerLoaded&cb=1622787232463
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame A085 338 KB
96 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 81309cd747361ca3e364f13173e7f29b533febe65d486ec2fb630e9e2377c073

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Uw2flfV9f9HbNB50711uyEU_YZXDyQY4LTeeElNnhXkaRegBxRI8D28MbGB1fT-Zwdi9aODFhtEcshMPhzJK7duw84XVA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 97849
last-modified: Sun, 30 May 2021 09:55:50 GMT
server: UploadServer
etag: "d682e3f833c30ce1545dcf578221f62a"
vary: Accept-Encoding
x-goog-hash: crc32c=/tJbYg==, md5=1oLj+DPDDOFUXc9XgiH2Kg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1622368550134728
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 97849
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 04 Jun 2021 06:18:52 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A79A 0
0 23ms
23ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOrJqkhx8MXVhpFxUMBjxx7wvh27OLFBp325sUWjOFfq2phEhgeoIRBSxl11zbSJqZRVbZ_yZgIQhZ9r55ffFBP64euvybHJV4vdP67biRPMDk24xEZMAW76Y9ML4E3-WgdAalb7mUFu3kKFZ-1ubbhdFHgT8a2GKl8sYx65b1L_KQ81rbkxETd8zZ79MBUCZ9H3it1Bb-Rzu6mwo4o3CXa4trcFwWkAfvx83ddKhCN9qeB3sqrC2StK_cWNVPf4Bgf3TFgeL_P1IBGcxoSBJuSJEily_tq2mZiWpXmrpuh6BXXh6AuQ5hlERXUpBxIdLBA0ET21V0WE4UVQW9&sig=Cg0ArKJSzEhy2s9QO1LgEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 04 Jun 2021 06:13:52 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 647B 17 KB
6 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:52 GMT

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 0062
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D22%26key%3D%7BPUB_USE...
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D22%26key%3D%7BP...
https://sync.aniview.com/cookiesyncendpoint?auid=1622787232412-992337078722-007368-009-000140&biddername=22&key=a13f939c-6e81-4d61-9056-0b6dad7ebd93

0
240 B

317ms
112ms

Document
text/plain

52.1.101.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1622787232412-992337078722-007368-009-000140&biddername=22&key=a13f939c-6e81-4d61-9056-0b6dad7ebd93
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.101.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-101-77.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1622787232412-992337078722-007368-009-000140&biddername=22&key=a13f939c-6e81-4d61-9056-0b6dad7ebd93
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aniC=1622787232412-992337078722-007368-009-000140
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-length: 0
set-cookie: 2_C_22=a13f939c-6e81-4d61-9056-0b6dad7ebd93; Path=/; Domain=aniview.com; Expires=Sat, 05 Jun 2021 06:13:52 GMT; Secure; SameSite=None 2_C_22=a13f939c-6e81-4d61-9056-0b6dad7ebd93; Path=/; Expires=Sat, 05 Jun 2021 06:13:52 GMT; Secure; SameSite=None

Redirect headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-type: text/plain
content-length: 0
location: https://sync.aniview.com/cookiesyncendpoint?auid=1622787232412-992337078722-007368-009-000140&biddername=22&key=a13f939c-6e81-4d61-9056-0b6dad7ebd93
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 sync
pixel.advertising.com/ups/58246/ Frame 9C58 0
0 47ms
16ms Document
text/plain 18.197.47.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.advertising.com
:scheme: https
:path: /ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000

GET
H2 204 services
sync.technoratimedia.com/ Frame 9045 0
0 291ms
96ms Document
text/plain 193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1622787232412-992337078722-007368-009-000140&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: sync.technoratimedia.com
:scheme: https
:path: /services?srv=cs&pid=70&uid=1622787232412-992337078722-007368-009-000140&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D3%26key%3D%5BUSER_ID%5D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

server: nginx
date: Fri, 04 Jun 2021 06:13:52 GMT
set-cookie: tads_uid=GDPR; Max-Age=157680000; Expires=Wed, 03 Jun 2026 06:13:52 GMT; Path=/; Domain=.technoratimedia.com; Secure; SameSite=None
access-control-allow-origin: https://vnexpress.net/
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 287966899
age: 0
via: 1.1 varnish

GET
H/1.1 200
OK Cookie set us Show response
sync.go.sonobi.com/ Frame FBB3 0
474 B 55ms
13ms Document
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D60%26key%3D%5BUID%5D

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Date: Fri, 04 Jun 2021 06:13:52 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YLnEo; path=/; domain=.go.sonobi.com

GET
H/1.1 404
Not Found Cookie set uc.html Show response
sync.go.sonobi.com/ Frame BAC0 571 B
421 B 54ms
13ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.go.sonobi.com/uc.html?pubid=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ams-1-sync.go.sonobi.com
Software: sonobi-go /
Resource Hash: 7308a2c8fc393c0af6acae7a1069ddb3e8a80439658d2eb130da76aaae010291

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Date: Fri, 04 Jun 2021 06:13:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YLnEo; path=/; domain=.go.sonobi.com

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 2FBB 2 KB
818 B 29ms
9ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9423 8 KB
3 KB 64ms
19ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D1%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D1%26key%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=71575
expires: Sat, 05 Jun 2021 02:06:47 GMT
date: Fri, 04 Jun 2021 06:13:52 GMT
vary: Accept-Encoding

GET
H2 204 rmpssp
sync.1rx.io/usersync2/ Frame B263 0
0 43ms
13ms Document
text/plain 213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D200%26key%3D%5BRX_UUID%5D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

:method: GET
:authority: sync.1rx.io
:scheme: https
:path: /usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D200%26key%3D%5BRX_UUID%5D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

server: Tengine
date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache

GET
H/1.1 200
OK user_sync Show response
rtb.gamoshi.io/ Frame 02F4 42 B
321 B 368ms
114ms Document
image/gif 13.58.174.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gamoshi.io/user_sync?bidder=16245&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D71%26pid%3D5ef33c8abcf1750da1720e91%26key%3D%5Bgusr%5D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.58.174.102 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-174-102.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host: rtb.gamoshi.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Date: Fri, 04 Jun 2021 06:13:52 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
x-gcontroller-pod: gcontroller-stable-6b74cf655d-48mjg
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
content-encoding: identity

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/212158/0/ 168 B
377 B 53ms
17ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622787232&cbb=2787232546
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:52 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H/1.1 200
OK 0SzYvAqqJfH4Pvhp5l0RGQ== Show response
ads.adaptv.advertising.com/a/h/ 3 KB
1 KB 62ms
15ms XHR
text/xml 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

5c3543eccad76ab8cfeddcc781e142c4d479485be7e6def4b641f55a74c35a75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 1070
expires: 0

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame 5FAD 265 KB
84 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3f5e7fd2bfca920e7b07f4d5e62d28dc83d793c49bfff13bc0bbf17ce2873018

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UyFy-H7HpEmGAXmZv9Zt3n-D4BS6zweHh3ZRgZkP1nggZ7RPkqZmO7WA5jZfYH80kwAcvHpXMpLEEuGhjbq5JE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 85371
last-modified: Sun, 30 May 2021 09:54:49 GMT
server: UploadServer
etag: "5df9d6652e64786c5b87e1afaea66915"
vary: Accept-Encoding
x-goog-hash: crc32c=xIkkeg==, md5=XfnWZS5keGxbh+GvrqZpFQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1622368489825952
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 85371
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 04 Jun 2021 06:18:52 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787232551&asid=603f3845a58ab3069815987b%2C5f0e87a3db73b9083a397ae5%2C6050a53041a04e37862d1575%2C603f4143d8cb955a43024a76%2C5f310027fc32916fcd7c5765&ofpr=1%2C%2C1.5%2C1%2C1.5&fpo=%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&copid=5e4d2a2d2a62e7166c1db7a5&nid=59c9148628a0612da3689288&cocid=5e97fece3706f1266619c969&ncid=5ea84900c94b8975a9508d38&coasid=5ea84ae409a41a723a209314&e=request&cb=1622787232551&asid=60802fa7bda96b4f7761daec%2C60938ff57621683c2c6776a3%2C5f4f9c3d23b3f315675708b0%2C5e5e346c28a0613c6a54f5b4&ofpr=%2C%2C0.5%2C&fpo=%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 99ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=vnexpress.net&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&apppkg=&fv=3&proto=https&pid=5d81ec9228a0610a0033fe67&cid=5d81ed7928a06164620898f0&e=inventory&vi=100&cb=1622787232577
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8E59 12 KB
5 KB 9ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 03 Jun 2021 23:40:57 GMT
expires: Fri, 03 Jun 2022 23:40:57 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 23575
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D526 783 B
532 B 37ms
35ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

099c706399240a4769a6a0736871c17af6e5276ff25608fec6136bc87e6d804b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w5GLtG5KSnZiZ7+tj4x/Cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

expires: Fri, 04 Jun 2021 06:13:52 GMT
date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-w5GLtG5KSnZiZ7+tj4x/Cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 18 KB
3 KB 108ms
107ms XHR
application/json 35.171.145.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fvnexpress.net%2F&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&AV_CHANNELID=5d81ed7928a06164620898f0&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=vnexpress.net&AV_DADPOS=3&AV_PLACEMENT=5&v=6.1.1.243&avtoken=232577&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1622787232600
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-49.compute-1.amazonaws.com
Software: /
Resource Hash: 974713c15b3acf41b7528dadac6a4d140688a8e8c20acd63cc7a9b4b63f0cc88

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
expires: Sun, 23 May 2021 16:27:12 GMT

GET
H/1.1 200
OK Ureka-png--white.png
dmp.urekamedia.com/ 23 KB
24 KB 1455ms
574ms Image
image/png 125.212.217.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.urekamedia.com/Ureka-png--white.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 125.212.217.46 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx/1.10.2 /
Resource Hash: 52c93e3062d05ac961d93f0dcb33e826673778109ee29bb1c3ec82e3ccddcde3

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:13:53 GMT
Last-Modified: Tue, 08 Sep 2020 14:23:45 GMT
Server: nginx/1.10.2
ETag: "5f5793f1-5de9"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24041
Expires: Sun, 04 Jul 2021 06:13:53 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 57ms
26ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f115fba23f6e891e20ffb8649dfd79ae3bb2f132e1762f080eb80d39362cb722

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
387 B 52ms
22ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 65d8bcd474d5a24c89d8b63b3f71a19134df7bc8d073bdad664968d7da154ef2

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
714 B 18ms
18ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:52 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.253:80
AN-X-Request-Uuid: dd8a936e-3ea8-45a4-8d23-a8a1bd3493d9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
834 B 33ms
14ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

37b7324800833a23e9a2555603ab5da524f2e70788aa4c79fdbd34d7fd7e7797

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:52 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.233:80
AN-X-Request-Uuid: 88cc5ea6-c2f9-43e9-9843-cfed9b30a0ab
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
713 B 73ms
44ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:52 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.45:80
AN-X-Request-Uuid: 908b56bc-9975-4c50-8c86-97ac3599a9b3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame A8FA 38 KB
14 KB 37ms
36ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D1%26key%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D1%26key%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=121452
expires: Sat, 05 Jun 2021 15:58:04 GMT
date: Fri, 04 Jun 2021 06:13:52 GMT
vary: Accept-Encoding

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E59 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 23:40:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 23:40:26 GMT

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame F229
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622787232412-992337078722-007368-009-000140%26biddername%3D55%26key%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1622787232412-992337078722-007368-009-000140%2526biddername%253D55%2526key%253D%...
https://sync.aniview.com/cookiesyncendpoint?auid=1622787232412-992337078722-007368-009-000140&biddername=55&key=5745970665548912630

0
215 B

136ms
112ms

Document
text/plain

52.1.101.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1622787232412-992337078722-007368-009-000140&biddername=55&key=5745970665548912630
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.101.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-101-77.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1622787232412-992337078722-007368-009-000140&biddername=55&key=5745970665548912630
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aniC=1622787232412-992337078722-007368-009-000140
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-length: 0
set-cookie: 2_C_55=5745970665548912630; Path=/; Domain=aniview.com; Expires=Sat, 05 Jun 2021 06:13:52 GMT; Secure; SameSite=None 2_C_55=5745970665548912630; Path=/; Expires=Sat, 05 Jun 2021 06:13:52 GMT; Secure; SameSite=None

Redirect headers

Server: nginx/1.17.9
Date: Fri, 04 Jun 2021 06:13:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1622787232412-992337078722-007368-009-000140&biddername=55&key=5745970665548912630
AN-X-Request-Uuid: 2a6cb9e3-857f-4170-9ca5-94f4b0ac805f
Set-Cookie: uuid2=5745970665548912630; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Sep-2021 06:13:52 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.135:80

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
779 B 17ms
17ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787232723

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:52 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.155:80
AN-X-Request-Uuid: cf0e27fc-c486-43c1-a31e-df0303ba511c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
778 B 17ms
17ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787232724

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:52 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.53:80
AN-X-Request-Uuid: 19207603-9a1f-44cd-837c-cb077be68e16
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame A085 265 KB
84 KB 30ms
29ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3f5e7fd2bfca920e7b07f4d5e62d28dc83d793c49bfff13bc0bbf17ce2873018

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UyFy-H7HpEmGAXmZv9Zt3n-D4BS6zweHh3ZRgZkP1nggZ7RPkqZmO7WA5jZfYH80kwAcvHpXMpLEEuGhjbq5JE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 85371
last-modified: Sun, 30 May 2021 09:54:49 GMT
server: UploadServer
etag: "5df9d6652e64786c5b87e1afaea66915"
vary: Accept-Encoding
x-goog-hash: crc32c=xIkkeg==, md5=XfnWZS5keGxbh+GvrqZpFQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1622368489825952
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 85371
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 04 Jun 2021 06:18:52 GMT

GET
H2 200 avpb3a1.js Show response
player.aniview.com/script/6.1/ Frame A085 52 KB
17 KB 65ms
64ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3a1.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 489a4bc87a34468a78ae982263ae283b8c38ba1c69701936652e89332cab50f0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UwcKNy_T5kTEU2YUqAcupedBc1UBQMLSQtX9Kfa6KwacJRnrVTjb7LqAa9WM_VuEtOaU8CVzpuI0xqPNaFzyUTXBgJ-gg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 16863
last-modified: Sun, 30 May 2021 09:55:24 GMT
server: UploadServer
etag: "7b61d3f639c4e4919659c1f44b40175f"
vary: Accept-Encoding
x-goog-hash: crc32c=1q7YmA==, md5=e2HT9jnE5JGWWcH0S0AXXw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1622368524433287
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 16863
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 04 Jun 2021 06:18:52 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 99ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622787232726&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&copid=5e4d2a2d2a62e7166c1db7a5&nid=59c9148628a0612da3689288&cocid=5e97fece3706f1266619c969&ncid=5ea84900c94b8975a9508d38&coasid=5ea84ae409a41a723a209314&e=bid&cb=1622787232730&asid=60802fa7bda96b4f7761daec%2C60938ff57621683c2c6776a3%2C5e5e346c28a0613c6a54f5b4&ofpr=%2C%2C&fpo=%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame 4AEB 15 KB
7 KB 113ms
31ms Script
application/javascript 52.48.131.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1245982&orgId=23089&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=http%3A%2F%2Fvnexpress.net&vrid=6522e6bb-3076-4a0a-8587-7299ce90a5a8&pblob=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.131.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 84308a10d38b977773b67c9ea1f6a052e7da47e408e434de8c8550b68da095d5

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6631

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A8FA 0
42 B 57ms
17ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47505676&p=157742&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:51 GMT
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9AFF 338 KB
116 KB 64ms
32ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:52 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A8B9 338 KB
116 KB 59ms
26ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:52 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 23ms
22ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 39ms
39ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 42167ae5105bd2d78308edd99849d57fdc4e0efc213f67b6eeab341ccfbf139a

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 42ms
20ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
447 B 159ms
101ms XHR
application/json 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPTU2MmNjMmRlLTg0YmItNDI3OS1hZGM0LTFhNmY3OGI5Mjc1OA%3D%3D&pt=net&stid=1f1738a7-01fd-4a19-b9a4-0ec235a0c0be&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 74ms
27ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:13:52 GMT
X-SpotX-Timing-Transform: 0.000302
X-SpotX-Timing-SpotMarket: 0.004662
X-SpotX-Timing-Page-Mux: 0.001094
X-SpotX-Timing-Page-Require: 0.000354
X-fe: 130
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.010113
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000503
Last-Modified: Fri, 04 Jun 2021 06:13:52 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004662
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.003179
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000015
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 32ms
31ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 63d4bc54208405a5bf534678441e91b03c03e4b473334e458ef1ecf01134edae

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 73ms
26ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:13:52 GMT
X-SpotX-Timing-Transform: 0.000307
X-SpotX-Timing-SpotMarket: 0.004824
X-SpotX-Timing-Page-Mux: 0.000909
X-SpotX-Timing-Page-Require: 0.000341
X-fe: 032
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.010280
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000303
Last-Modified: Fri, 04 Jun 2021 06:13:52 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004824
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.003577
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000016
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/ Frame 4AEB 317 KB
102 KB 27ms
6ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Requested by

Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1245982&orgId=23089&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=http%3A%2F%2Fvnexpress.net&vrid=6522e6bb-3076-4a0a-8587-7299ce90a5a8&pblob=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 01 Jun 2021 13:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232445
x-amz-server-side-encryption: AES256
x-amz-storage-class: STANDARD_IA
vary: Accept-Encoding
content-length: 104243
x-amz-id-2: vWMi7o3L7vlDpkukVR6HvHj0IdrRaXBUJ5u0d2C4eLMMwo1OrTO7hayWVD5kRHrLJkPZ10+oYJ0=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 31 Mar 2021 05:09:03 GMT
server: ATS
etag: "ce274b08c0547a727a3ff76c208f4a16-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: 8M3NZ8DCYVADP0WS
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame 4AEB 43 B
246 B 54ms
15ms Image
image/gif 52.57.141.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=59ae8acf7cdce04271395139&s=true&pv=10.2.63&ifr=true&cb=0.3802062020103112&pt=o2unit&sid=62e3fd0d-1ecd-44bf-9fe7-851005673687&r=https%3A%2F%2Fvnexpress.net%2F
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Fri, 04 Jun 2021 06:13:52 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 647B 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=1818167748729405&bg=!HxylHFjNAAY6sG-_OrA7ACkAdvg8WmFs1EayvEsKqFuRTUhKz2HSMvK2nsub2O2Nou_hIh2XiC3kXAIAAACaUgAAAAxoAQcKAN-1JqgWvCgFrtYiOBhvFl9In7Xl67WqryvXl5y2sTG7uAAtONoDfxrK7YHH0S4WLKnCVCDW-HOOf-oBCuIgJvsHyzSvqc3oCxnMVj9y-HD0dEJD1oMnT33t7SRFzxVf1Afx3q2OPIg5gTNpsumyWLbvT4fypIaLm0B4KuOonfqTSBnzgYbKrjkotwdWQ3AM2AANbLWqHYLiByolG0M1hMisRbnAFV9LGPBDk1oDo2R3sYWkYgAPju6NENzlBvQIaGBkqADko37PwwwChvt0QPBfr2sJlZvUX-XrXtuNswzMmQJKhk8S-HN5KFzUq6HScH3mPOqcfxDZwAgD7Wm1OjaIdSHkCcHWABvVha-0ux4_6KSVmxI7JYTNTZPK8WrqfcWq6hf_9YjS3WUx0nvYAX6JJuqJ4LkZG6YdqquXqiJX-02PkSQ4kKpC5qdXf3cv8U_sSe9tNO_PQ4u1xRbJ4dg1Yk9iMUtfmOpQTtsy22FVJ0KOK30tdDhtEzd3UAoOnjHuDFyaX1Eo_YXpPDaBtWrT5NgL4dZLqoBPLMTa1MGhnIkenY3QapD_20pOlQgeDbG40mTU-EeYPLPnsUjJvfzXwBOq69-hp6zAxr6t7pY8LQNE3AmFqFAZLUuZIguBaZt7ZUO_UkeS2zptKnqCutN6TCqXdVR-xl6JYuwqAo1nilp57Wj0fYD2oHqy1eMwP38uOtYkpfuSS8HMpBj_VvD8mQ2KnlpY8JP6niD310J3DJLyY7BmRhJTsoyo0fzf4UpwCU0gtO2xdXVYjoH0q6ik-4Eo8NweXwQcAPLboMc3R0V24E8YLWNvRVc76hjxT5nasoEVUdDpWUJTqy3wS6HAPyuRIFA3tMOkQrz0RSC1BOZkOoQZGmzEBo-76CUKu8dFEjPRq6mDnxnwqZVseT57EvzN-M99e1rDw3PJ_Tf2FaK2shEj3XZbfZWsN8aNVZXZouaRhEUOf4d9wJMe6N5NPrF7kjli5F8gZJZMrAi1V0MfRpI2HK9Q4ypG6u2H6GG5kPb22T0L36BsWVt-V7lzEOj2LOWlTPvsY0tQmZzcFfzonwpWB1kY78yRyQ

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2316 575 KB
188 KB 35ms
8ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116339
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame A8B9 44 KB
16 KB 66ms
25ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:52 GMT

GET
DATA 200
OK truncated
/ Frame A8B9 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame A8B9 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A8B9 0
20 B 39ms
38ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?u=f&lid=152&sdkv=h.3.463.0&id=ima_html5&c=3676534633826080&domain

