urlscan.io logo urlscan.io
SecurityTrails logo

vnexpress.net Open in urlscan Pro
111.65.250.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://5wify31.gaku23.info/4Amt
Effective URL: https://vnexpress.net/
Submission: On January 09 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 108 IPs in 14 countries across 82 domains to perform 851 HTTP transactions. The main IP is 111.65.250.2, located in Ho Chi Minh City, Viet Nam and belongs to FPTONLINE-AS-VN FPT Online JSC, VN. The main domain is vnexpress.net. The Cisco Umbrella rank of the primary domain is 31636.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on January 21st 2021. Valid for: a year.
This is the only time vnexpress.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 47.250.41.162 45102 (CNNIC-ALI...)
1 10 111.65.250.2 45894 (FPTONLINE...)
4 2a00:1450:400... 15169 (GOOGLE)
6 111.65.249.130 45894 (FPTONLINE...)
8 2a00:1450:400... 15169 (GOOGLE)
56 2a0b:4d07:101::1 44239 (PROINITY ...)
2 111.65.251.2 45894 (FPTONLINE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 180.148.129.21 45894 (FPTONLINE...)
4 1.55.119.42 18403 (FPT-AS-AP...)
31 142.250.184.194 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 111.65.249.131 45894 (FPTONLINE...)
1 9 2a00:1450:400... 15169 (GOOGLE)
4 180.148.132.75 45894 (FPTONLINE...)
3 111.65.248.197 45894 (FPTONLINE...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 111.65.249.225 45894 (FPTONLINE...)
2 180.148.132.197 45894 (FPTONLINE...)
1 180.148.141.233 45894 (FPTONLINE...)
2 111.65.249.224 45894 (FPTONLINE...)
1 103.132.192.30 138552 (RTBHOUSE-...)
4 185.64.189.112 62713 (AS-PUBMATIC)
1 178.250.0.165 44788 (ASN-CRITE...)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 6 37.252.172.37 29990 (ASN-APPNEX)
1 2 185.94.180.126 35220 (SPOTX-AMS)
9 2a02:2638::3 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 125.212.217.26 7552 (VIETEL-AS...)
27 111.65.251.70 45894 (FPTONLINE...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
24 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 20 2a00:1450:401... 15169 (GOOGLE)
1 185.170.61.211 27381 (CASALE-MEDIA)
36 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638:1::11 44788 (ASN-CRITE...)
9 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
48 34.195.16.202 14618 (AMAZON-AES)
1 178.250.2.148 44788 (ASN-CRITE...)
7 2607:f8b0:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 74.125.71.156 15169 (GOOGLE)
5 178.250.2.135 44788 (ASN-CRITE...)
3 178.250.2.150 44788 (ASN-CRITE...)
2 3.217.20.60 14618 (AMAZON-AES)
2 7 2.18.234.21 16625 (AKAMAI-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:401... 15169 (GOOGLE)
1 2 52.46.130.91 16509 (AMAZON-02)
6 7 142.250.74.194 15169 (GOOGLE)
2 3 3.33.220.150 16509 (AMAZON-02)
2 11 2620:116:800d... 16509 (AMAZON-02)
1 192.132.33.46 18568 (BIDTELLECT)
1 1 50.16.141.46 14618 (AMAZON-AES)
15 60 2.18.234.233 16625 (AKAMAI-AS)
34 146.20.132.159 27357 (RACKSPACE)
36 213.19.147.43 26120 (RHYTHMONE)
12 147.75.61.140 54825 (PACKET)
12 34.149.20.76 15169 (GOOGLE)
6 142.250.185.162 15169 (GOOGLE)
1 142.250.186.34 15169 (GOOGLE)
2 3 37.252.172.45 29990 (ASN-APPNEX)
1 54.174.213.70 14618 (AMAZON-AES)