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A8B9 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F107863627%2FANI-vnexpress.net-web%26description_url%3Dhttp%253A%252F%252Fvnexpress.net%26tfcd%3D0%26npa%3D0%26sz%3D400x300%257C640x360%257C640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator%3D%26nofb%3D1&customPlayback=f&customClick=f&lid=8&sdkv=h.3.463.0&id=ima_html5&c=3676534633826080&domain

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame BAF0 575 KB
188 KB 9ms
9ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116339
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 9AFF 44 KB
17 KB 32ms
19ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:52 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9AFF 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5793 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1152
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ 133 KB
44 KB 60ms
21ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 844FF664DE0AB17A
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=11744
accept-ranges: bytes
content-length: 44266
x-amz-id-2: KrpVRZD3M0T4g9xUncS5g3siU6Z/qnTuCp2KYOKEtN/tCl8UaA8yn/9PP1OCFx0nXyimfljs5VQ=

GET
H2 200 local-storage.html Show response
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame DA6E 2 KB
780 B 7ms
6ms Document
text/html 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn-ssl.vidible.tv
:scheme: https
:path: /prod/player/ad-time/local-storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

x-amz-id-2: 3dNKcdVZTMeXjaZpIedgvgHwXJzMS7x9l7kOzPuzpOXHi+mV4AnTBHrXhOIF0x/kfWJDMQoRm+8=
x-amz-request-id: ATY663V0W6BNTT4C
date: Thu, 03 Jun 2021 14:51:26 GMT
last-modified: Wed, 19 Feb 2020 12:29:18 GMT
etag: "3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=1209600
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-length: 557
age: 55347
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK 0SzYvAqqJfH4Pvhp5l0RGQ== Show response
ads.adaptv.advertising.com/a/h/ Frame 4AEB 249 B
543 B 29ms
28ms XHR
text/xml 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=2787232550&gdpr=1&gdpr_consent=&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=89.249.64.171&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lat=52.51960&lon=13.40690&us_privacy=1---&scpid=5e4d2a2d2a62e7166c1db7a5&eov=eov&hp=1&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fvnexpress.net%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=225&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=2&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=https%3A%2F%2Fvnexpress.net%2F&width=400

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame 4AEB 43 B
245 B 16ms
15ms Image
image/gif 52.57.141.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=59ae8acf7cdce04271395139&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fvnexpress.net%2F&s=true&sid=62e3fd0d-1ecd-44bf-9fe7-851005673687&vvuid=fdef601f-e294-4ad4-9d56-13bffc056f3b&orgId=23089&plcid=1245982&vrid=6522e6bb-3076-4a0a-8587-7299ce90a5a8&ab=0&dt=104&h=225&spaceid=793604934&w=400&cb=0.22934289390654783
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Fri, 04 Jun 2021 06:13:52 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame 4AEB 43 B
245 B 15ms
14ms Image
image/gif 52.57.141.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=59ae8acf7cdce04271395139&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fvnexpress.net%2F&s=true&sid=62e3fd0d-1ecd-44bf-9fe7-851005673687&vvuid=fdef601f-e294-4ad4-9d56-13bffc056f3b&orgId=23089&plcid=1245982&vrid=6522e6bb-3076-4a0a-8587-7299ce90a5a8&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.5262470818557332
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Fri, 04 Jun 2021 06:13:52 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame 4AEB 43 B
245 B 15ms
14ms Image
image/gif 52.57.141.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=59ae8acf7cdce04271395139&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fvnexpress.net%2F&s=true&sid=62e3fd0d-1ecd-44bf-9fe7-851005673687&vvuid=fdef601f-e294-4ad4-9d56-13bffc056f3b&orgId=23089&plcid=1245982&vrid=6522e6bb-3076-4a0a-8587-7299ce90a5a8&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=400&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=225&cb=0.7459357990809363
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:52 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Fri, 04 Jun 2021 06:13:52 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 102ms
101ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622787233004&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D76A 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZWEpZWVFdcSMyRcs4JVXojaIbEY_VyVXJqtR9C-7zZrmFrT-vXRdSX0M9dDSUmzPEsjDlX6wXqOYXiD26CWzmDTFSZ-fSzo7JbG072F0jEqOCMBdHCHgYwirmwg&sai=AMfl-YSY1XKbC-d6Wzg87gmukzpYVvDf1Xe2C3JUgtGJSHfI6TCig6Vw1M5apV9NyCCkiuCWANOH80tC9XmXaPqlMZwEiIXFsRIoKbsE4_VH-0KS_1jyjCBl6munWttJDWW-&sig=Cg0ArKJSzB7VTf8DNlSEEAE&cid=CAASPeRoBmVniAKRWavKdTwCnsd2pGRzt0wHvfic4XGo9fWhdH91u8fATJaMU5wBKUeiOwR_yk-jHV1yVhLxgPg&id=ampim&o=1050,391&d=300,500&ss=1600,1200&bs=1600,1200&mcvt=1055&mtos=0,0,1055,1055,1055&tos=0,0,1055,0,0&tfs=183&tls=1238&g=100&h=100&tt=1238&r=v&avms=ampa&adk=1680299014

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0328 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1153
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H2 200 ad-engine-response.gif
trk.vidible.tv/trk/ Frame 4AEB 43 B
245 B 19ms
19ms Image
image/gif 52.57.141.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=59ae8acf7cdce04271395139&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fvnexpress.net%2F&s=true&sid=62e3fd0d-1ecd-44bf-9fe7-851005673687&vvuid=fdef601f-e294-4ad4-9d56-13bffc056f3b&orgId=23089&plcid=1245982&vrid=6522e6bb-3076-4a0a-8587-7299ce90a5a8&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=400&aert=48&ar=no&fo=0&ft=0&h=225&cb=0.9562945126129803
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.141.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Fri, 04 Jun 2021 06:13:53 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E2ED 338 KB
116 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:53 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1731 338 KB
116 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:53 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
18ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1622787233087&de=673481314395&d=285%3A-%3A-%3A-&bo=vnexpress.net&bd=vnexpress.net&f=0&cs=0
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Jun 2021 06:13:53 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ACD4 42 B
64 B 24ms
23ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbyyX5MO3B13riCUgOPgLhTUHQ8I6igOkZZXVbwnEFEuPQDA7SlHmm8VkoYAabqIDF-gmQh9eaZ3LE6_IXGqyiN9HOxUQKJynxZNYCwLZI2830o9Ra_rbSU21DLg&sai=AMfl-YRFHhcAZZCqGGHgojIQ4rviWDBuU3_2Keo6c5rEZ_rSLrYn1X51bylHtAAedy5f2O2RgIIYR2W5BCCt8CW1Qj0CdgzypEeymIA1Wd65O7XaRV2PNZ7numdrE4xsrRkw&sig=Cg0ArKJSzNBDO0aUvX_TEAE&cid=CAASPeRoaewSG6hgIiL3VQhyqMbPFKtO8XL42IBALEbvjpt5uq86-PrvoRCw8EAROpkNZ-mqVA1YYFNieKGh4I8&id=lidar2&mcvt=1024&p=10,0,260,1600&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20210602&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1832943895&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622787231602&dlt=90&rpt=6&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 825B 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116340
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1731 44 KB
16 KB 48ms
21ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:53 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1731 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame CF0A 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116340
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame E2ED 44 KB
16 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:53 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame E2ED 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2316 156 B
554 B 251ms
249ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107863627%2FANI-vnexpress.net-web&description_url=http%3A%2F%2Fvnexpress.net&tfcd=0&npa=0&sz=400x300%7C640x360%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3105643012958454&nofb=1&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2089706068&sdk_apis=2%2C8&sid=458CA45D-D4F5-4C08-AF68-F64D64D52E0B&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787233233&cookie=ID%3Dcf7ec6c02d20ebcd%3AT%3D1622787231%3AS%3DALNI_MbwpHWfsZwfvQQYHMSFXHpILvlhJQ&scor=2728594914468845&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame BAF0 156 B
185 B 264ms
263ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21871596757%2FANI-vnexpress.net-Web&description_url=vnexpress.net&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3537333192100431&nofb=1&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3982581209&sdk_apis=2%2C8&sid=7C2CA095-14EF-4D31-9E3F-3F207D5692E4&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787233239&cookie=ID%3Dcf7ec6c02d20ebcd%3AT%3D1622787231%3AS%3DALNI_MbwpHWfsZwfvQQYHMSFXHpILvlhJQ&scor=3447204788815436&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6AEE 52 KB
17 KB 25ms
6ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=5745970665548912630
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 04 Jun 2021 05:03:19 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 04 Jun 2021 06:13:53 GMT
Age: 4233
X-Served-By: cache-lga21934-LGA, cache-hhn4047-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 77327
X-Timer: S1622787233.264625,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CE62 52 KB
17 KB 25ms
7ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=5745970665548912630
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 04 Jun 2021 05:03:19 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 04 Jun 2021 06:13:53 GMT
Age: 4233
X-Served-By: cache-lga21934-LGA, cache-hhn4046-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 76997
X-Timer: S1622787233.264446,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D56A 281 B
554 B 80ms
24ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Jun 2021 06:13:53 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame AF6B 52 KB
17 KB 23ms
7ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=5745970665548912630
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 04 Jun 2021 05:03:19 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 04 Jun 2021 06:13:53 GMT
Age: 4234
X-Served-By: cache-lga21934-LGA, cache-hhn4071-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 77293
X-Timer: S1622787233.265274,VS0,VE0
Vary: Accept-Encoding

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 38AD 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1153
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 89A4 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1153
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6AEE 0
750 B 15ms
15ms Script
text/html 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.243:80
AN-X-Request-Uuid: 3ed53962-5099-4ecc-97e7-f4df5106663d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CE62 0
750 B 18ms
18ms Script
text/html 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.232:80
AN-X-Request-Uuid: 7685a6e2-c229-41c6-b55c-7c3135b61045
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame AF6B 0
749 B 18ms
18ms Script
text/html 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.55:80
AN-X-Request-Uuid: d946afd6-9a9d-4061-845d-3c24e6bbeb8e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 825B 156 B
185 B 180ms
179ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3348197013407132&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3587609979&sdk_apis=2%2C8&sid=6E3B0BE6-C826-4869-ACB6-5D3A9F298E83&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787233364&cookie=ID%3Dcf7ec6c02d20ebcd%3AT%3D1622787231%3AS%3DALNI_MbwpHWfsZwfvQQYHMSFXHpILvlhJQ&scor=4185191613266249&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame CF0A 156 B
185 B 209ms
209ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4100690629936157&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2183157649&sdk_apis=2%2C8&sid=87DE5AD7-1CED-47DE-9480-9F947A58E2D5&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787233367&cookie=ID%3Dcf7ec6c02d20ebcd%3AT%3D1622787231%3AS%3DALNI_MbwpHWfsZwfvQQYHMSFXHpILvlhJQ&scor=1700188362639265&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D56A 31 KB
10 KB 25ms
25ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:13:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 21:11:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=72406
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9301
Expires: Sat, 05 Jun 2021 02:20:39 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame D56A 284 B
536 B 90ms
25ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/jpg

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A8B9 0
20 B 39ms
38ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?error=1009&vis=1&lid=7&sdkv=h.3.463.0&id=ima_html5&c=3676534633826080&domain

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7E46 281 B
554 B 27ms
26ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Jun 2021 06:13:53 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
https://pixel.advertising.com/ups/55986/sync?uid=YLnEoQABT-ehuABg&_origin=0&gdpr=0&gdpr_consent=&_test=YLnEoQABT-ehuABg
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YLnEoQABT-ehuABg&_origin=0&gdpr=0&gdpr_consent=&_test=YLnEoQABT-ehuABg&apid=UP09802e5a-c4fc-11eb-8cdb-02770eac6a52

0
1 KB

17ms
17ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55986/sync?uid=YLnEoQABT-ehuABg&_origin=0&gdpr=0&gdpr_consent=&_test=YLnEoQABT-ehuABg&apid=UP09802e5a-c4fc-11eb-8cdb-02770eac6a52

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:13:53 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55986/sync?uid=YLnEoQABT-ehuABg&_origin=0&gdpr=0&gdpr_consent=&_test=YLnEoQABT-ehuABg&apid=UP09802e5a-c4fc-11eb-8cdb-02770eac6a52
date: Fri, 04 Jun 2021 06:13:53 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=4c886008-8679-4759-b93a-23cfeaccb530&_origin=1&gdpr=1&gdpr_consent=

0
234 B

18ms
18ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=4c886008-8679-4759-b93a-23cfeaccb530&_origin=1&gdpr=1&gdpr_consent=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:13:53 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=4c886008-8679-4759-b93a-23cfeaccb530&_origin=1&gdpr=1&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP09802e5a-c4fc-11eb-8cdb-02770eac6a52
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP09802e5a-c4fc-11eb-8cdb-02770eac6a52&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAwOTgwMmU1YS1jNGZjLTExZWItOGNkYi0wMjc3MGVhYzZhNTI%3D
https://pixel.advertising.com/ups/57304/sync?uid=CAESEHzoAV9keNJjYOW1WsIqrp8&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEHzoAV9keNJjYOW1WsIqrp8&google_cver=1&apid=UP09802e5a-c4fc-11eb-8cdb-02770eac6a52

0
1 KB

18ms
18ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEHzoAV9keNJjYOW1WsIqrp8&google_cver=1&apid=UP09802e5a-c4fc-11eb-8cdb-02770eac6a52

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:13:53 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEHzoAV9keNJjYOW1WsIqrp8&google_cver=1&apid=UP09802e5a-c4fc-11eb-8cdb-02770eac6a52
date: Fri, 04 Jun 2021 06:13:53 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/212158/0/ 168 B
377 B 47ms
47ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622787232&cbb=2787233511
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 308ms
104ms XHR
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 06:13:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 101ms
101ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787233511&asid=603f3845a58ab3069815987b%2C5f0e87a3db73b9083a397ae5%2C6050a53041a04e37862d1575%2C603f4143d8cb955a43024a76%2C5f310027fc32916fcd7c5765&ofpr=1%2C%2C1.5%2C1%2C1.5&fpo=%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
389 B 37ms
37ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d585d9279e2fcffcb1ef224b9e92ee28b248dad82894f027aca6c27d534f2ae3

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 177
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
989 B 17ms
16ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

aaf937454de00625f10f230a2e46a077e5ddb56bf31c1726e4ee402846a2e9e5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.80:80
AN-X-Request-Uuid: 745aabd7-3b3a-4329-a1d5-996381dab715
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
385 B 28ms
28ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 26b28166f6f833af30f08f6532f8b26061a2a733c5e668b1f715801f64962a28

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
868 B 18ms
18ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.59:80
AN-X-Request-Uuid: d3101deb-c815-47c9-aa04-a213d79292c8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7E46 31 KB
10 KB 31ms
31ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:13:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 21:11:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=72406
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9301
Expires: Sat, 05 Jun 2021 02:20:39 GMT

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/212158/0/ 168 B
377 B 37ms
36ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622787232&cbb=2787233560
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H2 200 track
track1.aniview.com/ 0
70 B 101ms
101ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787233561&asid=603f3845a58ab3069815987b%2C5f0e87a3db73b9083a397ae5%2C6050a53041a04e37862d1575%2C603f4143d8cb955a43024a76%2C5f310027fc32916fcd7c5765&ofpr=1%2C%2C1.5%2C1%2C1.5&fpo=%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 33ms
32ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d95ad409230d1e166e34556896c1f7d07effb57a217c5900fe383931980cd65c

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
868 B 22ms
22ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.88:80
AN-X-Request-Uuid: 236a7c82-f3bc-479e-86d3-94cad66c70e1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 27ms
26ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e2f0479fc8ffb841ef291080ea1303a4dd282142aacd73986ebecb6a8d1d3cfc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.244:80
AN-X-Request-Uuid: 9fe8bc8c-1544-497d-96bd-7831270e5d38
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
387 B 35ms
35ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 90b9506c7db0f2772e09628e1a031886fdfb13b0e115115e92784081bfbf5800

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
934 B 16ms
16ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787233584

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.102:80
AN-X-Request-Uuid: 6a6574ad-c359-4dc8-b1a0-300ed37e9f3c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
934 B 21ms
18ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787233585

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.145:80
AN-X-Request-Uuid: 4d4c5b6d-c231-403f-af84-f1084bfc69fb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 99ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622787233585&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 92ms
92ms XHR
application/json 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPTM0YmU1MWE1LWJlMjEtNDM2NC04NGU1LTlmYTQwMjA1NWQxMg%3D%3D&pt=net&stid=9a0b9b24-f669-4409-84d0-66f06d097fc1&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 29ms
29ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:13:53 GMT
X-SpotX-Timing-Transform: 0.000333
X-SpotX-Timing-SpotMarket: 0.007541
X-SpotX-Timing-Page-Mux: 0.001323
X-SpotX-Timing-Page-Require: 0.000578
X-fe: 035
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.012978
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000475
Last-Modified: Fri, 04 Jun 2021 06:13:53 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.007541
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002705
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000019
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 34ms
34ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4097fbad0ebe3ead85ac2539732707c4e8428b6cabd16390d4bed98938a6fa07

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 21ms
21ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 28ms
28ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 12773f802ed6ef312ce274f075ffea027ebc92845ca3b9ace811820806ad6353

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 22ms
21ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 29ms
29ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:13:53 GMT
X-SpotX-Timing-Transform: 0.000618
X-SpotX-Timing-SpotMarket: 0.006216
X-SpotX-Timing-Page-Mux: 0.000846
X-SpotX-Timing-Page-Require: 0.000282
X-fe: 024
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000004
X-SpotX-Timing-Page: 0.014385
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000326
Last-Modified: Fri, 04 Jun 2021 06:13:53 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.006216
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.006080
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/212158/0/ 168 B
377 B 24ms
23ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622787232&cbb=2787233609
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H2 200 track
track1.aniview.com/ 0
70 B 99ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787233610&asid=603f3845a58ab3069815987b%2C5f0e87a3db73b9083a397ae5%2C6050a53041a04e37862d1575%2C603f4143d8cb955a43024a76%2C5f310027fc32916fcd7c5765&ofpr=1%2C%2C1.5%2C1%2C1.5&fpo=%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
989 B 24ms
24ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

782785b02993c8745f53539f5c051691609557d45c31d8c53263de2c1b5ad2a0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.30:80
AN-X-Request-Uuid: c6f74602-e419-4282-8065-e3541503559c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 39ms
39ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8aac1b4842c7455242d2d419945f292ac41dbebbdf2e8231c41b289afadd8d5b

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
869 B 17ms
17ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.146:80
AN-X-Request-Uuid: 6aefcee6-fb60-4e0e-9097-0809ac89f837
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 27ms
26ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8c7a721c6c71e4f17f4ddefd50fd1c5d46e81573587424335ec62f7ac97a3705

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/212158/0/ 168 B
377 B 28ms
27ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622787232&cbb=2787233656
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H2 200 track
track1.aniview.com/ 0
70 B 99ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787233657&asid=603f3845a58ab3069815987b%2C5f0e87a3db73b9083a397ae5%2C6050a53041a04e37862d1575%2C603f4143d8cb955a43024a76%2C5f310027fc32916fcd7c5765&ofpr=1%2C%2C1.5%2C1%2C1.5&fpo=%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 34ms
33ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 407ee65fb36e344a9ce0f297b0165f0968d58e021f8294cd75ea4c67449de548

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
869 B 20ms
19ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.234:80
AN-X-Request-Uuid: db2cc3da-ae3e-42ee-8814-0be176bdba7f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 34ms
34ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 248f29128b27be9e2f3e75b6fb4cbac6b850561a675848f3dc5e85a41d202dae

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 25ms
25ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

f71c45144081e4d0f1cdb4fb35c950905af346fe23c4331cbadd873c471b0f2f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.36:80
AN-X-Request-Uuid: df1a9057-ec53-41c4-bf31-74f378f3d296
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622787233685&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/212158/0/ 168 B
377 B 31ms
30ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622787232&cbb=2787233700
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 144ms
128ms XHR
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 06:13:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 99ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787233701&asid=603f3845a58ab3069815987b%2C5f0e87a3db73b9083a397ae5%2C6050a53041a04e37862d1575%2C603f4143d8cb955a43024a76%2C5f310027fc32916fcd7c5765&ofpr=1%2C%2C1.5%2C1%2C1.5&fpo=%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
385 B 34ms
34ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 00ea80e2ca6dd49a2e8a13bd6b8827d39858bd1cfa874ce39bff75e8ce80b986

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
869 B 18ms
18ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.247:80
AN-X-Request-Uuid: 290c4e17-8aaa-4dff-9b23-b005380baa2a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 41ms
41ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d35d1f0e85d049eaef03c698a43fb92d5e115e5a3d3fb69b8902a4f10166117b

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
989 B 15ms
15ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

83dc708219d0e02a734559e86e8e26dad6948747698e8166a47c0ae75ab5f0f6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:53 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.71:80
AN-X-Request-Uuid: 9975ed5b-4cd2-4e4a-a1a0-cef27b53018f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E9FE 338 KB
116 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:53 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B72B 338 KB
116 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:53 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 625D 575 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116340
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame E9FE 44 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:53 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame E9FE 107 B
122 B 30ms
27ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5003 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1153
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4D76 575 KB
188 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116340
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B72B 44 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:53 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame B72B 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8E84 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1153
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 625D 156 B
142 B 274ms
274ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=198253333487092&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=4275458296&sdk_apis=2%2C8&sid=1B3625C0-74D0-4456-9A75-F44FCD5A5310&eid=44731467&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787233911&cookie=ID%3Dcf7ec6c02d20ebcd%3AT%3D1622787231%3AS%3DALNI_MbwpHWfsZwfvQQYHMSFXHpILvlhJQ&scor=2318944874234872&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4D76 156 B
142 B 187ms
187ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2685039519915906&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2317486991&sdk_apis=2%2C8&sid=F162DE98-126E-4218-9B23-088A0F6275F7&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787233940&cookie=ID%3Dcf7ec6c02d20ebcd%3AT%3D1622787231%3AS%3DALNI_MbwpHWfsZwfvQQYHMSFXHpILvlhJQ&scor=1283307719983781&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 35ms
34ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8435b9186f8d0490a28abc6f549e10535b7641421c977f76978a38096cfecf19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7787
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3D6C 2 KB
1 KB 71ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=vnexpress.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=vnexpress.net
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1643
set-cookie: uid=f3822611-0f76-448b-bed7-dff3b533d7f7; expires=Sat, 04 Jun 2022 06:13:53 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Fri, 04 Jun 2021 06:13:53 GMT
content-length: 1129

GET
H2 200 jquery.3.2.1.min.js Show response
s.vnecdn.net/vnexpress/restruct/j/v575/ 85 KB
30 KB 827ms
219ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vnecdn.net/vnexpress/restruct/j/v575/jquery.3.2.1.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
last-modified: Tue, 26 Nov 2019 07:22:26 GMT
etag: W/"5ddcd2b2-15283"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 06:13:54 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:54 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame DCC8 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 03 Jun 2021 23:40:57 GMT
expires: Fri, 03 Jun 2022 23:40:57 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 23577
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 17AE 783 B
761 B 28ms
28ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6ba9094583d95c7083607ec43702c4ff0171e7e1bb8427a28e43dd754f36c276

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n1+JtlcO1f9AAEh/uhgr7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

expires: Fri, 04 Jun 2021 06:13:54 GMT
date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-n1+JtlcO1f9AAEh/uhgr7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

pd Show response
u.openx.net/w/1.0/ Frame 0694
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

668 B
751 B

24ms
23ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.208.0 /
Resource Hash: afcc7d4c37f00b942a814738c83a360fc2c247733d10c24aaab3a5c70b5886cc

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=f66f10a7-3c54-41a7-b703-b6ce150b0f46|1622787234
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=f66f10a7-3c54-41a7-b703-b6ce150b0f46|1622787234; Version=1; Expires=Sat, 04-Jun-2022 06:13:54 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1622787234|gekin0vNiygu; Version=1; Expires=Sat, 19-Jun-2021 06:13:54 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.208.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 04 Jun 2021 06:13:54 GMT
content-type: text/html
content-length: 417
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=f66f10a7-3c54-41a7-b703-b6ce150b0f46|1622787234; Version=1; Expires=Sat, 04-Jun-2022 06:13:54 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.208.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Fri, 04 Jun 2021 06:13:54 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1B76 52 KB
17 KB 13ms
13ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 04 Jun 2021 05:03:19 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 04 Jun 2021 06:13:54 GMT
Age: 4235
X-Served-By: cache-lga21934-LGA, cache-hhn4071-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 77309
X-Timer: S1622787234.166598,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 load-cookie.html Show response
user-sync.adxpremium.services/ Frame 2F90 8 KB
3 KB 40ms
30ms Document
text/html 2606:4700:e6::ac40:c319
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876

Request headers

:method: GET
:authority: user-sync.adxpremium.services
:scheme: https
:path: /load-cookie.html?gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
last-modified: Fri, 26 Feb 2021 09:17:16 GMT
pragma: no-cache
vary: Origin
cf-cache-status: DYNAMIC
cf-request-id: 0a7741317c000005bb41b3a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=khFcanrK0QiNkiTDMOi0nzp78WACyB976%2F2M5bbfW%2F%2B3PBuog6hhWUwcmabkaSPMwHF8Z%2FTMqrKRa6Za8mnSzF7DQOe4SD8OS4lx0xDqbUmn2BwX5et9OWnruVby5c2of4hVzZtCWrTGKzg87Ojp4SagwuS3g%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 659f0495987605bb-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

index.html Show response
ads.adpone.com/ Frame F755
Redirect Chain

https://eu-ads.adpone.com/
https://ads.adpone.com/index.html

2 KB
1 KB

145ms
136ms

Document
text/html

2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adpone.com/index.html
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47f377c3555535581c28d43c044f2b5395b53273142b865b7f1e1fc0dc4e17c9

Request headers

:method: GET
:authority: ads.adpone.com
:scheme: https
:path: /index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
content-type: text/html
x-amz-id-2: t1OqapZ+gz6ZkoPKLC6GoZR4ImY46EpnJZvp21Wv7fYh2nTdRXxfrHT81Hkusdox/WNamBf0rLw=
x-amz-request-id: WGWTMEYEZWX59H0C
last-modified: Tue, 24 Mar 2020 15:22:42 GMT
cf-cache-status: DYNAMIC
cf-request-id: 0a7741319600004de28ba9d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0eQBA0yxKv6YABpKULfNUVF%2BmpDBCBEiRo1wxROP9YhmyQZj1hI7oou9Yp36%2FVCQscebIinIkcJ5PzR8aB998J2gNe8Icxo9OOPFQVfb7ynShV3LCFJxC3wqVCRn0FtlXEYtpYucBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 659f0495b9804de2-FRA
content-encoding: br

Redirect headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: max-age=3600
expires: Fri, 04 Jun 2021 07:13:54 GMT
location: https://ads.adpone.com/index.html
cf-request-id: 0a7741318100004de27729c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=srREffryHz3UoaY1H0pDt6h4n%2BX3TAyANjRV4xWdRpVFTYVMrmj9POoZ1WKuYpnl2rQWlxxFK0gUGmxLSdfdU5D3qTeVHXb3kvNCtj5x8y7ZuNBHskIgkqiDaM4o4LUGebcAjUJIzZQlqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 659f049599344de2-FRA

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 2338 38 KB
14 KB 31ms
31ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=121450
expires: Sat, 05 Jun 2021 15:58:04 GMT
date: Fri, 04 Jun 2021 06:13:54 GMT
vary: Accept-Encoding

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame DCC8 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 23:40:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 23:40:26 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 1B76
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
822 B

15ms
14ms

Script
text/html

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:54 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.142:80
AN-X-Request-Uuid: 84cf4fc2-02dd-4b62-a576-b74282fa399a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:54 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.228:80
AN-X-Request-Uuid: 0e356d59-a59a-4eee-b508-82c0670aef83
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
934 B 16ms
16ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787234208

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:54 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.210:80
AN-X-Request-Uuid: ba0eccef-998a-4f50-8938-6750e4354392
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
934 B 17ms
17ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787234209

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:54 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.239:80
AN-X-Request-Uuid: 19973361-574a-433e-ab6c-11c80820d64e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 110ms
110ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622787234209&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 26ms
26ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:13:54 GMT
X-SpotX-Timing-Transform: 0.000307
X-SpotX-Timing-SpotMarket: 0.005535
X-SpotX-Timing-Page-Mux: 0.001039
X-SpotX-Timing-Page-Require: 0.000337
X-fe: 135
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000004
X-SpotX-Timing-Page: 0.010702
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000383
Last-Modified: Fri, 04 Jun 2021 06:13:54 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.005535
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.003088
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 186 B
388 B 19ms
19ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 279fdbcafd4189a297decd414a82f611026e66394440456b17214652d03e9f85

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
386 B 22ms
21ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 20545f62cacc3e3a80a10dd401ced245992723f2484975f3c8423524bd4ba8fe

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 99ms
99ms XHR
application/json 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPWQ4NDdmNmVhLWVkNjQtNDliNy1hN2NiLWY5ZjliZTJiNjlhMA%3D%3D&pt=net&stid=97d1da4e-0ca9-415f-af73-0029a88094e6&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 19ms
19ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 27ms
27ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:13:54 GMT
X-SpotX-Timing-Transform: 0.000413
X-SpotX-Timing-SpotMarket: 0.005158
X-SpotX-Timing-Page-Mux: 0.000900
X-SpotX-Timing-Page-Require: 0.000345
X-fe: 007
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.011218
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000370
Last-Modified: Fri, 04 Jun 2021 06:13:54 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.005158
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.004016
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 20ms
20ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2338 4 KB
4 KB 15ms
14ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77140611&p=158804&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 5585dbeee1a15ae8e61c0d7696c4a6adb5199c78f406853c6f6697c76161bff7

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:53 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 cookie_sync Show response
user-sync.adxpremium.services/ Frame 2F90 2 KB
854 B 317ms
16ms XHR
application/json 2606:4700:e6::ac40:c319
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/cookie_sync
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2380f180199a4e2e4f231e34f97ac82949a84042e792ef5532be2956b99f563d

Request headers

Referer: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a774132f4000005bbef8f2000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oHKxDhkgGJaCU0nijQuAeO6ufK4g%2B04Si0BVskk7%2F5F35%2FaViMTXXjHzSJdp7y4AesXT45LO8OwHBX%2F4Eo3xeSkbMUs7uVmJ%2F9%2BCSNd6XryAyAVCFkEwgr2IKpilLnJpJwgqA3WKLNnpU%2B2gjpPb5Lk4rU3FD3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://user-sync.adxpremium.services
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 659f0497ed8905bb-FRA
expires: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 0694
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=92b660b9-c4a1-4800-ae91-377c5c814a08

43 B
106 B

22ms
22ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=92b660b9-c4a1-4800-ae91-377c5c814a08
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 04 Jun 2021 06:13:46 GMT
Server: MT3 3736 915c305 master zrh-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=92b660b9-c4a1-4800-ae91-377c5c814a08
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 04 Jun 2021 06:13:45 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0694
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1auxqYCvsqLOr-Ojga_-9IWu4aXOq-uigqOg3Det

43 B
180 B

24ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1auxqYCvsqLOr-Ojga_-9IWu4aXOq-uigqOg3Det
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=1auxqYCvsqLOr-Ojga_-9IWu4aXOq-uigqOg3Det
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 0694
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1864747289177740627

43 B
106 B

24ms
21ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1864747289177740627
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1864747289177740627
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 0694 70 B
264 B 31ms
31ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=25c32ffe-95d3-7e50-edd5-7e26712c3cbb&gdpr=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0694
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDlhY2ZjMzQtNWNhNC0yMGY0LWY4MzUtMjQ5ZmJiY2VmMmRi
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDlhY2ZjMzQtNWNhNC0yMGY0LWY4MzUtMjQ5ZmJiY2VmMmRi&google_tc=

170 B
188 B

44ms
43ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDlhY2ZjMzQtNWNhNC0yMGY0LWY4MzUtMjQ5ZmJiY2VmMmRi&google_tc=

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDlhY2ZjMzQtNWNhNC0yMGY0LWY4MzUtMjQ5ZmJiY2VmMmRi&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0694
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGPaRytZ0_dg12LSogoDndI&google_cver=1

43 B
106 B

24ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGPaRytZ0_dg12LSogoDndI&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGPaRytZ0_dg12LSogoDndI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 429B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=78FB9484-B111-4990-8D9D-2105A54BB762
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=78FB9484-B111-4990-8D9D-2105A54BB762

35 B
468 B

28ms
27ms

Document
image/gif

37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=78FB9484-B111-4990-8D9D-2105A54BB762

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=78FB9484-B111-4990-8D9D-2105A54BB762
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 06:13:54 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=7840626997729238504; expires=Tue, 03 Aug 2021 06:13:54 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Fri, 04 Jun 2021 06:13:54 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=78FB9484-B111-4990-8D9D-2105A54BB762
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Sun, 04 Jul 2021 06:13:54 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame CA6C
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5093725860197012021

42 B
211 B

22ms
22ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5093725860197012021
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5093725860197012021
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=78FB9484-B111-4990-8D9D-2105A54BB762; chkChromeAb67Sec=1; DPSync3=1623974400%3A201_197_219%7C1622851200%3A174; SyncRTB3=1623974400%3A7_161_54_166_81_21_13_56_234_3_22_8_220_71%7C1624060800%3A35%7C1623369600%3A15_2_223%7C1623628800%3A63%7C1625356800%3A203; KRTBCOOKIE_57=22776-2304656518715799563; PugT=1622787234; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEBSuauW8Fovee9nvF591cQs&KRTB&16514-CAESEBSuauW8Fovee9nvF591cQs&KRTB&23025-CAESEBSuauW8Fovee9nvF591cQs; KRTBCOOKIE_377=6810-53975fcb-e6bd-4ffa-878d-5c11df38f871&KRTB&22918-53975fcb-e6bd-4ffa-878d-5c11df38f871&KRTB&23031-53975fcb-e6bd-4ffa-878d-5c11df38f871; KRTBCOOKIE_391=22924-1461932128129215169&KRTB&23263-1461932128129215169; KRTBCOOKIE_1101=23040-6969818098401867916; KRTBCOOKIE_27=16735-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&16736-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&23019-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&23114-uid:c62960b9-c4a2-4000-bb81-e938691d0713
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 06:13:54 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-5093725860197012021; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Jul-2021 06:13:54 GMT; path=/ PugT=1622787234; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Jul-2021 06:13:54 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 06:13:54 GMT; path=/
x-lat: lhrpug003:0:447
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5093725860197012021
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 431B
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=

42 B
110 B

55ms
30ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=78FB9484-B111-4990-8D9D-2105A54BB762; chkChromeAb67Sec=1; DPSync3=1623974400%3A201_197_219%7C1622851200%3A174; SyncRTB3=1623974400%3A7_161_54_166_81_21_13_56_234_3_22_8_220_71%7C1624060800%3A35%7C1623369600%3A15_2_223%7C1623628800%3A63%7C1625356800%3A203
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 06:13:54 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 06:13:54 GMT; path=/
x-lat: lhrpug001:0:557
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
expires: Fri, 04 Jun 2021 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4913
x-powered-by: ASP.NET
date: Fri, 04 Jun 2021 06:13:53 GMT
content-length: 205

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 04EB
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969818098401867916

42 B
211 B

74ms
30ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969818098401867916
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969818098401867916
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=78FB9484-B111-4990-8D9D-2105A54BB762; chkChromeAb67Sec=1; DPSync3=1623974400%3A201_197_219%7C1622851200%3A174; SyncRTB3=1623974400%3A7_161_54_166_81_21_13_56_234_3_22_8_220_71%7C1624060800%3A35%7C1623369600%3A15_2_223%7C1623628800%3A63%7C1625356800%3A203
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 06:13:54 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-6969818098401867916; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Jul-2021 06:13:54 GMT; path=/ PugT=1622787234; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Jul-2021 06:13:54 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 06:13:54 GMT; path=/
x-lat: lhrpug006:0:471
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Fri, 04 Jun 2021 06:13:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6969818098401867916; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969818098401867916

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 406D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCRlBVN0JjNGtBQURNSW5NVzBvZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

29ms
29ms

Document
image/gif

52.49.40.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.40.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bito=AABFPU7Bc4kAADMInMW0og; bitoIsSecure=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Fri, 04 Jun 2021 06:13:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Fri, 04 Jun 2021 06:13:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2079
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

0
243 B

72ms
26ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=78FB9484-B111-4990-8D9D-2105A54BB762; chkChromeAb67Sec=1; DPSync3=1623974400%3A201_197_219%7C1622851200%3A174; SyncRTB3=1623974400%3A7_161_54_166_81_21_13_56_234_3_22_8_220_71%7C1624060800%3A35%7C1623369600%3A15_2_223%7C1623628800%3A63%7C1625356800%3A203
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 06:13:54 GMT
content-type: text/html; charset=utf-8
x-lat: lhrpug012:2:257
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

set-cookie: viewer_token=2ddc8361-a811-4f0f-a386-691550780367; path=/; domain=csync.loopme.me; Expires=Sun, 04-Jul-2021 06:13:54 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length: 0
date: Fri, 04 Jun 2021 06:13:54 GMT
server: _

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2338
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ePuUhLERSZCNnSEFpUu3Yg%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ePuUhLERSZCNnSEFpUu3Yg%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

20ms
19ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 06:44:25 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-2080-5c3aeac410031"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=71573
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 2586
expires: Sat, 05 Jun 2021 02:06:47 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 2338
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d90f60b9-c4a2-4900-8806-00bb498eb164

0
375 B

302ms
18ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d90f60b9-c4a2-4900-8806-00bb498eb164
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection: close
date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache
content-type: text/plain; charset=utf-8

Redirect headers

Date: Fri, 04 Jun 2021 06:13:46 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x3
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d90f60b9-c4a2-4900-8806-00bb498eb164
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 04 Jun 2021 06:13:45 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame 2338
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=78FB9484-B111-4990-8D9D-2105A54BB762
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9f755fa5ebecbd7bc66a5720fe2dc0da

35 B
247 B

18ms
17ms

Image
image/gif

51.210.112.63
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9f755fa5ebecbd7bc66a5720fe2dc0da
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.112.63 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3174889.ip-51-210-112.eu
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Fri, 04 Jun 2021 06:13:54 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9f755fa5ebecbd7bc66a5720fe2dc0da
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2338
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzhGQjk0ODQtQjExMS00OTkwLThEOUQtMjEwNUE1NEJCNzYy&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzhGQjk0ODQtQjExMS00OTkwLThEOUQtMjEwNUE1NEJCNzYy&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

45ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug004:0:432
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2338
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBSuauW8Fovee9nvF591cQs&google_cver=1

42 B
280 B

44ms
23ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBSuauW8Fovee9nvF591cQs&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:447
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBSuauW8Fovee9nvF591cQs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET pubmatic
um.simpli.fi/ Frame 2338 0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2338
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1461932128129215169

42 B
234 B

46ms
29ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1461932128129215169
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:569
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1461932128129215169
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2338
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c62960b9-c4a2-4000-bb81-e938691d0713&gdpr=0&gdpr_consent=

42 B
341 B

23ms
23ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c62960b9-c4a2-4000-bb81-e938691d0713&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:458
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 04 Jun 2021 06:13:46 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x5
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c62960b9-c4a2-4000-bb81-e938691d0713&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 04 Jun 2021 06:13:45 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2338
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=53975fcb-e6bd-4ffa-878d-5c11df38f871

42 B
469 B

41ms
28ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=53975fcb-e6bd-4ffa-878d-5c11df38f871
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:510
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=53975fcb-e6bd-4ffa-878d-5c11df38f871
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2338
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2304656518715799563&gdpr=0&gdpr_consent=

42 B
520 B

70ms
22ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2304656518715799563&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:540
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:54 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.51:80
AN-X-Request-Uuid: 9eb433c0-9b88-4363-b79c-373d8b100eba
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2304656518715799563&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 78FB9484-B111-4990-8D9D-2105A54BB762
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2338 43 B
839 B 103ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/78FB9484-B111-4990-8D9D-2105A54BB762?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 2338
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=78FB9484-B111-4990-8D9D-2105A54BB762&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=78FB9484-B111-4990-8D9D-2105A54BB762&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XPugLAJE2uXjLqJegGEH30EsA87u0c0-~A&gdpr=0&gdpr_consent=

0
163 B

219ms
24ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XPugLAJE2uXjLqJegGEH30EsA87u0c0-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection: close
date: Fri, 04 Jun 2021 06:13:53 GMT
content-encoding: gzip
server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache
content-type: text/plain; charset=utf-8

Redirect headers

Date: Fri, 04 Jun 2021 06:13:54 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-XPugLAJE2uXjLqJegGEH30EsA87u0c0-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2338
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=C60kuV6pJ7IQqXazX6lr5FuodLUQrX6yXKXCCOfY

42 B
275 B

23ms
23ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=C60kuV6pJ7IQqXazX6lr5FuodLUQrX6yXKXCCOfY
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:537
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=C60kuV6pJ7IQqXazX6lr5FuodLUQrX6yXKXCCOfY
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2338
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://x.bidswitch.net/sync?dsp_id=59&user_id=977669bb-6604-4e62-baf6-4e4db0538725&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bac580a2-9d3c-4095-8ecc-a0421c7e4387&gdpr=&gdpr_consent=&gdpr_pd=

1 B
181 B

23ms
22ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bac580a2-9d3c-4095-8ecc-a0421c7e4387&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:699
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bac580a2-9d3c-4095-8ecc-a0421c7e4387&gdpr=&gdpr_consent=&gdpr_pd=
date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2338
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLnEogABh8DaSQA4&gdpr=0&gdpr_consent=&_test=YLnEogABh8DaSQA4

1 B
235 B

23ms
22ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLnEogABh8DaSQA4&gdpr=0&gdpr_consent=&_test=YLnEogABh8DaSQA4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:506
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1622787235.518363,VS0,VE0
x-served-by: cache-hhn4030-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLnEogABh8DaSQA4&gdpr=0&gdpr_consent=&_test=YLnEogABh8DaSQA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2338
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8667061566952908037&gdpr=0&gdpr_consent=&us_privacy=

1 B
168 B

24ms
22ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8667061566952908037&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:511
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8667061566952908037&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2338
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d647f870-dba9-4a4b-a303-31c20067c6e2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