3 185.94.180.124 35220 (SPOTX-AMS)
23 2001:4de0:ac1... 20446 (HIGHWINDS3)
23 151.139.128.11 20446 (HIGHWINDS3)
3 2.18.233.180 16625 (AKAMAI-AS)
1 151.101.1.108 54113 (FASTLY)
1 67.202.105.22 32748 (STEADFAST)
6 15 146.20.128.152 27357 (RACKSPACE)
1 35.244.174.68 15169 (GOOGLE)
1 2 47.252.78.131 45102 (CNNIC-ALI...)
1 1 8.2.110.134 46636 (NATCOWEB)
1 52.18.103.74 16509 (AMAZON-02)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 2a00:1450:400... 15169 (GOOGLE)
84 146.20.128.52 27357 (RACKSPACE)
1 185.64.190.78 62713 (AS-PUBMATIC)
3 4 37.157.2.236 198622 (ADFORM)
2 2 213.155.156.166 1299 (TWELVE99 ...)
1 16 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
3 3 151.101.130.49 54113 (FASTLY)
2 2 34.205.3.24 14618 (AMAZON-AES)
2 13 52.31.13.93 16509 (AMAZON-02)
2 2 185.29.134.244 30419 (MEDIAMATH...)
1 3 185.64.190.81 62713 (AS-PUBMATIC)
1 2 51.210.112.236 16276 (OVH)
2 7 34.254.143.3 16509 (AMAZON-02)
8 169.50.137.184 36351 (SOFTLAYER)
2 2 3.126.56.137 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
5 5 18.198.172.5 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 3 66.155.71.150 13768 (COGECO-PEER1)
11 54.77.243.210 16509 (AMAZON-02)
11 18.157.100.237 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.227.248.159 15169 (GOOGLE)
1 1 34.107.184.81 15169 (GOOGLE)
10 198.8.71.129 54312 (ROCKETFUEL)
3 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:401... 15169 (GOOGLE)
1 2a00:1450:402... 15169 (GOOGLE)
1 198.47.127.20 62713 (AS-PUBMATIC)
2 2a00:1450:400... 15169 (GOOGLE)
5 6 104.111.215.191 16625 (AKAMAI-AS)
9 52.72.119.123 14618 (AMAZON-AES)
2 2 34.205.232.45 14618 (AMAZON-AES)
2 2 3.120.18.167 16509 (AMAZON-02)
3 3 198.47.127.18 3257 (GTT-BACKB...)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 23.88.75.187 24940 (HETZNER-AS)
1 1 35.244.210.213 15169 (GOOGLE)
1 1 54.37.36.178 16276 (OVH)
1 1 34.102.253.54 15169 (GOOGLE)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.2.146 44788 (ASN-CRITE...)
1 111.65.248.229 45894 (FPTONLINE...)
1 172.217.16.130 ()
26 26 2a05:d018:24:... ()
6 6 13.32.99.105 ()
5 5 2001:678:cb4:... ()
5 5 34.248.159.172 ()
851 108
1    47.250.41.162 (Kuala Lumpur, Malaysia)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
5wify31.gaku23.info
10    111.65.250.2 (Ho Chi Minh City, Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
vnexpress.net
4    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    111.65.249.130 (Ho Chi Minh City, Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
s.eclick.vn
8    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
56    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
s1cdn.vnecdn.net
vcdn1-vnexpress.vnecdn.net
vcdn1-suckhoe.vnecdn.net
vcdn1-thethao.vnecdn.net
vcdn1-giaitri.vnecdn.net
vcdn1-giadinh.vnecdn.net
scdn.eclick.vn
vcdn1-kinhdoanh.vnecdn.net
2    111.65.251.2 (Ho Chi Minh City, Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
PTR: mx1.gatemail.vn
s1.vnecdn.net
s.vnecdn.net
5    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    180.148.129.21 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
logperf.vnexpress.net
4    1.55.119.42 (Ho Chi Minh City, Viet Nam)

ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN)
octopus-stream01-cads.fpt.vn
31    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
3    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    111.65.249.131 (Ho Chi Minh City, Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
static.eclick.vn
9    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    180.148.132.75 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
gw.vnexpress.net
3    111.65.248.197 (Ho Chi Minh City, Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
usi-saas.vnexpress.net
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a00:1450:4001:82f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
2    111.65.249.225 (Ho Chi Minh City, Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
adp.vnecdn.net
2    180.148.132.197 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
la2.vnecdn.net
1    180.148.141.233 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
la.vnecdn.net
2    111.65.249.224 (Ho Chi Minh City, Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
g.eclick.vn
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
cpm.unibots.in
6    37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
9    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.co.uk
6    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
970bb371e797f506c00881496b4bb0e1.safeframe.googlesyndication.com
24f368ee55be02fd0a6e9b86a36b4619.safeframe.googlesyndication.com
4    125.212.217.26 (Ho Chi Minh City, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)
optimize.urekamedia.com
27    111.65.251.70 (Ho Chi Minh City, Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
PTR: mx1.edm1.gatemail.vn
is.vnecdn.net
4    2606:4700:3034::6815:6036 (United States)

ASN13335 (CLOUDFLARENET, US)
solution.urekamedia.com
bd.urekamedia.com
24    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
20    2a00:1450:4019:800::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
1    185.170.61.211 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a5270.casalemedia.com
36    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
9    2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
48    34.195.16.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-16-202.compute-1.amazonaws.com
track1.aniview.com
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
7    2607:f8b0:4005:813::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    74.125.71.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f156.1e100.net
bid.g.doubleclick.net
5    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
3    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    3.217.20.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-20-60.compute-1.amazonaws.com
go1.aniview.com
7    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
js-sec.indexww.com
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4016:1::9 (Ireland)

ASN15169 (GOOGLE, US)
r4---sn-h0jeln7l.c.2mdn.net
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
7    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
3    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
11    2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    50.16.141.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-141-46.compute-1.amazonaws.com
nep.advangelists.com
60    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
34    146.20.132.159 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
36    213.19.147.43 (United Kingdom)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
tag.1rx.io
12    147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
12    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
6    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
ade.googlesyndication.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads4.g.doubleclick.net
3    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    54.174.213.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-213-70.compute-1.amazonaws.com
sync.aniview.com
3    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
23    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
cdn.stickyadstv.com
23    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
ad.lkqd.net
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
15    146.20.128.152 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
1    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
1    52.18.103.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-103-74.eu-west-1.compute.amazonaws.com
c.deployads.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
84    146.20.128.52 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.166 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com
d5p.de17a.com
16    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    34.205.3.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-3-24.compute-1.amazonaws.com
sync.srv.stackadapt.com
13    52.31.13.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh
pixel.onaudience.com
7    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
loadm.exelator.com
8    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    18.198.172.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-172-5.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
3    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
11    54.77.243.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-243-210.eu-west-1.compute.amazonaws.com
ice.360yield.com
11    18.157.100.237 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
tapestry.tapad.com
1    34.107.184.81 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 81.184.107.34.bc.googleusercontent.com
nxd.adhaven.com
10    198.8.71.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4016:5::8 (Ireland)

ASN15169 (GOOGLE, US)
rr3---sn-h0jelne7.googlevideo.com
1    2a00:1450:4021::8 (Ireland)

ASN15169 (GOOGLE, US)
rr3---sn-h0jeenek.googlevideo.com
1    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    2a00:1450:400c:c1b::64 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
s.youtube.com
6    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
9    52.72.119.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-119-123.compute-1.amazonaws.com
rtb.adentifi.com
2    34.205.232.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-232-45.compute-1.amazonaws.com
vop.sundaysky.com
2    3.120.18.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-18-167.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
3    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    23.88.75.187 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.75.88.23.clients.your-server.de
csync.loopme.me
1    35.244.210.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.210.244.35.bc.googleusercontent.com
freewheel.adhaven.com
1    54.37.36.178 (France)

ASN16276 (OVH, FR)
PTR: ip178.ip-54-37-36.eu
umfw.adscience.nl
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    111.65.248.229 (Ho Chi Minh City, Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
core.polyad.net
1    172.217.16.130 (None, )

ASN- ()
www.googleadservices.com
26    2a05:d018:24:b002:6973:f435:affb:5901 (None, )

ASN- ()
sync.tidaltv.com
6    13.32.99.105 (None, )

ASN- ()
sb.scorecardresearch.com
5    2001:678:cb4:bbbb::13 (None, )

ASN- ()
d.turn.com
5    34.248.159.172 (None, )