22ms
21ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d647f870-dba9-4a4b-a303-31c20067c6e2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:409
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d647f870-dba9-4a4b-a303-31c20067c6e2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Fri, 04 Jun 2021 06:13:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 2338 0
104 B 94ms
66ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=78FB9484-B111-4990-8D9D-2105A54BB762&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6AEE 0
750 B 17ms
15ms Script
text/html 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:54 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.238:80
AN-X-Request-Uuid: 04f90df6-b0bc-4d93-8104-d7e2c02946b7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CE62 0
750 B 15ms
14ms Script
text/html 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:54 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.147:80
AN-X-Request-Uuid: 6311f36b-e24a-477f-a1a4-9f47519ce81b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame AF6B 0
749 B 16ms
15ms Script
text/html 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:54 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.91:80
AN-X-Request-Uuid: ea206008-8ebc-4406-9951-f18be01304f7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 99ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622787234325&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 105ms
104ms XHR
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 84B9 338 KB
116 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:54 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3A1B 338 KB
116 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:54 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021060301&jk=486255244444979&bg=!1dal1pLNAAY6sG-_OrA7ACkAdvg8Wm6dM5xoRPO5SU80Hlfy2wCCLMuNkMEz9VA_PCU2p266MQxajQIAAAB-UgAAAA1oAQeZAjnPg8iWcBLAVwesToRTyXQW2SY8cVc1-FeKU2_c0Oyzrhd9GdrK1jHdv46mEStvCkJZTEKeuUFbUN8ZR-btYzj_AbkeiiG44DHVNPNYnRsGRstgua-VblIPX1bwjU5beFrTOxyc_02y7R6iaK0os6AT3fQMJdWeieaaY9iC-CxeXmPo1QlZwkEfnzOD-6MEiu-mPxgxBG6C68ZAVAa1RrLsRkIjwJZHM4HVQwq4PKewbdVUkhnbFGcb1COsKJrz8U8qob92056FOVEwAk56rQElUmtItufwl10pKXDfcgMvlcGyFgXik9PSUOdfWq9lOPKaNJdLVPsbIx5p9oxBDWZT82ckOaah3Ij3Mu7LlJ1XAJxdGFPuMPaNJe9S7zvek6l4NVbx8FENfSi0Z0vY_NHUrjwApjG5B1TH4rA5Htc2rIx0x_4X8y5xbneRvFBnd_LsgD1Rjd9jhjK_8Dcfw6K6rlEuE0cfH60yx0_M_j9HwqOItV-CdqDYntfBD-3u7LuePCzGc3c5-Vo8fMIhrWfTGYpDvIumEi_h0HMl6KKZ7ApRgNL-5xAtqV6944ws108FdITjbq-iNtcpZjdEkoIS6tnwlY0fnAEblfKqnIopAtJAUlfXs5IdruwXZPgOwv7OUJuqdrMX7NdhHT_2op1iUMdzodkAweZhIiCOEdkwvX80rQgKg7Ilm3SRGnqXkVTk554cmG2fTg8dZ1jxAqSz3DMZBR7R9dt-NkAnK6cLK01eFKs38szjBA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D4B5 575 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116341
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 84B9 44 KB
16 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 84B9 107 B
165 B 29ms
29ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 22FD 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116341
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 3A1B 44 KB
16 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3A1B 107 B
165 B 29ms
28ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D922 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1154
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8A0B 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1154
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D4B5 156 B
142 B 198ms
197ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1778053419105585&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=1981209409&sdk_apis=2%2C8&sid=107AF477-1521-4C4E-B40E-9BBF53C3CAD3&eid=44731467&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787234572&cookie_enabled=1&scor=304825106349849&ged=ve4_td1_tt1_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 7BFF 1 KB
1 KB 125ms
24ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=601760
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 02e89ae04433ec2555f27e543f23ba9361c23a8ad89d357ba5f8b40c83c6a231

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://user-sync.adxpremium.services/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://user-sync.adxpremium.services/

Response headers

Server: VertaMedia 1.0
Date: Fri, 04 Jun 2021 06:13:54 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 736
Access-Control-Allow-Origin: https://user-sync.adxpremium.services
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 22FD 156 B
142 B 233ms
232ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1128190980417357&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=4045352411&sdk_apis=2%2C8&sid=3765C47C-7D7D-47A2-BB04-66B9E64986B7&eid=44731465&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787234583&cookie_enabled=1&scor=3264452353135857&ged=ve4_td1_tt0_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 7BFF
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1c1da031-2c4c-4db9-8659-be33f077fe36

86 B
547 B

808ms
384ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1c1da031-2c4c-4db9-8659-be33f077fe36
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:13:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:53 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1c1da031-2c4c-4db9-8659-be33f077fe36
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: bonpicop9uraek4p7sfda6ktb2eua65d

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 7BFF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2304656518715799563

86 B
530 B

842ms
416ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2304656518715799563
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:13:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:54 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.8:80
AN-X-Request-Uuid: 7a1ff1a4-faf2-4d99-9740-48e2d7dab7b4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2304656518715799563
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
rtb.adxpremium.services/ Frame 7BFF
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=e27ec9a2ad420ea2

0
621 B

15ms
14ms

Image
text/plain

2606:4700:e6::ac40:c319
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=e27ec9a2ad420ea2
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:55 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=amKnZ20mpYn4M21lIODuAw9vQmMs2z7178YOvwo%2FuZo8JHHz5tMRP%2BzxO0WONLXPHFQPEAtFKLnRPeKIW5G5kWl6TGlzfBOYySHLIY9PQZ%2F1f1tS6e7mxkx7PGb5Oh3To81B%2F3uEe59ZLXixNKIIl7s%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 659f049c4f5f05bb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
cf-request-id: 0a774135af000005bb2f3a3000000001
expires: 0

Redirect headers

Location: https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=e27ec9a2ad420ea2
Date: Fri, 04 Jun 2021 06:13:54 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
934 B 21ms
21ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787234823

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:54 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.153:80
AN-X-Request-Uuid: 4dfd0aeb-dc07-49ec-869f-1b3927f29ae3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
934 B 19ms
19ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787234823

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:54 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.147:80
AN-X-Request-Uuid: 6cc3af7b-9ebf-439b-88aa-cf073c167523
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 109ms
109ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622787234824&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 28ms
28ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 25ms
25ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:13:54 GMT
X-SpotX-Timing-Transform: 0.000786
X-SpotX-Timing-SpotMarket: 0.004524
X-SpotX-Timing-Page-Mux: 0.001165
X-SpotX-Timing-Page-Require: 0.000351
X-fe: 042
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.009586
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000313
Last-Modified: Fri, 04 Jun 2021 06:13:54 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004524
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002433
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 20ms
20ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 24ms
24ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:13:54 GMT
X-SpotX-Timing-Transform: 0.000324
X-SpotX-Timing-SpotMarket: 0.004577
X-SpotX-Timing-Page-Mux: 0.000813
X-SpotX-Timing-Page-Require: 0.000327
X-fe: 021
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.008717
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000436
Last-Modified: Fri, 04 Jun 2021 06:13:54 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004577
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002223
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
538 B 97ms
96ms XHR
application/json 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPThhNTViZmJmLTQ2ZmQtNDdlZS1hYjcwLWMyYTliZDg5MTUwYg%3D%3D&pt=net&stid=3c5fcd6c-246d-4395-8c66-6fc7c5721bdd&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 30ms
29ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ef80d33e7231024e5de8a7c54421048c15c53032f042c184763b2550fa0b6402

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
385 B 25ms
25ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 5e03689add956a112f219f00ef02a806897e0198c63cfab0899cc02778a45978

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622787234929&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E4B8 338 KB
116 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:54 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A8FD 338 KB
116 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:54 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5AD1 575 KB
188 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116342
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame A8FD 44 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:55 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame A8FD 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 47C3 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116342
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame E4B8 44 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:55 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame E4B8 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 884D 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1155
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 64CA 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1155
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H2 200 bad.js Show response
core.polyad.net/ 272 B
508 B 963ms
218ms Script
application/x-javascript 111.65.248.227
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://core.polyad.net/bad.js
Requested by: Host: s.vnecdn.net
URL: https://s.vnecdn.net/vnexpress/restruct/j/v575/jquery.3.2.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.248.227 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: cache_polyad_hcm_249_10 /
Resource Hash: edbb94901d3cec29434d8f6437a16a07a545c54c27cbb2e90a4f8c9dfff946db

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 1377casthnfpdd10bf7c7468e873e79ba2ad242
date: Fri, 04 Jun 2021 06:13:56 GMT
content-encoding: gzip
last-modified: Thu, 14 Nov 2019 09:38:26 GMT
server: cache_polyad_hcm_249_10
etag: W/"72c42544cf9ad51:b5e"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
x-status: HIT
expires: Sat, 05 Jun 2021 06:13:56 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 5AD1 156 B
142 B 208ms
208ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2577985507748141&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=309823704&sdk_apis=2%2C8&sid=326C71C5-7284-49F6-8780-BF319274BC65&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787235172&cookie_enabled=1&scor=1779202254599901&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 47C3 156 B
142 B 196ms
195ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1536565430863826&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=301788202&sdk_apis=2%2C8&sid=F1994D89-B6B6-4103-835E-818952E2D822&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787235177&cookie_enabled=1&scor=1338763667692470&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1B76 0
750 B 17ms
16ms Script
text/html 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:55 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.143:80
AN-X-Request-Uuid: b3bd67e8-9034-48fe-8053-fceca9d1bc51
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
934 B 23ms
21ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787235400

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:55 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.247:80
AN-X-Request-Uuid: 09e15bb6-9ae2-4873-b99c-e3a18d57e4be
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
934 B 20ms
19ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787235401

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:55 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.152:80
AN-X-Request-Uuid: 051234f8-7201-4071-ae5d-a0827134a176
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622787235404&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
538 B 96ms
96ms XHR
application/json 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPWMzNGMzMTYxLTkxM2UtNDc5NC04MjlkLTUyNDM0NzBhYmNjOQ%3D%3D&pt=net&stid=897d2e77-4863-4f9a-9404-a415b34caa57&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:55 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 22ms
22ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 22ms
22ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 25ms
25ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:13:55 GMT
X-SpotX-Timing-Transform: 0.000331
X-SpotX-Timing-SpotMarket: 0.004589
X-SpotX-Timing-Page-Mux: 0.000861
X-SpotX-Timing-Page-Require: 0.000291
X-fe: 029
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.008912
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000364
Last-Modified: Fri, 04 Jun 2021 06:13:55 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004589
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002461
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 27ms
27ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 00929a0dae59d90a6b2e1d31b9bd351d610298753183bd111ead6b16de89b340

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:55 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 27ms
27ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:13:55 GMT
X-SpotX-Timing-Transform: 0.000251
X-SpotX-Timing-SpotMarket: 0.004690
X-SpotX-Timing-Page-Mux: 0.001058
X-SpotX-Timing-Page-Require: 0.000445
X-fe: 118
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.011085
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000565
Last-Modified: Fri, 04 Jun 2021 06:13:55 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004690
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.004056
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000017
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 36ms
35ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 5aaeb6f4c4f7230ab91a60ada0a703c7ddd8acd234014639875b5997b16f3ac6

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:55 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H/1.1 200
OK syncuser Show response
adp.vnecdn.net/ 110 B
886 B 228ms
228ms XHR
application/json 111.65.249.226
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://adp.vnecdn.net/syncuser?fosp_aid=cji599zdy7vhcdc8.1622787229.des&orig_aid=cji599zdy7vhcdc8.1622787229.des&myvne_user_id=0
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.226 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 5498c97ef258d3703a0d206ef1a06404e928092a5869309ff52123a91051c993

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:13:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 04 Jun 2021 13:13:55 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With

GET
H2 200 track
track1.aniview.com/ 0
70 B 117ms
117ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622787235514&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A8E3 338 KB
116 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:55 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame DDE6 338 KB
116 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:55 GMT

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame CDAA 1 KB
970 B 44ms
26ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method: GET
:authority: cdn.connectad.io
:scheme: https
:path: /connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://user-sync.adxpremium.services/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://user-sync.adxpremium.services/

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
cf-request-id: 0a7741371400004dfa55ac5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 659f049e8f424dfa-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1DB1 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116342
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame A8E3 44 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:55 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame A8E3 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7FEE 575 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116342
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame DDE6 44 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:55 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame DDE6 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6793 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1155
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6396 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1155
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 1BDC 0
0 23ms
22ms Document
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: sync-eu.connectad.io
:scheme: https
:path: /syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cadsync
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.connectad.io/

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0a7741376f00004dfa12b11000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 659f049f18564dfa-FRA

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 793A 8 KB
3 KB 20ms
19ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://user-sync.adxpremium.services/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES; KADUSERCOOKIE=78FB9484-B111-4990-8D9D-2105A54BB762; chkChromeAb67Sec=1; DPSync3=1623974400%3A201_197_219%7C1622851200%3A174; SyncRTB3=1623974400%3A7_161_54_166_81_21_13_56_234_3_22_8_220_71%7C1624060800%3A35%7C1623369600%3A15_2_223%7C1623628800%3A63%7C1625356800%3A203; KRTBCOOKIE_57=22776-2304656518715799563; PugT=1622787234; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEBSuauW8Fovee9nvF591cQs&KRTB&16514-CAESEBSuauW8Fovee9nvF591cQs&KRTB&23025-CAESEBSuauW8Fovee9nvF591cQs; KRTBCOOKIE_377=6810-53975fcb-e6bd-4ffa-878d-5c11df38f871&KRTB&22918-53975fcb-e6bd-4ffa-878d-5c11df38f871&KRTB&23031-53975fcb-e6bd-4ffa-878d-5c11df38f871; KRTBCOOKIE_391=22924-1461932128129215169&KRTB&23263-1461932128129215169; KRTBCOOKIE_1101=23040-6969818098401867916; KRTBCOOKIE_27=16735-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&16736-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&23019-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&23114-uid:c62960b9-c4a2-4000-bb81-e938691d0713; KRTBCOOKIE_336=5844-5093725860197012021; KRTBCOOKIE_153=19420-C60kuV6pJ7IQqXazX6lr5FuodLUQrX6yXKXCCOfY&KRTB&22979-C60kuV6pJ7IQqXazX6lr5FuodLUQrX6yXKXCCOfY; KRTBCOOKIE_22=14911-8667061566952908037; KRTBCOOKIE_218=22978-YLnEogABh8DaSQA4&KRTB&23194-YLnEogABh8DaSQA4&KRTB&23209-YLnEogABh8DaSQA4&KRTB&23244-YLnEogABh8DaSQA4; KRTBCOOKIE_466=16530-bac580a2-9d3c-4095-8ecc-a0421c7e4387; SPugT=1622787233
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://user-sync.adxpremium.services/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=71572
expires: Sat, 05 Jun 2021 02:06:47 GMT
date: Fri, 04 Jun 2021 06:13:55 GMT
vary: Accept-Encoding

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1DB1 156 B
142 B 240ms
239ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1211734582711341&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3308733228&sdk_apis=2%2C8&sid=1BA36515-3CB4-42C0-B62B-FD61C3AF1411&eid=44741234&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787235771&cookie_enabled=1&scor=1063529115133494&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7FEE 156 B
142 B 185ms
185ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2106778654010511&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2466647103&sdk_apis=2%2C8&sid=1016BEC3-5A2E-4202-AF1C-6DC3A1ECFA4E&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787235788&cookie_enabled=1&scor=4283154566967661&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1868 38 KB
14 KB 19ms
19ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=78FB9484-B111-4990-8D9D-2105A54BB762; chkChromeAb67Sec=1; DPSync3=1623974400%3A201_197_219%7C1622851200%3A174; SyncRTB3=1623974400%3A7_161_54_166_81_21_13_56_234_3_22_8_220_71%7C1624060800%3A35%7C1623369600%3A15_2_223%7C1623628800%3A63%7C1625356800%3A203; KRTBCOOKIE_57=22776-2304656518715799563; PugT=1622787234; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEBSuauW8Fovee9nvF591cQs&KRTB&16514-CAESEBSuauW8Fovee9nvF591cQs&KRTB&23025-CAESEBSuauW8Fovee9nvF591cQs; KRTBCOOKIE_377=6810-53975fcb-e6bd-4ffa-878d-5c11df38f871&KRTB&22918-53975fcb-e6bd-4ffa-878d-5c11df38f871&KRTB&23031-53975fcb-e6bd-4ffa-878d-5c11df38f871; KRTBCOOKIE_391=22924-1461932128129215169&KRTB&23263-1461932128129215169; KRTBCOOKIE_1101=23040-6969818098401867916; KRTBCOOKIE_27=16735-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&16736-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&23019-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&23114-uid:c62960b9-c4a2-4000-bb81-e938691d0713; KRTBCOOKIE_336=5844-5093725860197012021; KRTBCOOKIE_153=19420-C60kuV6pJ7IQqXazX6lr5FuodLUQrX6yXKXCCOfY&KRTB&22979-C60kuV6pJ7IQqXazX6lr5FuodLUQrX6yXKXCCOfY; KRTBCOOKIE_22=14911-8667061566952908037; KRTBCOOKIE_218=22978-YLnEogABh8DaSQA4&KRTB&23194-YLnEogABh8DaSQA4&KRTB&23209-YLnEogABh8DaSQA4&KRTB&23244-YLnEogABh8DaSQA4; KRTBCOOKIE_466=16530-bac580a2-9d3c-4095-8ecc-a0421c7e4387; SPugT=1622787233
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=121449
expires: Sat, 05 Jun 2021 15:58:04 GMT
date: Fri, 04 Jun 2021 06:13:55 GMT
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1868 2 KB
3 KB 15ms
14ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34599148&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 5879b9b8a15704aa88a2bf10320cc5031338100722ac5b9b9ac16577bae396bd

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 864B
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2301299599
https://sync.1rx.io/usersync/tradedesk/53975fcb-e6bd-4ffa-878d-5c11df38f871
https://sync.targeting.unrulymedia.com/csync/RX-a86525d3-96cb-4a35-a0f1-a1af289b488d-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a86525d3-96cb-4a35-a0f1-a1af289b488d-003

42 B
425 B

23ms
22ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a86525d3-96cb-4a35-a0f1-a1af289b488d-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a86525d3-96cb-4a35-a0f1-a1af289b488d-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=78FB9484-B111-4990-8D9D-2105A54BB762; KRTBCOOKIE_57=22776-2304656518715799563; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEBSuauW8Fovee9nvF591cQs&KRTB&16514-CAESEBSuauW8Fovee9nvF591cQs&KRTB&23025-CAESEBSuauW8Fovee9nvF591cQs; KRTBCOOKIE_377=6810-53975fcb-e6bd-4ffa-878d-5c11df38f871&KRTB&22918-53975fcb-e6bd-4ffa-878d-5c11df38f871&KRTB&23031-53975fcb-e6bd-4ffa-878d-5c11df38f871; KRTBCOOKIE_391=22924-1461932128129215169&KRTB&23263-1461932128129215169; KRTBCOOKIE_1101=23040-6969818098401867916; KRTBCOOKIE_27=16735-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&16736-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&23019-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&23114-uid:c62960b9-c4a2-4000-bb81-e938691d0713; KRTBCOOKIE_336=5844-5093725860197012021; KRTBCOOKIE_153=19420-C60kuV6pJ7IQqXazX6lr5FuodLUQrX6yXKXCCOfY&KRTB&22979-C60kuV6pJ7IQqXazX6lr5FuodLUQrX6yXKXCCOfY; KRTBCOOKIE_22=14911-8667061566952908037; KRTBCOOKIE_218=22978-YLnEogABh8DaSQA4&KRTB&23194-YLnEogABh8DaSQA4&KRTB&23209-YLnEogABh8DaSQA4&KRTB&23244-YLnEogABh8DaSQA4; KRTBCOOKIE_466=16530-bac580a2-9d3c-4095-8ecc-a0421c7e4387; SPugT=1622787233; chkChromeAb67Sec=2; DPSync3=1623974400%3A232_201_197_219_221_226_227%7C1622851200%3A174; SyncRTB3=1624060800%3A35%7C1623628800%3A63%7C1625356800%3A203%7C1623974400%3A13_81_21_3_8_220_230_204_161_166_55_99_88_54_56_71_234_22_7_176_165_222_189%7C1623369600%3A223_67_15_2; KRTBCOOKIE_409=22966-j4HhmjXVYB9IeWyJEqNyW6z1; PugT=1622787235; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_47eaa6d1-b8e2-4c0f-b373-54d8d91571b8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 06:13:56 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_594=17105-RX-a86525d3-96cb-4a35-a0f1-a1af289b488d-003&KRTB&17107-RX-a86525d3-96cb-4a35-a0f1-a1af289b488d-003; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 06:13:56 GMT; path=/ PugT=1622787236; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Jul-2021 06:13:56 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 06:13:56 GMT; path=/
x-lat: lhrpug015:0:492
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Fri, 04 Jun 2021 06:13:56 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-a86525d3-96cb-4a35-a0f1-a1af289b488d-003%22%7D; path=/; expires=Sat, 04 Jun 2022 06:13:56 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a86525d3-96cb-4a35-a0f1-a1af289b488d-003
etag: RXa86525d396cb4a35a0f1a1af289b488d003

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 7A9C
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=j4HhmjXVYB9IeWyJEqNyW6z1

42 B
374 B

23ms
22ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=j4HhmjXVYB9IeWyJEqNyW6z1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=j4HhmjXVYB9IeWyJEqNyW6z1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=78FB9484-B111-4990-8D9D-2105A54BB762; KRTBCOOKIE_57=22776-2304656518715799563; PugT=1622787234; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEBSuauW8Fovee9nvF591cQs&KRTB&16514-CAESEBSuauW8Fovee9nvF591cQs&KRTB&23025-CAESEBSuauW8Fovee9nvF591cQs; KRTBCOOKIE_377=6810-53975fcb-e6bd-4ffa-878d-5c11df38f871&KRTB&22918-53975fcb-e6bd-4ffa-878d-5c11df38f871&KRTB&23031-53975fcb-e6bd-4ffa-878d-5c11df38f871; KRTBCOOKIE_391=22924-1461932128129215169&KRTB&23263-1461932128129215169; KRTBCOOKIE_1101=23040-6969818098401867916; KRTBCOOKIE_27=16735-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&16736-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&23019-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&23114-uid:c62960b9-c4a2-4000-bb81-e938691d0713; KRTBCOOKIE_336=5844-5093725860197012021; KRTBCOOKIE_153=19420-C60kuV6pJ7IQqXazX6lr5FuodLUQrX6yXKXCCOfY&KRTB&22979-C60kuV6pJ7IQqXazX6lr5FuodLUQrX6yXKXCCOfY; KRTBCOOKIE_22=14911-8667061566952908037; KRTBCOOKIE_218=22978-YLnEogABh8DaSQA4&KRTB&23194-YLnEogABh8DaSQA4&KRTB&23209-YLnEogABh8DaSQA4&KRTB&23244-YLnEogABh8DaSQA4; KRTBCOOKIE_466=16530-bac580a2-9d3c-4095-8ecc-a0421c7e4387; SPugT=1622787233; chkChromeAb67Sec=2; DPSync3=1623974400%3A232_201_197_219_221_226_227%7C1622851200%3A174; SyncRTB3=1624060800%3A35%7C1623628800%3A63%7C1625356800%3A203%7C1623974400%3A13_81_21_3_8_220_230_204_161_166_55_99_88_54_56_71_234_22_7_176_165_222_189%7C1623369600%3A223_67_15_2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 06:13:55 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_409=22966-j4HhmjXVYB9IeWyJEqNyW6z1; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Jul-2021 06:13:55 GMT; path=/ PugT=1622787235; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Jul-2021 06:13:55 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 06:13:55 GMT; path=/
x-lat: lhrpug005:0:466
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Fri, 04 Jun 2021 06:13:55 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=j4HhmjXVYB9IeWyJEqNyW6z1; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=j4HhmjXVYB9IeWyJEqNyW6z1
strict-transport-security: max-age=0; includeSubDomains;

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame 4AB3 42 B
900 B 23ms
23ms Document
image/gif 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
content-type: image/gif
content-length: 42
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0a774138070000062de2201000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 659f04a00890062d-FRA

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame D156 43 B
408 B 45ms
14ms Document
image/gif 72.251.241.204
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Fri, 04 Jun 2021 06:13:55 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-6
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame EED5
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
444 B

168ms
167ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=amnoeUy4ZawTBA9MGKDePZaUr6t0MrytoEOrHVTuUa
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 04 Jun 2021 06:13:56 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aIntmIqkaHbBykt9Zbxa0BFpcUdSjNqsZc72PFyqTbue4i7EWsera7U45Rh4tMT9aZdRu3HuQQtuG4XK61DBeoxYuCI; path=/; domain=.tribalfusion.com; expires=Thu, 02-Sep-2021 06:13:56 GMT; SameSite=None; Secure; ANON_ID_old=aIntmIqkaHbBykt9Zbxa0BFpcUdSjNqsZc72PFyqTbue4i7EWsera7U45Rh4tMT9aZdRu3HuQQtuG4XK61DBeoxYuCI; path=/; domain=.tribalfusion.com; expires=Thu, 02-Sep-2021 06:13:56 GMT;
cf-cache-status: DYNAMIC
cf-request-id: 0a774138be00001456ac0e7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 659f04a139f51456-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Fri, 04 Jun 2021 06:13:56 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 277
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=amnoeUy4ZawTBA9MGKDePZaUr6t0MrytoEOrHVTuUa; path=/; domain=.tribalfusion.com; expires=Thu, 02-Sep-2021 06:13:55 GMT; SameSite=None; Secure; ANON_ID_old=amnoeUy4ZawTBA9MGKDePZaUr6t0MrytoEOrHVTuUa; path=/; domain=.tribalfusion.com; expires=Thu, 02-Sep-2021 06:13:55 GMT;
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 0a7741381a000014566839b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 659f04a028251456-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9947
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=QuBqvr4klGLM&pid=557219

1 B
68 B

23ms
22ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=QuBqvr4klGLM&pid=557219
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=QuBqvr4klGLM&pid=557219
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=78FB9484-B111-4990-8D9D-2105A54BB762; KRTBCOOKIE_57=22776-2304656518715799563; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEBSuauW8Fovee9nvF591cQs&KRTB&16514-CAESEBSuauW8Fovee9nvF591cQs&KRTB&23025-CAESEBSuauW8Fovee9nvF591cQs; KRTBCOOKIE_377=6810-53975fcb-e6bd-4ffa-878d-5c11df38f871&KRTB&22918-53975fcb-e6bd-4ffa-878d-5c11df38f871&KRTB&23031-53975fcb-e6bd-4ffa-878d-5c11df38f871; KRTBCOOKIE_391=22924-1461932128129215169&KRTB&23263-1461932128129215169; KRTBCOOKIE_1101=23040-6969818098401867916; KRTBCOOKIE_27=16735-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&16736-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&23019-uid:c62960b9-c4a2-4000-bb81-e938691d0713&KRTB&23114-uid:c62960b9-c4a2-4000-bb81-e938691d0713; KRTBCOOKIE_336=5844-5093725860197012021; KRTBCOOKIE_153=19420-C60kuV6pJ7IQqXazX6lr5FuodLUQrX6yXKXCCOfY&KRTB&22979-C60kuV6pJ7IQqXazX6lr5FuodLUQrX6yXKXCCOfY; KRTBCOOKIE_22=14911-8667061566952908037; KRTBCOOKIE_218=22978-YLnEogABh8DaSQA4&KRTB&23194-YLnEogABh8DaSQA4&KRTB&23209-YLnEogABh8DaSQA4&KRTB&23244-YLnEogABh8DaSQA4; KRTBCOOKIE_466=16530-bac580a2-9d3c-4095-8ecc-a0421c7e4387; chkChromeAb67Sec=2; DPSync3=1623974400%3A232_201_197_219_221_226_227%7C1622851200%3A174; SyncRTB3=1624060800%3A35%7C1623628800%3A63%7C1625356800%3A203%7C1623974400%3A13_81_21_3_8_220_230_204_161_166_55_99_88_54_56_71_234_22_7_176_165_222_189%7C1623369600%3A223_67_15_2; KRTBCOOKIE_409=22966-j4HhmjXVYB9IeWyJEqNyW6z1; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_47eaa6d1-b8e2-4c0f-b373-54d8d91571b8; KRTBCOOKIE_594=17105-RX-a86525d3-96cb-4a35-a0f1-a1af289b488d-003&KRTB&17107-RX-a86525d3-96cb-4a35-a0f1-a1af289b488d-003; PugT=1622787236; SPugT=1622787234
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 06:13:56 GMT
content-type: text/html; charset=utf-8
content-length: 1
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 06:13:56 GMT; path=/
x-lat: lhrpug004:0:531
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-555c8fd69d-mljl9
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=QuBqvr4klGLM&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=134e7ff2e99498c0; path=/; HttpOnly; Secure; SameSite=None

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame D96B
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1a574f6b-0906-4dd2-b4f8-b4eb40da7ad1-tuct7b34a23&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
53 B

16ms
15ms

Document
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1a574f6b-0906-4dd2-b4f8-b4eb40da7ad1-tuct7b34a23&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1a574f6b-0906-4dd2-b4f8-b4eb40da7ad1-tuct7b34a23&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=1a574f6b-0906-4dd2-b4f8-b4eb40da7ad1-tuct7b34a23
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Fri, 04 Jun 2021 06:13:55 GMT
via: 1.1 varnish
x-served-by: cache-hhn11561-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1622787236.889843,VS0,VE8
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=1a574f6b-0906-4dd2-b4f8-b4eb40da7ad1-tuct7b34a23;Version=1;Path=/;Domain=.taboola.com;Expires=Sat, 04-Jun-2022 06:13:55 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1a574f6b-0906-4dd2-b4f8-b4eb40da7ad1-tuct7b34a23&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Fri, 04 Jun 2021 06:13:55 GMT
via: 1.1 varnish
x-served-by: cache-hhn11561-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1622787236.873187,VS0,VE9
x-vcl-time-ms: 9
content-length: 0

GET
H2 200 setuid Show response
rtb.adxpremium.services/ Frame 3F98 0
730 B 315ms
13ms Document
text/plain 2606:4700:e6::ac40:c319
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=78FB9484-B111-4990-8D9D-2105A54BB762
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: rtb.adxpremium.services
:scheme: https
:path: /setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=78FB9484-B111-4990-8D9D-2105A54BB762
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSCookie=1; uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJlMjdlYzlhMmFkNDIwZWEyIiwiZXhwaXJlcyI6IjIwMjEtMDYtMThUMDg6MTM6NTUuMjU1MDAxODYrMDI6MDAifX0sImJkYXkiOiIyMDIxLTA2LTA0VDA4OjEzOjU1LjI1NTAwMDI0KzAyOjAwIn0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 04 Jun 2021 06:13:56 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: SSCookie=1; Path=/; Expires=Thu, 02 Sep 2021 06:13:56 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJlMjdlYzlhMmFkNDIwZWEyIiwiZXhwaXJlcyI6IjIwMjEtMDYtMThUMDg6MTM6NTUuMjU1MDAxODYrMDI6MDAifSwicHVibWF0aWMiOnsidWlkIjoiNzhGQjk0ODQtQjExMS00OTkwLThEOUQtMjEwNUE1NEJCNzYyIiwiZXhwaXJlcyI6IjIwMjEtMDYtMThUMDg6MTM6NTYuMTYyMzM4ODIxKzAyOjAwIn19LCJiZGF5IjoiMjAyMS0wNi0wNFQwODoxMzo1NS4yNTUwMDAyNCswMjowMCJ9; Path=/; Domain=adxpremium.services; Expires=Thu, 02 Sep 2021 06:13:56 GMT; Secure; SameSite=None
vary: Origin
cf-cache-status: DYNAMIC
cf-request-id: 0a7741393a000005bb39102000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PfnbQcKbyik%2FnR1lpogxQHdrBxWksHVCPdqfFjlUxzsgekKJyvjFuinlrXU9MkzlPnNLhEqnGLH5hJ8gT5scjsBcgeWBGRvWO4T6lPFr1S5GVkGMWYa87vn9Bn7I5SWKbcsB6wqxsFG5sWRXjDl7xzM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 659f04a1fbae05bb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 1868
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=78FB9484-B111-4990-8D9D-2105A54BB762&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=78FB9484-B111-4990-8D9D-2105A54BB762&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=78FB9484-B111-4990-8D9D-2105A54BB762&addseg=19,36,42

7 B
78 B

81ms
24ms

Image
text/plain

185.64.190.87
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=78FB9484-B111-4990-8D9D-2105A54BB762&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
content-length: 7
content-type: text/plain; charset=utf-8

Redirect headers

date: Fri, 04 Jun 2021 06:13:55 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=78FB9484-B111-4990-8D9D-2105A54BB762&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 1868
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=78FB9484-B111-4990-8D9D-2105A54BB762&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=78FB9484-B111-4990-8D9D-2105A54BB762&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

27ms
27ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=78FB9484-B111-4990-8D9D-2105A54BB762&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:55 GMT
frontend-id: 8
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:55 GMT
frontend-id: 4
location: /pubmatic/1/info2?sType=sync&sExtCookieId=78FB9484-B111-4990-8D9D-2105A54BB762&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 1868 95 B
490 B 57ms
38ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=78FB9484-B111-4990-8D9D-2105A54BB762
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 659f04a02a1c4ed9-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a7741381d00004ed9cd930000000001

GET
H2 204 /
loadm.exelator.com/load/ Frame 1868 0
751 B 51ms
17ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=71&buid=78FB9484-B111-4990-8D9D-2105A54BB762&gdpr=0&gdpr_consent=&j=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1868
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
203 B

22ms
22ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:454
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:55 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1868
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2304656518715799563

42 B
187 B

22ms
21ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2304656518715799563
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:232
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:55 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.53:80
AN-X-Request-Uuid: c08892c0-ce03-4dde-aa91-fbf65130a684
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2304656518715799563
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1868
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_47eaa6d1-b8e2-4c0f-b373-54d8d91571b8

42 B
304 B

22ms
22ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_47eaa6d1-b8e2-4c0f-b373-54d8d91571b8
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:55 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:399
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_47eaa6d1-b8e2-4c0f-b373-54d8d91571b8
date: Fri, 04 Jun 2021 06:13:55 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H/1.1 200
OK sync_user Show response
octopus-stream01-cads.fpt.vn/analytics/ 51 B
416 B 222ms
221ms XHR
application/json 1.55.119.34
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=38fff5ce-ecf9-46f0-abf9-a28213297011
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: 5de71115bac3f1f758eca422464fe879efcdbb719a3f31e16bc1d35da143ac67

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vnexpress.net
Date: Fri, 04 Jun 2021 06:13:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Content-Length: 51
Content-Type: application/json

GET
H/1.1 200
OK sync_user Show response
octopus-stream01-cads.fpt.vn/analytics/ 51 B
416 B 221ms
221ms XHR
application/json 1.55.119.34
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=c0b97a89-f683-479d-afab-36e784ab08e8
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: dd3d1551228dc80db17a265c182adb8f2b099d1dd733863ce8006c9048fc488e

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vnexpress.net
Date: Fri, 04 Jun 2021 06:13:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Content-Length: 51
Content-Type: application/json

GET
H/1.1 200
OK sync_user Show response
octopus-stream01-cads.fpt.vn/analytics/ 51 B
416 B 443ms
221ms XHR
application/json 1.55.119.34
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=c0b97a89-f683-479d-afab-36e784ab08e8
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: dd3d1551228dc80db17a265c182adb8f2b099d1dd733863ce8006c9048fc488e

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vnexpress.net
Date: Fri, 04 Jun 2021 06:13:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Content-Length: 51
Content-Type: application/json

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 104ms
104ms XHR
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 06:13:56 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
933 B 40ms
39ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787236017

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:56 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.26:80
AN-X-Request-Uuid: efef24f2-29c1-441f-8638-651ec8641ebd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
933 B 20ms
20ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787236017

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:56 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.14:80
AN-X-Request-Uuid: 44b13e16-2980-4e6c-acba-d6d890bf20da
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622787236018&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:56 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 29ms
28ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: db293bf095eb3b98e595f6d7bd18d7fe5579e9366e79969b0b8b5af5b09df14d

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:56 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 26ms
25ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d78142d5636d8f5ffb6028a8e96349a54f69800dc3a1374a34475e9a582e4f04

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:56 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
538 B 110ms
109ms XHR
application/json 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPTZjMzhkMGE3LTk2MWQtNDQ2Zi1hNTY1LWE5MWU5NGFjMTJhMg%3D%3D&pt=net&stid=c4396b48-37d5-4474-9f79-cd38197a0fd9&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:56 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 26ms
26ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:13:56 GMT
X-SpotX-Timing-Transform: 0.000293
X-SpotX-Timing-SpotMarket: 0.004921
X-SpotX-Timing-Page-Mux: 0.001125
X-SpotX-Timing-Page-Require: 0.000535
X-fe: 084
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.010279
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000433
Last-Modified: Fri, 04 Jun 2021 06:13:56 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004921
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002951
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000017
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 28ms
27ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:13:56 GMT
X-SpotX-Timing-Transform: 0.000428
X-SpotX-Timing-SpotMarket: 0.006196
X-SpotX-Timing-Page-Mux: 0.001182
X-SpotX-Timing-Page-Require: 0.000531
X-fe: 062
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.012168
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000478
Last-Modified: Fri, 04 Jun 2021 06:13:56 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.006196
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.003331
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000018
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 21ms
20ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 27ms
27ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622787236136&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:56 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3E7A 338 KB
116 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:56 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3D4B 338 KB
116 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:56 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D62F 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116343
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 3E7A 44 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:56 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3E7A 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F41C 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116343
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 3D4B 44 KB
16 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:13:56 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3D4B 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 2338 0
74 B 16ms
14ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158804&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:54 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A868 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1156
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A744 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1156
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D62F 156 B
143 B 182ms
182ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=650512331635708&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3734872174&sdk_apis=2%2C8&sid=15887392-0D57-47FF-A49D-C57659DF1675&eid=44730464&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787236380&cookie_enabled=1&scor=3362604374673460&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame F41C 156 B
143 B 184ms
184ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=571441107923720&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3944310579&sdk_apis=2%2C8&sid=F51015E0-81CC-48A8-9080-E6E737D97234&eid=44729309&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787236405&cookie_enabled=1&scor=3471964597335904&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
rtb.adxpremium.services/ Frame 2F90
Redirect Chain

https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D
https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=SVVy1AR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RX...
https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=2304656518715799563&mpk=SVVy1AR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV...
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=2304656518715799563

0
1014 B

319ms
18ms

Image
text/plain

2606:4700:e6::ac40:c319
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=2304656518715799563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user-sync.adxpremium.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:56 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TIRE%2FFfQ2lG%2BhSbNxlJg6GaXEh9Qnb3rLSB13McyROKnQ4Pz59hfbSe1BmWxtysZzoMOEShI3jlUp9WLkkoDaOW7OgvOhuxpAwWLMCrLuRFYOxvSnIYjJ%2FDAh%2BXgOJuASRCIwcZPl9MEIdhJdvMTPjc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 659f04a72e8705bb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
cf-request-id: 0a77413c7a000005bb54056000000001
expires: 0

Redirect headers

date: Fri, 04 Jun 2021 06:13:56 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FKKvJVoF9MROaj3EP46Hxvgo%2BquSPGoCUb6b6OfGysO307E6h%2FeXvUhT4LOaQsXR1oI3gJO41lY6JaBaiJJIj1VInXbbQJAXYUm7Mm2G3hgNvNI%2Fga6SHBkFfMv1DiyVIsJ0gu9jLig%3D"}],"group":"cf-nel","max_age":604800}
location: https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=2304656518715799563
cf-ray: 659f04a49a3ac2ef-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
cf-request-id: 0a77413adf0000c2ef1fa9f000000001

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame 405D
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_...
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26...