ASN- ()
dpm.demdex.net
Apex Domain
Subdomains		 Transfer
156 lkqd.net
v.lkqd.net — Cisco Umbrella Rank: 3797
ad.lkqd.net — Cisco Umbrella Rank: 13091
cs.lkqd.net — Cisco Umbrella Rank: 2479
t.lkqd.net — Cisco Umbrella Rank: 9123
756 KB
89 vnecdn.net
s1.vnecdn.net — Cisco Umbrella Rank: 49367 Failed
s1cdn.vnecdn.net — Cisco Umbrella Rank: 158424 Failed
vcdn1-vnexpress.vnecdn.net — Cisco Umbrella Rank: 141247
vcdn1-suckhoe.vnecdn.net — Cisco Umbrella Rank: 203617
vcdn1-thethao.vnecdn.net — Cisco Umbrella Rank: 313762
vcdn1-giaitri.vnecdn.net — Cisco Umbrella Rank: 277605
vcdn1-giadinh.vnecdn.net — Cisco Umbrella Rank: 465341
adp.vnecdn.net — Cisco Umbrella Rank: 50365
la2.vnecdn.net — Cisco Umbrella Rank: 48111
la.vnecdn.net — Cisco Umbrella Rank: 50409
vcdn1-kinhdoanh.vnecdn.net — Cisco Umbrella Rank: 235967
is.vnecdn.net — Cisco Umbrella Rank: 145387
s.vnecdn.net — Cisco Umbrella Rank: 76593
3 MB
83 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 601
cdn.stickyadstv.com — Cisco Umbrella Rank: 2380
2 MB
72 googlesyndication.com
163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
970bb371e797f506c00881496b4bb0e1.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 127
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
24f368ee55be02fd0a6e9b86a36b4619.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 277
438 KB
62 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
bid.g.doubleclick.net — Cisco Umbrella Rank: 426
cm.g.doubleclick.net — Cisco Umbrella Rank: 169
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
pubads.g.doubleclick.net — Cisco Umbrella Rank: 490
538 KB
60 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2084
track1.aniview.com — Cisco Umbrella Rank: 2043
go1.aniview.com — Cisco Umbrella Rank: 4979
sync.aniview.com — Cisco Umbrella Rank: 2447
494 KB
31 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 448
ads.pubmatic.com — Cisco Umbrella Rank: 446
image6.pubmatic.com — Cisco Umbrella Rank: 531
image2.pubmatic.com — Cisco Umbrella Rank: 862
simage2.pubmatic.com — Cisco Umbrella Rank: 481
image4.pubmatic.com — Cisco Umbrella Rank: 741
simage4.pubmatic.com — Cisco Umbrella Rank: 967
image8.pubmatic.com — Cisco Umbrella Rank: 542
37 KB
26 tidaltv.com
sync.tidaltv.com
8 KB
24 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 655
2 KB
20 google.com
analytics.google.com — Cisco Umbrella Rank: 971
www.google.com — Cisco Umbrella Rank: 8
accounts.google.com — Cisco Umbrella Rank: 74
adservice.google.com — Cisco Umbrella Rank: 69
77 KB
18 vnexpress.net
vnexpress.net — Cisco Umbrella Rank: 31636
logperf.vnexpress.net — Cisco Umbrella Rank: 120416 Failed
gw.vnexpress.net — Cisco Umbrella Rank: 50564
usi-saas.vnexpress.net — Cisco Umbrella Rank: 47964
323 KB
17 criteo.net
static.criteo.net — Cisco Umbrella Rank: 587
pix.eu.criteo.net — Cisco Umbrella Rank: 7190
csm.eu.criteo.net — Cisco Umbrella Rank: 7303
115 KB
15 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
imasdk.googleapis.com — Cisco Umbrella Rank: 427
2 MB
13 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 450
6 KB
13 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1506
ssc-cms.33across.com — Cisco Umbrella Rank: 826
2 KB
12 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1243
2 KB
12 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1027
3 KB
12 gstatic.com
csi.gstatic.com
fonts.gstatic.com
57 KB
11 advertising.com
ads.adaptv.advertising.com — Cisco Umbrella Rank: 1034
14 KB
11 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1335
3 KB
11 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 380
cms.quantserve.com — Cisco Umbrella Rank: 956
3 KB
10 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 606
6 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 351
acdn.adnxs.com — Cisco Umbrella Rank: 534
36 KB
10 eclick.vn
s.eclick.vn — Cisco Umbrella Rank: 42802 Failed
static.eclick.vn — Cisco Umbrella Rank: 54556
scdn.eclick.vn — Cisco Umbrella Rank: 174264
g.eclick.vn — Cisco Umbrella Rank: 47781
137 KB
9 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 910
792 B
8 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 631
3 KB
8 urekamedia.com
optimize.urekamedia.com — Cisco Umbrella Rank: 84644
solution.urekamedia.com — Cisco Umbrella Rank: 233312
bd.urekamedia.com — Cisco Umbrella Rank: 113229
42 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 693
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11592