13 B
91 B

20ms
20ms

Document
text/html

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

:method: GET
:authority: ads.us.e-planning.net
:scheme: https
:path: /uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://user-sync.adxpremium.services/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: CT=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://user-sync.adxpremium.services/

Response headers

server: openresty
date: Fri, 04 Jun 2021 06:13:57 GMT
content-type: text/html
content-length: 13
x-sid: AMS-611

Redirect headers

server: openresty
date: Fri, 04 Jun 2021 06:13:57 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: CT=1; path=/; SameSite=None; Secure
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
x-sid: AMS-611

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 9012 281 B
554 B 25ms
24ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://user-sync.adxpremium.services/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://user-sync.adxpremium.services/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Jun 2021 06:13:57 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9012 31 KB
10 KB 27ms
27ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:13:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 21:11:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=72402
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9301
Expires: Sat, 05 Jun 2021 02:20:39 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 9012 284 B
536 B 22ms
22ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-lupon&endpoint=eu?gdpr=1&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/jpg

GET
H2

200

setuid
rtb.adxpremium.services/ Frame 2F90
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://rtb.adxpremium.services/setuid?bidder=adform&gdpr=1&gdpr_consent=&uid=1461932128129215169

0
620 B

14ms
14ms

Image
text/plain

2606:4700:e6::ac40:c319
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adxpremium.services/setuid?bidder=adform&gdpr=1&gdpr_consent=&uid=1461932128129215169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c319 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user-sync.adxpremium.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:57 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BWgPwM3q2Z6HAZ1sSj%2FIx6NtgYBObR1OKMHenoTOreoC%2BXGRnoY2mZZKmzHILLJVNKDTordglwvB61pYrRaNc2dEa1aopbZv4zmnyiStZV0HTFlZ96joUc%2BfSXwcaytoKhKx%2FxcCEO9Nz9OY11m%2FS8s%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 659f04a8d9f305bb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
cf-request-id: 0a77413d8a000005bbef9d8000000001
expires: 0

Redirect headers

location: https://rtb.adxpremium.services/setuid?bidder=adform&gdpr=1&gdpr_consent=&uid=1461932128129215169
date: Fri, 04 Jun 2021 06:13:57 GMT
server: nginx
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK syncuser Show response
adp.vnecdn.net/ 110 B
886 B 229ms
228ms XHR
application/json 111.65.249.226
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://adp.vnecdn.net/syncuser?fosp_aid=cji599zdy7vhcdc8.1622787229.des&orig_aid=cji599zdy7vhcdc8.1622787229.des&myvne_user_id=0
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.226 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 5498c97ef258d3703a0d206ef1a06404e928092a5869309ff52123a91051c993

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:13:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 04 Jun 2021 13:13:58 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/212158/0/ 168 B
377 B 44ms
18ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622787232&cbb=2787238749
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:58 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H2 200 track
track1.aniview.com/ 0
70 B 101ms
101ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787238750&asid=603f3845a58ab3069815987b%2C5f0e87a3db73b9083a397ae5%2C6050a53041a04e37862d1575%2C603f4143d8cb955a43024a76%2C5f310027fc32916fcd7c5765&ofpr=1%2C%2C1.5%2C1%2C1.5&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
834 B 16ms
15ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

2f03a746457e8bb4430fa50f70da7360534fb946584602a9081228fbc2b18281

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:58 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.207:80
AN-X-Request-Uuid: 7913a280-1d1e-4696-b3a4-14d92efc8887
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
714 B 17ms
17ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:58 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.100:80
AN-X-Request-Uuid: 4eabcddf-4eee-47f7-b2e5-761d6631c3e6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 26ms
25ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8cbaaf798e2b671957103ad7f6b17b19e74e568b642d02724ad6840237184b4d

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:58 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 31ms
30ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 665c85693540e618dbef636c5873892cced77211a7fa9f2aa6a1673ed657c5b6

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:58 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/212158/0/ 168 B
377 B 29ms
29ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622787232&cbb=2787238797
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:58 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H2 200 track
track1.aniview.com/ 0
70 B 113ms
112ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787238798&asid=603f3845a58ab3069815987b%2C5f0e87a3db73b9083a397ae5%2C6050a53041a04e37862d1575%2C603f4143d8cb955a43024a76%2C5f310027fc32916fcd7c5765&ofpr=1%2C%2C1.5%2C1%2C1.5&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
835 B 18ms
17ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

3d5ad6769c55230692f65960461804cc514aa9fb3537e9e0e0c8cac230360f16

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:58 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.205:80
AN-X-Request-Uuid: 6ef81178-ea81-4f75-ad42-84bca4003fba
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 33ms
33ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3d328cd7ebbe23e1e374ed449d6f332d9f179600b2a1defa08245a0d0aa6aef1

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:58 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
713 B 29ms
29ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:58 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.49:80
AN-X-Request-Uuid: 56fe2fd0-f8df-4ce4-8d37-83d81fc01df5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 36ms
36ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c4ac071df6c8ca689dacea4dddd544692b140c8fa1d5179d00c62300eea8df12

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:58 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/212158/0/ 168 B
377 B 43ms
42ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622787232&cbb=2787238842
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:58 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H2 200 track
track1.aniview.com/ 0
70 B 102ms
102ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787238843&asid=603f3845a58ab3069815987b%2C5f0e87a3db73b9083a397ae5%2C6050a53041a04e37862d1575%2C603f4143d8cb955a43024a76%2C5f310027fc32916fcd7c5765&ofpr=1%2C%2C1.5%2C1%2C1.5&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 32ms
32ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 76cc94c6a75b51234544327a46ed8941f690e1025ea19e0d993d1ce7c6ff74d1

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:58 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
385 B 21ms
21ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 67daf97ed0938eb20946252831d3466d174194694a33fb58a3d57442520d2bd3

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:58 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
835 B 16ms
16ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

596af34b9720d985e853aa530c096a8c3aac2a7522b666ddf9e25b109540958f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:58 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.244:80
AN-X-Request-Uuid: e3e95c14-8c6f-467b-bd22-033cc8e20732
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
714 B 17ms
17ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:58 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.152:80
AN-X-Request-Uuid: 6d02d095-a67b-445f-800f-d07e49cedb72
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/212158/0/ 168 B
377 B 28ms
27ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622787232&cbb=2787238889
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:58 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 105ms
105ms XHR
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 06:13:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787238889&asid=603f3845a58ab3069815987b%2C5f0e87a3db73b9083a397ae5%2C6050a53041a04e37862d1575%2C603f4143d8cb955a43024a76%2C5f310027fc32916fcd7c5765&ofpr=1%2C%2C1.5%2C1%2C1.5&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 24ms
23ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 91e9dadde6b17dba28e53d1a44fe16bf2643c4766744a720d1652155a6aa31e2

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:58 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
834 B 15ms
15ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

c1ae771d7c611b6b2dd61ef59ee37f4bbaefe6ba451d5d2896aa2200e9060a00

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:58 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.150:80
AN-X-Request-Uuid: c1aa5858-5028-4c87-a891-b149f8727eca
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 45ms
45ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 78b500e90f6cb61ee33b089466a0e81b896c7ee3b7ee5418a721543a2ae09f5e

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:58 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
714 B 99ms
99ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:58 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.155:80
AN-X-Request-Uuid: b8c4d27a-5753-463f-bd69-8fc3e34d4cee
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/212158/0/ 168 B
377 B 31ms
31ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622787232&cbb=2787238995
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:59 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787238996&asid=603f3845a58ab3069815987b%2C5f0e87a3db73b9083a397ae5%2C6050a53041a04e37862d1575%2C603f4143d8cb955a43024a76%2C5f310027fc32916fcd7c5765&ofpr=1%2C%2C1.5%2C1%2C1.5&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:59 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
714 B 16ms
16ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:59 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.137:80
AN-X-Request-Uuid: 586067f6-fe0e-4795-960c-5815357342e7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 93ms
93ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

778aadbbceff9922f947f84c190dbb37cd96b5fda1fa2b2857ff4ffa10878bf2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:59 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.53:80
AN-X-Request-Uuid: aab3a8d7-bced-4ff5-b4b9-62dae38d4cd3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 34ms
34ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4971d648fef578e538300acd671c33074d6fcb313f4ba91da9c889f8a1b08b58

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:59 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 27ms
27ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ab91a6fa88858bb3f4145297331d851d26bbeed7cb6470e12ba36324add0d185

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:59 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/212158/0/ 168 B
377 B 83ms
83ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622787232&cbb=2787239096
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:59 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787239097&asid=603f3845a58ab3069815987b%2C5f0e87a3db73b9083a397ae5%2C6050a53041a04e37862d1575%2C603f4143d8cb955a43024a76%2C5f310027fc32916fcd7c5765&ofpr=1%2C%2C1.5%2C1%2C1.5&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:13:59 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
868 B 17ms
16ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:59 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.80:80
AN-X-Request-Uuid: 3eca5528-e83b-4c40-92e7-d0b737f58c0f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 29ms
28ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c915af6900dc5929f282dcaed409730e67d50a168d5424910261aeb942e41076

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:59 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 140 B
990 B 17ms
16ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

8a7f70493e85d28087c4402ac8b6aacf9ecdf64c9176efc449a8a761d937fcee

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:13:59 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.15:80
AN-X-Request-Uuid: 740ae2bb-5f5b-4521-a3a0-9449cdf894a5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
385 B 27ms
26ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c0f07509eb4f7c129bc5295c1fce5eed96e97081d99b235ea754c5ac1679edaa

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:13:59 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

GET
H/1.1 200
OK sync_user Show response
octopus-stream01-cads.fpt.vn/analytics/ 51 B
416 B 222ms
221ms XHR
application/json 1.55.119.34
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=8bf77dd9-cfe2-4327-8960-d73a4590c631
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: 1363b931b7a77af8d43b02884f6e2c39c52d0c7c8a02b21ec2c81c38456f9f40

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vnexpress.net
Date: Fri, 04 Jun 2021 06:14:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Content-Length: 51
Content-Type: application/json

GET
H/1.1 200
OK sync_user Show response
octopus-stream01-cads.fpt.vn/analytics/ 51 B
416 B 223ms
222ms XHR
application/json 1.55.119.34
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=c0b97a89-f683-479d-afab-36e784ab08e8
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: dd3d1551228dc80db17a265c182adb8f2b099d1dd733863ce8006c9048fc488e

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vnexpress.net
Date: Fri, 04 Jun 2021 06:14:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Content-Length: 51
Content-Type: application/json

GET
H/1.1 200
OK sync_user Show response
octopus-stream01-cads.fpt.vn/analytics/ 51 B
416 B 222ms
222ms XHR
application/json 1.55.119.34
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=c0b97a89-f683-479d-afab-36e784ab08e8
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: dd3d1551228dc80db17a265c182adb8f2b099d1dd733863ce8006c9048fc488e

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vnexpress.net
Date: Fri, 04 Jun 2021 06:14:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Content-Length: 51
Content-Type: application/json

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 103ms
103ms XHR
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 06:14:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
933 B 17ms
16ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787241596

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:01 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.53:80
AN-X-Request-Uuid: 8b36d218-78ce-4409-b68c-8f622c277bae
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
934 B 18ms
17ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787241596

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:01 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.152:80
AN-X-Request-Uuid: 9f0baf46-3284-495c-abef-c95320792613
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 104ms
104ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622787241597&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 29ms
29ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:14:01 GMT
X-SpotX-Timing-Transform: 0.000756
X-SpotX-Timing-SpotMarket: 0.006179
X-SpotX-Timing-Page-Mux: 0.001889
X-SpotX-Timing-Page-Require: 0.000551
X-fe: 065
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000005
X-SpotX-Timing-Page: 0.012316
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000524
Last-Modified: Fri, 04 Jun 2021 06:14:01 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.006179
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002393
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000018
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
385 B 23ms
23ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6c84fcc5e8816b7cddd8eb995e8312b100a075b806201a4fde392191e77d5c8a

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:01 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 25ms
25ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 19ms
19ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 37ms
37ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3f1024b530219168976723a0cc68259ff570b91807366c59ea5cd6a365889c12

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:01 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 27ms
27ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:14:01 GMT
X-SpotX-Timing-Transform: 0.000910
X-SpotX-Timing-SpotMarket: 0.005403
X-SpotX-Timing-Page-Mux: 0.001006
X-SpotX-Timing-Page-Require: 0.000395
X-fe: 063
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000004
X-SpotX-Timing-Page: 0.011292
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000446
Last-Modified: Fri, 04 Jun 2021 06:14:01 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.005403
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.003112
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000015
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 83ms
83ms XHR
application/json 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPWYxMmE4MzEwLTJkMjQtNGYwOS1iNDY0LWNkY2I4ZjI4Y2MxMw%3D%3D&pt=net&stid=eeaf8543-9d4e-4b84-8348-53c01c3bda56&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 track
track1.aniview.com/ 0
70 B 118ms
117ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622787241689&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 17C2 338 KB
116 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:01 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:01 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7324 338 KB
116 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:01 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1F7D 575 KB
188 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116348
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 17C2 44 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 17C2 107 B
165 B 28ms
28ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9277 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116348
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 7324 44 KB
16 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7324 107 B
165 B 27ms
27ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3B57 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1161
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B113 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1161
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1F7D 156 B
287 B 187ms
186ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2799352505530786&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2183157649&sdk_apis=2%2C8&sid=F811D8B6-B6B9-47BE-88E1-51A3DA62AC43&eid=44742277&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787241927&cookie_enabled=1&scor=3475986855924932&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 9277 156 B
287 B 171ms
170ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2035810955081174&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3587609979&sdk_apis=2%2C8&sid=62888829-1D5B-45DE-869C-5C28486D3998&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787241931&cookie_enabled=1&scor=2943483044781768&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
933 B 33ms
31ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787242134

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:02 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.43:80
AN-X-Request-Uuid: 970a9214-2481-41dc-8a2b-299e1cc0845d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
933 B 27ms
26ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787242135

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:02 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.40:80
AN-X-Request-Uuid: 2e7c6c79-1523-4164-93a9-ec1a097d3363
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 101ms
100ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622787242137&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
385 B 29ms
28ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 0324ded356c942dd4055427d82788086bf7fc391225994d5f61bc0f0a91a83d4

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:02 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 26ms
26ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 95ms
95ms XHR
application/json 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPWZjNDE1MTJmLTQ3ZWMtNDk5Zi05ZWJiLTc4NDA0ZjQ0NWFhMA%3D%3D&pt=net&stid=2120e26d-4a57-456f-8783-416807c5b846&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 39ms
39ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 78c42b32681d0ed2c4751ac49b8a6c2b44681a4be55c8308bd3bb0157881e37b

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:02 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 26ms
25ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 29ms
28ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:14:02 GMT
X-SpotX-Timing-Transform: 0.000299
X-SpotX-Timing-SpotMarket: 0.004761
X-SpotX-Timing-Page-Mux: 0.000967
X-SpotX-Timing-Page-Require: 0.000312
X-fe: 074
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.012709
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000355
Last-Modified: Fri, 04 Jun 2021 06:14:02 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004761
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.006001
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 25ms
25ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:14:02 GMT
X-SpotX-Timing-Transform: 0.000283
X-SpotX-Timing-SpotMarket: 0.004327
X-SpotX-Timing-Page-Mux: 0.000834
X-SpotX-Timing-Page-Require: 0.000282
X-fe: 083
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.008861
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000255
Last-Modified: Fri, 04 Jun 2021 06:14:02 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004327
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002868
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622787242255&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D94F 338 KB
116 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:02 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8A1D 338 KB
116 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:02 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0110 575 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116349
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame D94F 44 KB
16 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:02 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame D94F 107 B
122 B 30ms
28ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame EE03 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116349
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8A1D 44 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:02 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8A1D 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DF1F 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1162
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2852 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1162
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0110 156 B
145 B 179ms
179ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=600218543207672&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=4275458296&sdk_apis=2%2C8&sid=4C2CCB23-594F-4F33-BDB6-32645A4C4980&eid=44726389&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787242575&cookie_enabled=1&scor=642991167911812&ged=ve4_td1_tt1_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame EE03 156 B
145 B 182ms
182ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2328253826977931&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2317486991&sdk_apis=2%2C8&sid=ECA47166-59E1-4131-80B0-42D8A7FC84CF&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787242584&cookie_enabled=1&scor=683468422439803&ged=ve4_td1_tt1_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
934 B 16ms
16ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787242773

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:02 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.253:80
AN-X-Request-Uuid: 30c4c7a9-54b2-4ef4-bdc6-0009823bddbb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
934 B 155ms
154ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787242773

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:02 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.149:80
AN-X-Request-Uuid: 05adf0c8-7443-4122-8665-3a79e339699f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622787242774&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 94ms
94ms XHR
application/json 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPTk4ZWJhZGZhLTc0MDYtNGUxZS05ZGY5LTRlY2UyNzNiMDNiMA%3D%3D&pt=net&stid=2a7fee9e-a984-4784-a291-90303ed2cc67&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 22ms
21ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 25ms
25ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:14:02 GMT
X-SpotX-Timing-Transform: 0.000345
X-SpotX-Timing-SpotMarket: 0.004864
X-SpotX-Timing-Page-Mux: 0.001077
X-SpotX-Timing-Page-Require: 0.000411
X-fe: 034
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.009771
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000324
Last-Modified: Fri, 04 Jun 2021 06:14:02 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004864
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002732
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000015
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 37ms
37ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 897d6471eff0566a2037d50cf6b67bd8cfc9a76f9ee23bb9ddea8ed11eb74515

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:02 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 23ms
23ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:14:02 GMT
X-SpotX-Timing-Transform: 0.000271
X-SpotX-Timing-SpotMarket: 0.003723
X-SpotX-Timing-Page-Mux: 0.000954
X-SpotX-Timing-Page-Require: 0.000366
X-fe: 086
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.008134
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000291
Last-Modified: Fri, 04 Jun 2021 06:14:02 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003723
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002509
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000018
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 19ms
18ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 27ms
27ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 75355c4185c7ffb6e1b0e1cdb6ad0ffb9cb4503d0ae76dc06c2bf5b8a917c564

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:02 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622787242929&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 132ms
132ms XHR
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 06:14:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1DAB 338 KB
116 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:02 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6768 338 KB
116 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:02 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D7C4 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116350
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1DAB 44 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:03 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1DAB 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5ECA 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116350
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6768 44 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:03 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6768 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1693 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1163
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0FBE 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1163
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D7C4 156 B
143 B 197ms
196ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4389217937390761&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=1981209409&sdk_apis=2%2C8&sid=77FA739B-8416-4D8E-ACFC-D8E2FEF69A05&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787243156&cookie_enabled=1&scor=2379443147803665&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 5ECA 156 B
143 B 308ms
308ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3802907593963978&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=4045352411&sdk_apis=2%2C8&sid=DB4FA20E-3822-4211-B425-4575F0A9CB9F&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787243161&cookie_enabled=1&scor=1028061496623787&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
934 B 22ms
22ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787243475

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:03 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.244:80
AN-X-Request-Uuid: 5e66c8bc-3b18-4304-a01c-3040a8d2aae2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
933 B 113ms
113ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787243475

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:03 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.48:80
AN-X-Request-Uuid: 4043984b-8588-4a67-8b43-ab864ad25836
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 104ms
104ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622787243476&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 27ms
26ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: fbd39dbfbe1d728ea2ab4d90786d2079869290f62825d82a55c920d52cbc4327

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:03 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 22ms
22ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
389 B 52ms
52ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f279fdffc25bcd2487f3b1b618e07e59e3bca85ec1ff80ded34f786d98184c6d

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:03 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 177
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 23ms
23ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 105ms
105ms XHR
application/json 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPWNkZTdlMTEzLTk4MWYtNGFjYi1hMTkwLTFmNTFhNDBjN2I4YQ%3D%3D&pt=net&stid=4da29f1d-b6af-4d0c-8f6f-75e672ae97ca&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:03 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 27ms
27ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:14:03 GMT
X-SpotX-Timing-Transform: 0.000319
X-SpotX-Timing-SpotMarket: 0.006811
X-SpotX-Timing-Page-Mux: 0.001123
X-SpotX-Timing-Page-Require: 0.000433
X-fe: 013
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.011666
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000365
Last-Modified: Fri, 04 Jun 2021 06:14:03 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.006811
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002596
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000016
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 23ms
23ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:14:03 GMT
X-SpotX-Timing-Transform: 0.000269
X-SpotX-Timing-SpotMarket: 0.004048
X-SpotX-Timing-Page-Mux: 0.000897
X-SpotX-Timing-Page-Require: 0.000265
X-fe: 138
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.008293
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000231
Last-Modified: Fri, 04 Jun 2021 06:14:03 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004048
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002572
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 111ms
110ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622787243590&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7182 338 KB
116 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:03 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 58C0 338 KB
116 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:03 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 190E 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116350
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 7182 44 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:03 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7182 107 B
165 B 29ms
26ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 80B8 575 KB
188 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116350
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 58C0 44 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:03 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 58C0 107 B
165 B 29ms
28ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8E7E 36 KB
12 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1163
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2993 36 KB
12 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1163
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 190E 156 B
287 B 189ms
189ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=558690707074080&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=301788202&sdk_apis=2%2C8&sid=216517D7-E66A-4A1F-80C9-D87594213B2B&eid=44725355%2C44736152&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787243939&cookie_enabled=1&scor=1400934996445236&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 80B8 156 B
287 B 244ms
244ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4012402314286456&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=309823704&sdk_apis=2%2C8&sid=F011B52B-2159-4D2C-8401-085A6EA7BF6D&eid=44730612&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787243957&cookie_enabled=1&scor=2363749014995003&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 110ms
110ms XHR
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 06:14:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/212158/0/ 168 B
377 B 44ms
18ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622787232&cbb=2787244183
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H2 200 track
track1.aniview.com/ 0
70 B 101ms
100ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787244184&asid=603f3845a58ab3069815987b%2C5f0e87a3db73b9083a397ae5%2C6050a53041a04e37862d1575%2C603f4143d8cb955a43024a76%2C5f310027fc32916fcd7c5765&ofpr=1%2C%2C1.5%2C1%2C1.5&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&copid=5e4d2a2d2a62e7166c1db7a5&nid=59c9148628a0612da3689288&cocid=5e97fece3706f1266619c969&ncid=5ea84900c94b8975a9508d38&coasid=5ea84ae409a41a723a209314&e=request&cb=1622787244184&asid=5f4f9c3d23b3f315675708b0&ofpr=0.5&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
869 B 17ms
17ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:04 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.244:80
AN-X-Request-Uuid: 2b524545-5289-4c8f-819b-483c3a0604b3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
385 B 30ms
30ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6db7a26b08d92a7419416615bbaf5c171defd874a43904895242c3190ff2175f

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 32ms
32ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 311a0f569f4066f63d2744cc321aa8c2daf5f713cd8568d0f8d64a00d142f7c9

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
869 B 23ms
23ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:04 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.206:80
AN-X-Request-Uuid: 0b09a5b7-4678-414b-b569-6839d4d03b55
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 140 B
990 B 18ms
18ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

94aa760eb07cf77b0539489ff0cd53ce255b57c17bc0d11cbda5dfe52e894fe4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:04 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.45:80
AN-X-Request-Uuid: 864f08e6-133b-4156-a5dd-0a85bd0e8634
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
934 B 16ms
16ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787244210

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:04 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.243:80
AN-X-Request-Uuid: 122c5e2e-9779-41a6-929e-667ed9e7ef15
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
932 B 17ms
16ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787244210

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:04 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.9:80
AN-X-Request-Uuid: 02c726ad-5431-4fbb-96ed-d8ba2b9d8eac
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 101ms
101ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622787244211&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 28ms
27ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:14:04 GMT
X-SpotX-Timing-Transform: 0.000317
X-SpotX-Timing-SpotMarket: 0.005881
X-SpotX-Timing-Page-Mux: 0.001587
X-SpotX-Timing-Page-Require: 0.000349
X-fe: 008
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.011777
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000290
Last-Modified: Fri, 04 Jun 2021 06:14:04 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.005881
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.003337
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 114ms
113ms XHR
application/json 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPTEyZjIwNGUyLWJmZDctNDA1OS04ZWI2LThjZGNhOGQ2Y2Y2OA%3D%3D&pt=net&stid=e9cc11cc-61c3-4060-b6b8-435296e5d9f3&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
389 B 37ms
37ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a2f97aa0fa7d4e6f3c3cd6a33401aabe05f161a30c411ca8eee5679b2cd17d86

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 177
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
387 B 37ms
37ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4b7ee9e4f2ae9c3204f143602a0a3d9c7ba95d67cf69fd6ad6aec06824629601