ads.eu.criteo.com — Cisco Umbrella Rank: 7328
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9529
dis.criteo.com — Cisco Umbrella Rank: 574
gum.criteo.com — Cisco Umbrella Rank: 339
mug.criteo.com — Cisco Umbrella Rank: 3226
47 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 151 Failed
275 KB
7 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 18753
loadm.exelator.com — Cisco Umbrella Rank: 798
5 KB
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 649
d.turn.com
3 KB
7 casalemedia.com
a5270.casalemedia.com — Cisco Umbrella Rank: 585834
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
8 KB
6 scorecardresearch.com
sb.scorecardresearch.com
2 KB
6 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 402
4 KB
5 demdex.net
dpm.demdex.net
3 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 254
3 KB
5 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 418
search.spotxchange.com — Cisco Umbrella Rank: 360
4 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33 Failed
74 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 524
2 KB
4 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 953
r4---sn-h0jeln7l.c.2mdn.net — Cisco Umbrella Rank: 932328
s0.2mdn.net — Cisco Umbrella Rank: 245
4 MB
4 google.de
www.google.de — Cisco Umbrella Rank: 6151
adservice.google.de — Cisco Umbrella Rank: 8579
1 KB
4 fpt.vn
octopus-stream01-cads.fpt.vn — Cisco Umbrella Rank: 53960
130 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
182 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 678
s.tribalfusion.com — Cisco Umbrella Rank: 1925
2 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 547
2 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 249
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 404
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491 Failed
891 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 2787
1 KB
2 youtube.com
s.youtube.com — Cisco Umbrella Rank: 744
2 googlevideo.com
rr3---sn-h0jelne7.googlevideo.com — Cisco Umbrella Rank: 123030
rr3---sn-h0jeenek.googlevideo.com — Cisco Umbrella Rank: 125790
3 MB
2 adhaven.com
nxd.adhaven.com — Cisco Umbrella Rank: 28494
freewheel.adhaven.com — Cisco Umbrella Rank: 10161
500 B
2 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 2114 Failed
1 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1264
734 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 372
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 763
878 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4740
637 B
2 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 2551
395 B
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 263
1 KB
2 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 5259
914 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 202
16 KB
1 googleadservices.com
www.googleadservices.com
1 polyad.net
core.polyad.net — Cisco Umbrella Rank: 75838
508 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 528
393 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 2661
465 B
1 adscience.nl
umfw.adscience.nl — Cisco Umbrella Rank: 8412
485 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 877
205 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2042
534 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 224
2 KB
1 tapad.com
tapestry.tapad.com — Cisco Umbrella Rank: 946
496 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 398
13 KB
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2366
104 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1537
501 B
1 deployads.com
c.deployads.com — Cisco Umbrella Rank: 2600
285 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 7735
571 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 279
66 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 586
425 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 1719
234 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 644
380 B
1 unibots.in
cpm.unibots.in — Cisco Umbrella Rank: 40173
260 B
1 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 15179
175 B
1 gaku23.info
5wify31.gaku23.info
165 B
851 82
Domain Requested by
84 t.lkqd.net ad.lkqd.net
60 ads.stickyadstv.com 15 redirects player.aniview.com
cdn.stickyadstv.com
ad.lkqd.net
48 track1.aniview.com vnexpress.net
player.aniview.com
40 s1cdn.vnecdn.net vnexpress.net
s1cdn.vnecdn.net
36 pagead2.googlesyndication.com 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