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 20ms
19ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 23ms
23ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 27ms
27ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:14:04 GMT
X-SpotX-Timing-Transform: 0.000314
X-SpotX-Timing-SpotMarket: 0.006636
X-SpotX-Timing-Page-Mux: 0.000949
X-SpotX-Timing-Page-Require: 0.000326
X-fe: 095
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000004
X-SpotX-Timing-Page: 0.011343
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000365
Last-Modified: Fri, 04 Jun 2021 06:14:04 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.006636
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002737
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/212158/0/ 168 B
377 B 32ms
32ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622787232&cbb=2787244231
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787244232&asid=603f3845a58ab3069815987b%2C5f0e87a3db73b9083a397ae5%2C6050a53041a04e37862d1575%2C603f4143d8cb955a43024a76%2C5f310027fc32916fcd7c5765&ofpr=1%2C%2C1.5%2C1%2C1.5&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 25ms
25ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c99e85ef2caf3060f4e9fdfc0e2deb2e4ca3b1b21189e4648b3696190cc2e802

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 34ms
33ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d227ce43eeeab767d987a3ca998aeda5eafe94ca067603b6496834afe1fea87d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:04 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.79:80
AN-X-Request-Uuid: f50e08be-38ab-4cf1-9a2d-f738e433d9d3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 186 B
387 B 116ms
116ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 7b1842b81a7710de1d50dd5dc74ca1f129d0ee3594945ad3beb42ee196900169

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 43ms
43ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

24cf8320fb397268c97ce70195b927a1e772ad26fc927e54d0dfa44faa19f963

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:04 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.211:80
AN-X-Request-Uuid: 0f564013-26dd-42e2-a975-3e579b67e4cd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK syncuser Show response
adp.vnecdn.net/ 110 B
886 B 229ms
229ms XHR
application/json 111.65.249.226
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://adp.vnecdn.net/syncuser?fosp_aid=cji599zdy7vhcdc8.1622787229.des&orig_aid=cji599zdy7vhcdc8.1622787229.des&myvne_user_id=0
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.226 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 5498c97ef258d3703a0d206ef1a06404e928092a5869309ff52123a91051c993

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 06:14:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 04 Jun 2021 13:14:04 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622787244519&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/212158/0/ 168 B
377 B 29ms
29ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622787232&cbb=2787244535
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

GET
H2 200 track
track1.aniview.com/ 0
70 B 99ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787244535&asid=603f3845a58ab3069815987b%2C5f0e87a3db73b9083a397ae5%2C6050a53041a04e37862d1575%2C603f4143d8cb955a43024a76%2C5f310027fc32916fcd7c5765&ofpr=1%2C%2C1.5%2C1%2C1.5&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
385 B 27ms
27ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 23292e15a94006a585a5b60337614c0f3afabdb7496828f7c01d70b5251fe948

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 85ms
85ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d2def00881d35e71767fffbae26c1347a3d3f4c0de08370e2889cbb5edafcb9c

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 140 B
991 B 15ms
15ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

914c16946848dece98ded74c05e97db0e32ccf0a33134968e90fa447434d080a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:04 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.204:80
AN-X-Request-Uuid: 425c887f-3a97-4a37-928b-1b91ca094544
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
869 B 17ms
16ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:04 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.237:80
AN-X-Request-Uuid: e9ab0350-4c13-4f15-a71a-24b79da84894
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8E14 338 KB
116 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:04 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C2DB 338 KB
116 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:04 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1656 575 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116351
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C2DB 44 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:04 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame C2DB 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame EC25 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116351
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8E14 44 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:04 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8E14 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 vast2 Show response
tag.targeting.unrulymedia.com/rmp/212158/0/ 168 B
377 B 22ms
19ms XHR
application/xml 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622787232&cbb=2787244667
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
server: Tengine
content-type: application/xml
access-control-allow-origin: https://vnexpress.net
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 168

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 105ms
104ms XHR
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 06:14:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 101ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36886&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=6606732165&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787244667&asid=603f3845a58ab3069815987b%2C5f0e87a3db73b9083a397ae5%2C6050a53041a04e37862d1575%2C603f4143d8cb955a43024a76%2C5f310027fc32916fcd7c5765&ofpr=1%2C%2C1.5%2C1%2C1.5&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
868 B 26ms
26ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:04 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.77:80
AN-X-Request-Uuid: c4c0fcc9-f865-4460-ab9a-267915760a75
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 25ms
24ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 38899fa191d4d1ffd01b37a42b266cf6f6602715f81c6d33579a9b6d8d93e4e1

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 140 B
990 B 15ms
15ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

fe62b083158d8f9ec7f6366a765097a8b69dd1a44be83c4e152bd955f89ef192

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:04 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.42:80
AN-X-Request-Uuid: d9e3e97c-658e-44e3-b3dc-d975e78ca030
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 32ms
31ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f262a30ffecaebe042e8f946ce032ecc8b270f34c0e2b41b8719ebbb21200aa4

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9BC8 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1164
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9793 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1164
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 21 KB
4 KB 116ms
116ms XHR
application/json 35.171.145.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fvnexpress.net%2F&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&AV_CHANNELID=5ea26963e792ea55c7264da7&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=vnexpress.net&AV_DADPOS=3&AV_PLACEMENT=5&v=6.1.1.243&avtoken=232055&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1622787244717&tiv=W1tbImRpc3BsYXlJbXByZXNzaW9uRnJhdWQiLCIwLjYyNjAxMzMzMTI2ODEyMzMxIl0sWyIiLDBdLFsiIiwwXV1d
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-49.compute-1.amazonaws.com
Software: /
Resource Hash: ef72d6f04a38731b15b724780eda2df7e91ea7f319c961c4cbc75742f2fa9c95

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
expires: Sun, 23 May 2021 16:27:24 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1656 156 B
145 B 178ms
178ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=762488223385914&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2466647103&sdk_apis=2%2C8&sid=0C3A6AC3-E16C-400A-823F-A5F76C9DEE56&eid=44712632&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787244804&cookie_enabled=1&scor=4379205835226838&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame EC25 156 B
146 B 194ms
194ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4303365000099380&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3308733228&sdk_apis=2%2C8&sid=6A75A89B-9A0C-4F5E-98D5-8289FD894C8C&eid=44730465&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787244810&cookie_enabled=1&scor=2084035854208440&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=49387&t=1622787244&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787244767-943462658722-025749-003-002961&cha=0.05&cb=7647620803&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787244835&asid=603f3845a58ab3069815987b%2C6050a53041a04e37862d1575&ofpr=1%2C1.5&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
385 B 20ms
20ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 943d70459e01727f3cbba30fc4575809b208a3a1401b34b558eb8c1ca821d005

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
868 B 16ms
16ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:04 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.75:80
AN-X-Request-Uuid: 6476099c-4a49-4dfc-a926-c2a0cb9101df
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=49387&t=1622787244&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622787244767-943462658722-025749-003-002961&cha=0.05&cb=7647620803&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622787244861&asid=603f3845a58ab3069815987b%2C6050a53041a04e37862d1575&ofpr=1%2C1.5&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
869 B 17ms
17ms XHR
application/json 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:04 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.211:80
AN-X-Request-Uuid: 80b717d2-b68c-4b4c-9c77-16ef281cc240
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
386 B 22ms
22ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 97ad9ea52372002ccc53f2aa11079b9c7297bcd5d989be097ec016313ce47287

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:04 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 105ms
105ms XHR
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 06:14:05 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
934 B 18ms
17ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787245011

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:05 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.242:80
AN-X-Request-Uuid: ae92a54c-6ac2-4a3c-87e3-34a7ab7c81ac
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
934 B 17ms
17ms XHR
application/xml 37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2787245012

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 06:14:05 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.206:80
AN-X-Request-Uuid: 05154e7d-206c-4f88-a3fc-2160ac88b52d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
99ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622787245013&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:05 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 32ms
31ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
385 B 34ms
33ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 0739e9f54e6435ca1356242dadb59d92ef3a61b7d0477740421af4ccd702dda6

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:05 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 98ms
98ms XHR
application/json 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPTVjMjMzZWM2LWMxMGUtNDdkYi1iMDJmLTAwMmY1OTE2MGEwNQ%3D%3D&pt=net&stid=6063a7ab-859c-44df-83c1-06d498aa7cfb&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:05 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 27ms
27ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:14:05 GMT
X-SpotX-Timing-Transform: 0.000319
X-SpotX-Timing-SpotMarket: 0.004895
X-SpotX-Timing-Page-Mux: 0.002006
X-SpotX-Timing-Page-Require: 0.000376
X-fe: 040
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.010340
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000346
Last-Modified: Fri, 04 Jun 2021 06:14:05 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004895
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002377
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000017
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 27ms
27ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 06:14:05 GMT
X-SpotX-Timing-Transform: 0.001166
X-SpotX-Timing-SpotMarket: 0.006333
X-SpotX-Timing-Page-Mux: 0.001004
X-SpotX-Timing-Page-Require: 0.000418
X-fe: 060
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000004
X-SpotX-Timing-Page: 0.011768
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000353
Last-Modified: Fri, 04 Jun 2021 06:14:05 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.006333
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002476
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 27ms
26ms XHR
application/json 52.29.156.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.156.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-156-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: fe34792ea8ba0ae4857c81c1ae6509243b9c1b489ce9e2fb27f781a310d744a1

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 06:14:05 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 23ms
23ms XHR
application/json 18.193.42.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 track
track1.aniview.com/ 0
70 B 100ms
100ms Image
text/plain 54.91.110.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=39745&t=1622787232&cip=89.249.64.171&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622787232412-992337078722-007368-009-000140&cha=0.7&cb=67687019224&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622787245118&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.110.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-110-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:05 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 43D5 338 KB
116 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:05 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0147 338 KB
116 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:05 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 139B 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116352
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 43D5 44 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:05 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 43D5 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2CDC 575 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:54:53 GMT
expires: Thu, 02 Jun 2022 21:54:53 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 116352
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 0147 44 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:14:05 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0147 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 06:14:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 42EC 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1165
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7483 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 05:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1165
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:54:40 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 139B 156 B
145 B 299ms
299ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3614913607451383&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3308733228&sdk_apis=2%2C8&sid=01211D7B-CCD5-4E5F-97B8-AF67AFBB87FB&eid=44736153&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787245375&cookie_enabled=1&scor=247006168340819&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2CDC 156 B
145 B 234ms
234ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2131616909093843&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2466647103&sdk_apis=2%2C8&sid=619753B8-42EE-4743-A67A-B6E3B520BA2D&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622787245389&cookie_enabled=1&scor=3602728581368496&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 06:14:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync_user Show response
octopus-stream01-cads.fpt.vn/analytics/ 51 B
416 B 227ms
227ms XHR
application/json 1.55.119.34
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=f3bc9676-fcdc-43e9-9ef5-4a7144c76228
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: 3b423ed9a58b66356d669553c47ee2e44a1c531fdb08870bf6d9f1e1cba4264b

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vnexpress.net
Date: Fri, 04 Jun 2021 06:14:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Content-Length: 51
Content-Type: application/json

GET
H/1.1 200
OK sync_user Show response
octopus-stream01-cads.fpt.vn/analytics/ 51 B
416 B 227ms
227ms XHR
application/json 1.55.119.34
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=c0b97a89-f683-479d-afab-36e784ab08e8
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: dd3d1551228dc80db17a265c182adb8f2b099d1dd733863ce8006c9048fc488e

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vnexpress.net
Date: Fri, 04 Jun 2021 06:14:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Content-Length: 51
Content-Type: application/json

GET
H/1.1 200
OK sync_user Show response
octopus-stream01-cads.fpt.vn/analytics/ 51 B
416 B 226ms
226ms XHR
application/json 1.55.119.34
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=c0b97a89-f683-479d-afab-36e784ab08e8
Requested by: Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash: dd3d1551228dc80db17a265c182adb8f2b099d1dd733863ce8006c9048fc488e

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://vnexpress.net
Date: Fri, 04 Jun 2021 06:14:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Content-Length: 51
Content-Type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.eclick.vn
URL: https://s.eclick.vn/delivery/eclick.js

Domain: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/dfpbrand.js

Domain: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Domain: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js

Domain: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1733/v3/production/blocks/site/1000000.js

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: logperf.vnexpress.net
URL: https://logperf.vnexpress.net/perf?lt=0&dclt=0&sr=0&url=vne_reload&iscache=0&device_env=4&domain=vnexpress.net&timeserver=1622787180000&timecookie=&timeclient=1622805228000

Domain: ureka-d.openx.net
URL: https://ureka-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fvnexpress.net%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d6db4cbe-9b60-4fc8-859e-206edad60cd2%2C30e64da8-6e8a-4d85-8ff9-0b4a5411c25d%2Cbd692ae5-f79b-45f3-ad4c-78371b3c03a3%2Cd7a545b5-475f-43bd-9d70-8d5b36b34e62%2C147bf4f0-d369-43cb-afa5-8728fddc2aea%2C0a7f802f-f7fb-458d-a1cd-716c0156af2c%2Cb909b4b3-8e6e-4d93-b5f6-6ba7346a959e%2Cb4f6d43c-444d-467b-9676-9f1889e2dec5&nocache=1622787230641&aus=1920x270%2C970x250%7C300x250%2C300x600%7C300x250%7C300x250%2C300x600%7C728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250&divIds=%252F27973503%252FOV.Vnexpress%252FDesktop%252FMasthead%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FLarge1%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FLarge2%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FLarge3%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FBreakpage1%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FBreakpage2%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FBreakpage3%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FBreakpage4%252FHome&auid=541183412%2C541183412%2C541183412%2C541183412%2C541183412%2C541183412%2C541183412%2C541183412

Domain: um.simpli.fi
URL: https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

388 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js(Line 29) Message: -- ATM info -- Performance check: 913.80615234375 ms
console-api	log	URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js(Line 19) Message: /27973503/OV.Vnexpress/Desktop/Richmedia/Home is Empty: false
console-api	log	URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js(Line 19) Message: /27973503/OV.Vnexpress/Desktop/Large2/Home is Empty: false
console-api	log	URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js(Line 19) Message: /27973503/OV.Vnexpress/Desktop/Masthead/Home is Empty: false
console-api	log	URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js(Line 19) Message: /27973503/OV.Vnexpress/Desktop/Large1/Home is Empty: false
console-api	info	URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105242203000 https://vnexpress.net/
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 08:13:53.039 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 08:13:53.040 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9a764399024fdc78cc2fffc302774acb.safeframe.googlesyndication.com
a.tribalfusion.com
acdn.adnxs.com
acds.prod.vidible.tv
ad.360yield.com
ad.turn.com
ad4m.at
adp.vnecdn.net
ads.adaptv.advertising.com
ads.adpone.com
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
adx.adform.net
ae13331e079e874449f5596ea7cebb9a.safeframe.googlesyndication.com
ajax.googleapis.com
analytics.google.com
api.ipify.org
aud.pubmatic.com
bd.urekamedia.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cdn-ssl.vidible.tv
cdn.ampproject.org
cdn.connectad.io
cdn.fuseplatform.net
cdn.hbplatform.com
ced.sascdn.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
core.polyad.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.rtbsrv.com
dmp.urekamedia.com
dsp.adfarm1.adition.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eu-ads.adpone.com
eu-u.openx.net
eus.rubiconproject.com
fb9e644e8c5fa263001b3766fbf094e3.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
g.eclick.vn
go1.aniview.com
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
gw.vnexpress.net
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
la.vnecdn.net
la2.vnecdn.net
loada.exelator.com
loadm.exelator.com
logperf.vnexpress.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mc.yandex.com
mc.yandex.ru
mwzeom.zeotap.com
octopus-stream01-cads.fpt.vn
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
player.aniview.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.moatads.com
rtb.adpone.com
rtb.adxpremium.services
rtb.gamoshi.io
rtb.gumgum.com
rtb.openx.net
s.adtelligent.com
s.eclick.vn
s.tribalfusion.com
s.vnecdn.net
s0.2mdn.net
s1.vnecdn.net
s1cdn.vnecdn.net
scdn.eclick.vn
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
solution.urekamedia.com
static.criteo.net
static.eclick.vn
stats.g.doubleclick.net
storage.googleapis.com
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.aniview.com
sync.go.sonobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tag.targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
trk.vidible.tv
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
ureka-d.openx.net
us-u.openx.net
user-sync.adxpremium.services
usi-saas.vnexpress.net
vcdn1-giaitri.vnecdn.net
vcdn1-kinhdoanh.vnecdn.net
vcdn1-suckhoe.vnecdn.net
vcdn1-vnexpress.vnecdn.net
visitor.fiftyt.com
vnexpress.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.vnexpress.net
x.bidswitch.net
z.moatads.com
logperf.vnexpress.net
s.eclick.vn
s1.vnecdn.net
securepubads.g.doubleclick.net
um.simpli.fi
ureka-d.openx.net
www.google-analytics.com
www.googletagmanager.com
1.55.119.34
103.132.192.30
104.111.230.142
111.65.248.197
111.65.248.227
111.65.249.130
111.65.249.131
111.65.249.225
111.65.249.226
111.65.250.2
111.65.251.2
125.212.217.46
13.58.174.102
142.250.185.130
142.250.186.66
151.101.113.108
151.101.114.49
162.55.6.210
178.162.133.149
178.250.2.131
178.250.2.151
178.62.202.251
18.193.42.157
18.197.47.23
18.198.126.47
18.198.69.109
180.148.129.21
180.148.132.197
180.148.132.75
180.148.141.233
185.29.133.58
185.33.221.52
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.64.190.87
185.94.180.123
185.94.180.126
193.122.130.38
198.148.27.139
199.232.137.44
2.16.186.113
2.18.233.180
2.18.235.40
2001:678:cb4:bbbb::11
213.155.156.166
213.19.147.43
213.19.147.44
213.19.147.45
23.21.224.49
2600:1901:0:14e5::
2600:1901:0:98f7::
2606:4700:10::6816:1857
2606:4700:10::6816:36ce
2606:4700:20::681a:b19
2606:4700:20::681a:bd1
2606:4700:3030::ac43:a1fd
2606:4700:3037::6815:18da
2606:4700::6812:c05
2606:4700:e6::ac40:c319
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:800::200e
2a00:1450:4001:802::200a
2a00:1450:4001:803::2001
2a00:1450:4001:803::2006
2a00:1450:4001:803::2010
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2004
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9a
2a00:1450:400c:c08::9c
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00:28a::2c79
2a02:6b8::1:119
2a02:fa8:8806:16::1370
2a0b:4d07:101::1
2a0b:4d07:102::1
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.126.56.137
34.98.107.212
34.98.64.218
35.171.145.49
35.201.96.126
35.227.252.103
37.157.2.236
37.157.6.242
37.252.172.36
5.178.65.245
51.210.112.63
51.89.9.253
52.1.101.77
52.17.151.21
52.18.52.16
52.28.33.202
52.29.156.139
52.48.131.173
52.49.40.147
52.57.141.238
52.58.102.227
54.91.110.216
62.149.0.72
66.155.71.149
69.173.144.139
72.251.241.204
76.223.111.131
77.243.60.138
85.114.159.93
94.23.73.243
00929a0dae59d90a6b2e1d31b9bd351d610298753183bd111ead6b16de89b340
00ea80e2ca6dd49a2e8a13bd6b8827d39858bd1cfa874ce39bff75e8ce80b986
00f8e70e5cca0acf651b7015decad2f6cffcaa252fec8ede2c28aa50eac2e3dc
02e89ae04433ec2555f27e543f23ba9361c23a8ad89d357ba5f8b40c83c6a231
0324ded356c942dd4055427d82788086bf7fc391225994d5f61bc0f0a91a83d4
063f9379e091c03bcf095b3dfab7429737dd1e46eb98ed9c597bb4cd7df731d0
06cc3d19bf2b158e26fb13dc2d0e5459ade5762868b0d4b5ddac3cbbe2a882f4
0739e9f54e6435ca1356242dadb59d92ef3a61b7d0477740421af4ccd702dda6
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
099c706399240a4769a6a0736871c17af6e5276ff25608fec6136bc87e6d804b
09cfecd1d412733f90e2f18a56072aa9ec222cf0669271d4bdf6b90d0687eb87
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c84cf92322d1cced22a12ae95bb96fb0758c950f9fde7476934ec5915787005
119ec1d9a42611e9ff521ffd50a5a8b85df6006c9c19ce856ebcef1ea373f506
11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3
12773f802ed6ef312ce274f075ffea027ebc92845ca3b9ace811820806ad6353
12993a139a46e15abb56308ef8656d80812fb748dfa88116ee6e20ad3494ae98
12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768
1363b931b7a77af8d43b02884f6e2c39c52d0c7c8a02b21ec2c81c38456f9f40
13791f74085348e02137240ad8a3fa0f5b85c92c2b04867b064f2e8bda4733a0
1406d6721214263c0df42d8a2be9ec16531dacc36403dc3054997ea856dabab7
14ec0fdecdcf147cba1354c6eccec7908d10a3b44b87c6bdbbd6267b9e5bdb8e
1601c1cfc82d718d46138f6a4205cae60449697b94e6abf7586735ec2e05c3d0
16d6cac734ab48ecb1eec6cb659721f8a10196eadf2dd95f61f15db5c38d85e1
17faf53fa26619c4dcf15708517a439fcda2f78ddafe2189a1a13191d69f0795
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1e53b8865f7f1e34e44d14f6ff8789dd7f421e7d3c69e48dab33188ff4d99f4e
1f66620f7dae42af4a6a3d1217e1e15a05090cac7bba5828b69e6d3321e5f924
20545f62cacc3e3a80a10dd401ced245992723f2484975f3c8423524bd4ba8fe
2158f6295fd6de1f85e8230b955e5707d717af210d28722ba3f194e9a07f5b12
225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2
23292e15a94006a585a5b60337614c0f3afabdb7496828f7c01d70b5251fe948
2380f180199a4e2e4f231e34f97ac82949a84042e792ef5532be2956b99f563d
248f29128b27be9e2f3e75b6fb4cbac6b850561a675848f3dc5e85a41d202dae
24cf8320fb397268c97ce70195b927a1e772ad26fc927e54d0dfa44faa19f963
25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c
25352926b5c64cad67d81343ab4569d4c848a2a7e887c004348b1c3d66fc198f
25655740127e9b01b0e3702f6761f86273f17fa2580a3ce7c737402602b27d96
25d92c816baee223df1fc4f7f23b40e96e897474f0c28457d5ce7b93ba1da18b
26b28166f6f833af30f08f6532f8b26061a2a733c5e668b1f715801f64962a28
27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c
279fdbcafd4189a297decd414a82f611026e66394440456b17214652d03e9f85
28c34d137ec2cc383f7177e97e1d0d1855ec48e45536b9ae395b6ac1f26ee3f5
291586dcbfa372a7d476a30b58f5233a78cb2e3146aca09d6d1d615df0eb1e9e
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2f03a746457e8bb4430fa50f70da7360534fb946584602a9081228fbc2b18281
311a0f569f4066f63d2744cc321aa8c2daf5f713cd8568d0f8d64a00d142f7c9
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37b7324800833a23e9a2555603ab5da524f2e70788aa4c79fdbd34d7fd7e7797
38899fa191d4d1ffd01b37a42b266cf6f6602715f81c6d33579a9b6d8d93e4e1
3acb670729090c5673d274d03b979875e167e55c4854c248fa5dd30217cb9a2d
3b423ed9a58b66356d669553c47ee2e44a1c531fdb08870bf6d9f1e1cba4264b
3b90f60459b17f2ddf447768e249c21c662e70bde6148deff13643982f93f9a6
3d328cd7ebbe23e1e374ed449d6f332d9f179600b2a1defa08245a0d0aa6aef1
3d5ad6769c55230692f65960461804cc514aa9fb3537e9e0e0c8cac230360f16
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f1024b530219168976723a0cc68259ff570b91807366c59ea5cd6a365889c12
3f5e7fd2bfca920e7b07f4d5e62d28dc83d793c49bfff13bc0bbf17ce2873018
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407ee65fb36e344a9ce0f297b0165f0968d58e021f8294cd75ea4c67449de548
4097fbad0ebe3ead85ac2539732707c4e8428b6cabd16390d4bed98938a6fa07
409ed122e752c723ec625157d86183a8cc7727a794252aba803c11389be47009
41236151b4b86d0524124513a83612ab4fca5af59ac0b5e9e7640a4976778350
42167ae5105bd2d78308edd99849d57fdc4e0efc213f67b6eeab341ccfbf139a
434762a76dfd6af3bdeeb1f2de8dad923633467deb93e7c15ac71cd87e5b99df
448bbb82769ac61ff51ab6584fce6baf1cd44e60927c21a35106b2fb8c48475b
45b83f6b6a8fc5a941655b074f10b26bc4dfca4035c372326e1dba7307c82c43
464afcd8128470af2c00e32101a2df60a792586747321dd5afa9a21816a385ba
472c14b69dab114052924354027353019f4c1e5372c1c28be768be17b227192e
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
47f377c3555535581c28d43c044f2b5395b53273142b865b7f1e1fc0dc4e17c9
489a4bc87a34468a78ae982263ae283b8c38ba1c69701936652e89332cab50f0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c377ef6dbd2121079d1e52a65247920e23af449e1eeb5e31fd47c89284281e
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4971d648fef578e538300acd671c33074d6fcb313f4ba91da9c889f8a1b08b58
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6
4b7ee9e4f2ae9c3204f143602a0a3d9c7ba95d67cf69fd6ad6aec06824629601
4b9567f947e6f537c8c6858b78d5f31598d63aeb8e9013709494ce3a22fca803
4d7bc2e5c2959435469986ff3eb98d158edf428ed8eeccb0e8ffe31d3336c9ac
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
50f279761c523938ab4343556f143bb1ac4bd3874aa2c4e95b6d3b4ae5f5fab6
520be604b0799a1d9774251af08ebf9ca298190249c7a18b2e143ac91c42a042
52c93e3062d05ac961d93f0dcb33e826673778109ee29bb1c3ec82e3ccddcde3
535c661e9e7b6517b3c3d838e651ba0898f5ce2b412f30ed16c8a00dcf84e4f4
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5429c9d50e6222c5a8082411c59146871a585b8eadc84a9d7843ec0953274ef3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5498c97ef258d3703a0d206ef1a06404e928092a5869309ff52123a91051c993
5585dbeee1a15ae8e61c0d7696c4a6adb5199c78f406853c6f6697c76161bff7
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
57b34107b8f7999e55b91489c92d84cb8b966dc48efaf173ea6e3333b39ef1c9
5879b9b8a15704aa88a2bf10320cc5031338100722ac5b9b9ac16577bae396bd
596af34b9720d985e853aa530c096a8c3aac2a7522b666ddf9e25b109540958f
5a7360ce5db7ebcecb6a673d3a64c46fd55d474486ce305119c9a126bfb26ed7
5aaeb6f4c4f7230ab91a60ada0a703c7ddd8acd234014639875b5997b16f3ac6
5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1
5c3543eccad76ab8cfeddcc781e142c4d479485be7e6def4b641f55a74c35a75
5d3b1e91595e00d961f95eee4229b527cb8790f1e5718734ea0c85ffb69471cd
5de71115bac3f1f758eca422464fe879efcdbb719a3f31e16bc1d35da143ac67
5e03689add956a112f219f00ef02a806897e0198c63cfab0899cc02778a45978
60bf0c88c6571057e5b800e3ce88a44a0f57cdc05dc56d214afad636db7a1d4f
60d6d20e0b165b589f3424d8b4b0f76ca317d2d7d05cc31bba0b3a888daae40a
626bbb4ffad79dc1bb295cefb5cca07ab811e5c79ad9651b72c39561d237bb74
63d4bc54208405a5bf534678441e91b03c03e4b473334e458ef1ecf01134edae
6419c8923bcd1a5e445edcbc8b321f47851f1df786aae1b8a337d75d47c79702
65d8bcd474d5a24c89d8b63b3f71a19134df7bc8d073bdad664968d7da154ef2
665c85693540e618dbef636c5873892cced77211a7fa9f2aa6a1673ed657c5b6
67acfaf924135b067c753e52a504a3a70654c600c315bc6bd28b7354fa692c4d
67daf97ed0938eb20946252831d3466d174194694a33fb58a3d57442520d2bd3
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68d2cc4486c92a0541f96c95d990873464c25dfc943cc9eb573b60b32044f673
693fbd0ab5fc53069137459b79a060d087dc2a1ce0c5e13277297799a38ce621
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba54b0d518a916eb45f571557bc19a2ec243a2f33fa44ea9976b9ee2304266b
6ba9094583d95c7083607ec43702c4ff0171e7e1bb8427a28e43dd754f36c276
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6c84fcc5e8816b7cddd8eb995e8312b100a075b806201a4fde392191e77d5c8a
6db7a26b08d92a7419416615bbaf5c171defd874a43904895242c3190ff2175f
6e4a2fc305aea9f7e9c57e7882e06153e90c7db71b6600d98ebb462d08e86c12
6f95aa4d0f7e2770465337f912f435d712d620a0b4458d2c0afb3f1644ca72ba
6fdb0ffdaf37b5ce8c6faa41ae72a586095c09c44a87094c128859ff9234bd9b
713aa0cabaa57ebe333b3069a6975bd48987b8f3d1fe7da9f5fd52b5b626b017
7308a2c8fc393c0af6acae7a1069ddb3e8a80439658d2eb130da76aaae010291
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
743646567a4f543c24f68edca119af892f59de506a146c3a0e5285181b8d6d75
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
75355c4185c7ffb6e1b0e1cdb6ad0ffb9cb4503d0ae76dc06c2bf5b8a917c564
7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876
757319d72d19e7b6cb63668eae4b99a71034b21823786c4efce125f8de370b5d
765afd4fecb7007452c0ca77ea09b9c06da6b5ca5717025d7fd3ade66affb18d
76a3c7b3170e12de737f05774e3974e2dad68d57f9d7ac9975cf65a557335c44
76cc94c6a75b51234544327a46ed8941f690e1025ea19e0d993d1ce7c6ff74d1
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
778aadbbceff9922f947f84c190dbb37cd96b5fda1fa2b2857ff4ffa10878bf2
782785b02993c8745f53539f5c051691609557d45c31d8c53263de2c1b5ad2a0
78694eea42993409215dd038b586ee86c1e314460b58ca4441f5fda36dedce44
78b500e90f6cb61ee33b089466a0e81b896c7ee3b7ee5418a721543a2ae09f5e
78c42b32681d0ed2c4751ac49b8a6c2b44681a4be55c8308bd3bb0157881e37b
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7ae835aa3ea5b0d70cc0a7a1af1394545e3082cb20ec5e5dd0e87584e61c5cae
7b1842b81a7710de1d50dd5dc74ca1f129d0ee3594945ad3beb42ee196900169
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
81309cd747361ca3e364f13173e7f29b533febe65d486ec2fb630e9e2377c073
82164fb5aefd701319705aaf466529fb2ac1a91e6219bced5c1d02b594efba75
8327b8e8cf877b87688ffc35ac6117b1632c0916e128ee022a8a97a8f53017b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83943b7860887d42283f38d38ba313f207ec1c32b3fd45fd89d08507f17c50bc
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83dc708219d0e02a734559e86e8e26dad6948747698e8166a47c0ae75ab5f0f6
84308a10d38b977773b67c9ea1f6a052e7da47e408e434de8c8550b68da095d5
8435b9186f8d0490a28abc6f549e10535b7641421c977f76978a38096cfecf19
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965
86bc59e6e20be0b367afa3772aeecb5d29689c791492b5c7fcfda042eee894a0
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
894d82b7757970f47cb0df1d21a470aba50a19709853ef7d05da5193f664f819
897d6471eff0566a2037d50cf6b67bd8cfc9a76f9ee23bb9ddea8ed11eb74515
8a7f70493e85d28087c4402ac8b6aacf9ecdf64c9176efc449a8a761d937fcee
8aac1b4842c7455242d2d419945f292ac41dbebbdf2e8231c41b289afadd8d5b
8be7368e0f4ce7bc15dcebc8245dddcb9bae48ca2a50178109620ce4f5e4d07d
8c7a721c6c71e4f17f4ddefd50fd1c5d46e81573587424335ec62f7ac97a3705
8cbaaf798e2b671957103ad7f6b17b19e74e568b642d02724ad6840237184b4d
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f1310c655588faf022662db268ce663d4e320266162b2f8bc84a687a91232f1
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046
90b9506c7db0f2772e09628e1a031886fdfb13b0e115115e92784081bfbf5800
914c16946848dece98ded74c05e97db0e32ccf0a33134968e90fa447434d080a
91e9dadde6b17dba28e53d1a44fe16bf2643c4766744a720d1652155a6aa31e2
92482f69cf8b488f4e0364ce1ead48d89a0bac67ae2d147e7028fd14afb42aae
943d70459e01727f3cbba30fc4575809b208a3a1401b34b558eb8c1ca821d005
9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4
94aa760eb07cf77b0539489ff0cd53ce255b57c17bc0d11cbda5dfe52e894fe4
9742ad08db82dedf33acd2fe9bea9390d6197e672ccc2a6d3f40d87ed964824c
974713c15b3acf41b7528dadac6a4d140688a8e8c20acd63cc7a9b4b63f0cc88
97ad9ea52372002ccc53f2aa11079b9c7297bcd5d989be097ec016313ce47287
98299e7fdaea04de37a4a123fd9cef3055d82d786c7d1b31aac0f5d695c81143
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9de4196056e2ffb92e9e6eb78502d3ed77f71a1e8045434a907251ff0b998357
9e0b36ec7149545595899bcc63deb3404cb34c030d4571745dee771d87b9a730
a07d82dc523140ad08ee73c1d4b4d3d27d712c7cf2940a6c5c7d971f045cdbe5
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a2f97aa0fa7d4e6f3c3cd6a33401aabe05f161a30c411ca8eee5679b2cd17d86
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6fd348793c16aaf8ad37966e528325582aad94ffbe93729bc6ab51fe9c639f5
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aaf937454de00625f10f230a2e46a077e5ddb56bf31c1726e4ee402846a2e9e5
ab6f4de5516e5e5005d52c5c6f72cb63cc8fb4fe7cf864b1c9ffa979fbdc22cb
ab91a6fa88858bb3f4145297331d851d26bbeed7cb6470e12ba36324add0d185
aca4f78f6565cf5c888ff9101625789895680f616dd9c2daf62f8396c54a5152
ad29f2f1dd0f3e65be64c8c50673b20671760d7251811b8362da31193aba7625
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b
afcc7d4c37f00b942a814738c83a360fc2c247733d10c24aaab3a5c70b5886cc
b0956e10d2aea9078e471dbdef07d31fc46d2ab3117e50daf1165d33b44d4c20
b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2105aae1749b665f90ba0927c1a515eb774e50b7cd707f31b2f01851dbb17a4
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b476050bd16f18678b3061ad5e0a1181fce5592005cd9f2e632f97bf677de83a
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4
b53395330a1ee3b7643e963a119021bb8f527550b321d4c1e70ded8bf86a0e62
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b845cc761bcdc97fdd5108472145f300a11a6dc6446b1e0edbf293fcf9c25c3c
b8de063d7075aa9a9a68120f3eb37178e85777138d4154903a2d4b187b4a893d
b9ea721383ab8b781cf4e134974610fd06f6d4a458cd6f61a19170d681dc3b36
bad8f3f5c56ccff8f84e17cfeb6f423499ff60395f6b944573337604a3c55729
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbfab80d791a853415a874777184fa442df7d5f61e4da3171bfb5278e16cc6bf
bec1563922472b83555ebc07a1a592ac72c44e300f6352746eaa91ede53c6720
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
bfd4123ab2a2a83c90fd333cd848570b353105c9764cfdecb729db92849fe21b
c0f07509eb4f7c129bc5295c1fce5eed96e97081d99b235ea754c5ac1679edaa
c1ae771d7c611b6b2dd61ef59ee37f4bbaefe6ba451d5d2896aa2200e9060a00
c24ed4ecefc330034306015d331ef8c362cad5198df653f7e323966e1b329043
c30bff21de7d22fe0c7ad5dd7b4e9ad10516ca004628815b5bcb79853ffa8262
c4ac071df6c8ca689dacea4dddd544692b140c8fa1d5179d00c62300eea8df12
c4d10214d66669b2cc88ea8affa688376b10bce29d513a0401f4e44b3b187710
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c68bcc46dd3611e973e651a6c7dfa131a61468552cee3870c9bf9b207ab1839a
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
c915af6900dc5929f282dcaed409730e67d50a168d5424910261aeb942e41076
c99e85ef2caf3060f4e9fdfc0e2deb2e4ca3b1b21189e4648b3696190cc2e802
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cce58d4c04c5bc1c3c6cf3687222a843bc8f65c7425d10cb3ade72a7912e49c8
ccfddad2c1e5a4b2ece79fcef34c00cd5a1c024e252eef7fcf454e7c7027b9b1
cd0696cfeb70e138eb8c3b91789e0ad7999759537d53abc185595e2ae9967645
cd456e897b78da5e11de8896786c7224774c71b21f46d04bc65ee6f32b040958
cd7f7ccc5bd9430069c8ab0ee21279ef536cd7a6f25f266fec86655468393280
ce4e2f85e3de28b69ec7582d9ae02cfef2caa132ebcd204fa7fe5c5c6af86253
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd8d4e3f8de816bd53eb22bc272ade620d73bfcba29b43f442a386c89ddd1a9
d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d227ce43eeeab767d987a3ca998aeda5eafe94ca067603b6496834afe1fea87d
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d2def00881d35e71767fffbae26c1347a3d3f4c0de08370e2889cbb5edafcb9c
d35d1f0e85d049eaef03c698a43fb92d5e115e5a3d3fb69b8902a4f10166117b
d54b99754769e4c871583c276d4fae52d6fe493fa188ac09027a9deec6c46c7c
d585d9279e2fcffcb1ef224b9e92ee28b248dad82894f027aca6c27d534f2ae3
d6e3b5703ddd016c902373aed3e30d9532fc56bb712addc7365664d73e02d584
d78142d5636d8f5ffb6028a8e96349a54f69800dc3a1374a34475e9a582e4f04
d7a18af60149d105e1df041653f4306ba534e6d39ec10c1886ee31644e9306a6
d7b5a36d61bc8b3f4da377120e1fcd30b34783b28e49ea71f52355b260aa9485
d8b76096f9968180856a274ebdca6c80e739c4cd8348117934a9135373bd5f68
d95ad409230d1e166e34556896c1f7d07effb57a217c5900fe383931980cd65c
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f
da08e3c9ffa013580c65b3b8da2f39f3f866a96408b3df35e7d343d149899847
db231183198cda64eba1c88974c1d7de8b06a44c5a44a119394c402309b1543d
db293bf095eb3b98e595f6d7bd18d7fe5579e9366e79969b0b8b5af5b09df14d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd3d1551228dc80db17a265c182adb8f2b099d1dd733863ce8006c9048fc488e
de4d77c31d4475cfa56f851e82f3854ab73cc359dfc15d5aca21b21d2334ab28
e21fbf331cb5409d1ac2252b62c88ba8f544fa2c6dea037e10c24179257604b6
e2f0479fc8ffb841ef291080ea1303a4dd282142aacd73986ebecb6a8d1d3cfc
e31abfba9498eb99c83e4d738058db4f316f1a3ef6d33e8dbb2cd5cf077096cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5235b9bab8f3e03517428422f94e0cfc8f356ce0089cfc60a0a7032af1825c2
e63c80d00a745ebf3f7461021781c798604a3a9bd97b2ba34139ef8e203af5b0
e7a970ce3a3056ad1ba632654c9009231d98f431c2b4f45c63c98155dcba0539
e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
ed1393afc9faa8f11f9e44d2e7316ab3d3be0a1241bca9addec882889f09a1f1
ed4ef2139cd317225ee317868a334ddb6218915eeb808fa9d8017ab6e9dbabdc
ed87b0dd26c35d91acc05af619eb30a77f9580500ecc6d6cea465c5f2cd1a534
edbb94901d3cec29434d8f6437a16a07a545c54c27cbb2e90a4f8c9dfff946db
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef72d6f04a38731b15b724780eda2df7e91ea7f319c961c4cbc75742f2fa9c95
ef80d33e7231024e5de8a7c54421048c15c53032f042c184763b2550fa0b6402
f09769d783a6f6cd0be02b874c4b7fedfbafbc50b7bfc3438725c459cb127961
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f115fba23f6e891e20ffb8649dfd79ae3bb2f132e1762f080eb80d39362cb722
f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca
f262a30ffecaebe042e8f946ce032ecc8b270f34c0e2b41b8719ebbb21200aa4
f279fdffc25bcd2487f3b1b618e07e59e3bca85ec1ff80ded34f786d98184c6d
f4a1f2dfe79b751c36aca5e01379145e3842614d4363b6384267f0b514abd133
f71c45144081e4d0f1cdb4fb35c950905af346fe23c4331cbadd873c471b0f2f
f838a783f1e2c3d9a71f360d449ef72f52a59b4ba07855ca1cd41459bb0cea50
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
fbd39dbfbe1d728ea2ab4d90786d2079869290f62825d82a55c920d52cbc4327
fdde09ec902ff630c0ee1f01f78665b4da34a828bf30c70e6dc85cd23cb20fc1
fdef617a43d55e729cf502763d6f83b4db3e916ef26999422227c2564a30c9e6
fe089a44eef9aee80ece8d6836c5fcbd964c16d720aa918a5a0ff0da028416e4
fe34792ea8ba0ae4857c81c1ae6509243b9c1b489ce9e2fb27f781a310d744a1
fe62b083158d8f9ec7f6366a765097a8b69dd1a44be83c4e152bd955f89ef192
fe8eb198a315d2b2646e15b00d02bcb13d98ca5267b5a46744397e8ad07e674e

vnexpress.net Open in urlscan Pro 111.65.250.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

774 Requests

98 %HTTPS

40 %IPv6

78 Domains

152 Subdomains

110 IPs

15 Countries

13324 kBTransfer

36779 kBSize

0 Cookies

46 Outgoing links

Page URL History

Redirected requests

774 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vnexpress.net Open in urlscan Pro
111.65.250.2 Public Scan

Screenshot
Live screenshot

Full Image

774
Requests

98 %
HTTPS

40 %
IPv6

78
Domains

152
Subdomains

110
IPs

15
Countries

13324 kB
Transfer

36779 kB
Size

0
Cookies

774 HTTP transactions
15 data transactions