vnexpress.net
www.googletagservices.com
googleads.g.doubleclick.net
srcdoc
34 v.lkqd.net player.aniview.com
ad.lkqd.net
27 is.vnecdn.net vnexpress.net
26 sync.tidaltv.com 26 redirects
24 targeting.unrulymedia.com player.aniview.com
24 tpc.googlesyndication.com 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
imasdk.googleapis.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
vnexpress.net
23 ad.lkqd.net player.aniview.com
ad.lkqd.net
23 cdn.stickyadstv.com player.aniview.com
cdn.stickyadstv.com
20 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
vnexpress.net
163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
bd.urekamedia.com
19 googleads.g.doubleclick.net 1 redirects vnexpress.net
163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
15 cs.lkqd.net 6 redirects ad.lkqd.net
13 match.prod.bidr.io 2 redirects ads.pubmatic.com
ad.lkqd.net
13 imasdk.googleapis.com 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
player.aniview.com
imasdk.googleapis.com
vnexpress.net
12 ssc.33across.com player.aniview.com
12 tag.1rx.io player.aniview.com
12 prebid.a-mo.net player.aniview.com
11 ads.adaptv.advertising.com ad.lkqd.net
11 ice.360yield.com ad.lkqd.net
11 pubads.g.doubleclick.net imasdk.googleapis.com
vnexpress.net
10 p.rfihub.com ad.lkqd.net
10 simage2.pubmatic.com 1 redirects ads.pubmatic.com
vnexpress.net
10 vnexpress.net 1 redirects vnexpress.net
s1cdn.vnecdn.net
9 rtb.adentifi.com ad.lkqd.net
9 cms.quantserve.com ad.lkqd.net
9 player.aniview.com solution.urekamedia.com
player.aniview.com
9 static.criteo.net s.eclick.vn
static.criteo.net
ads.eu.criteo.com
9 www.google.com 1 redirects vnexpress.net
163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
8 um.simpli.fi ads.pubmatic.com
vnexpress.net
8 www.googletagservices.com vnexpress.net
securepubads.g.doubleclick.net
163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
7 cm.g.doubleclick.net 6 redirects ssum-sec.casalemedia.com
7 csi.gstatic.com imasdk.googleapis.com
6 sb.scorecardresearch.com 6 redirects
6 tags.bluekai.com 5 redirects vnexpress.net
6 image2.pubmatic.com ads.pubmatic.com
6 ade.googlesyndication.com vnexpress.net
6 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
6 ib.adnxs.com 2 redirects s.eclick.vn
ssum-sec.casalemedia.com
acdn.adnxs.com
6 vcdn1-vnexpress.vnecdn.net vnexpress.net
6 s.eclick.vn vnexpress.net
s1.vnecdn.net
s.eclick.vn
5 loadm.exelator.com ad.lkqd.net
5 dpm.demdex.net 5 redirects
5 d.turn.com 5 redirects
5 x.bidswitch.net 5 redirects
5 pix.eu.criteo.net ads.eu.criteo.com
5 fonts.gstatic.com fonts.googleapis.com
5 www.google-analytics.com vnexpress.net
www.google-analytics.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 optimize.urekamedia.com securepubads.g.doubleclick.net
optimize.urekamedia.com
4 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 hbopenbid.pubmatic.com s.eclick.vn
player.aniview.com
4 gw.vnexpress.net s1cdn.vnecdn.net
4 octopus-stream01-cads.fpt.vn vnexpress.net
octopus-stream01-cads.fpt.vn
4 vcdn1-thethao.vnecdn.net vnexpress.net
4 www.googletagmanager.com vnexpress.net
www.googletagmanager.com
3 image8.pubmatic.com 3 redirects
3 pixel-sync.sitescout.com 3 redirects
3 image4.pubmatic.com 1 redirects ads.pubmatic.com
3 sync-tm.everesttech.net vnexpress.net
3 ads.pubmatic.com s.eclick.vn
player.aniview.com
ads.pubmatic.com
3 search.spotxchange.com player.aniview.com
3 secure.adnxs.com 2 redirects optimize.urekamedia.com
3 match.adsrvr.org 2 redirects ssum-sec.casalemedia.com
3 csm.eu.criteo.net ads.eu.criteo.com
3 accounts.google.com s1cdn.vnecdn.net
3 usi-saas.vnexpress.net s1cdn.vnecdn.net
3 www.google.de vnexpress.net
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 gum.criteo.com 1 redirects static.criteo.net
2 ads.creative-serving.com 2 redirects
2 s.youtube.com vnexpress.net
2 a.tribalfusion.com 2 redirects
2 vop.sundaysky.com vnexpress.net
2 ups.analytics.yahoo.com 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 d5p.de17a.com 2 redirects
2 ad.turn.com 2 redirects
2 event.clientgear.com 1 redirects ad.lkqd.net
2 pixel.quantserve.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 r4---sn-h0jeln7l.c.2mdn.net vnexpress.net
2 ssum-sec.casalemedia.com 1 redirects 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
2 go1.aniview.com player.aniview.com
2 bd.urekamedia.com player.aniview.com
vnexpress.net
2 fonts.googleapis.com 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
cdnjs.cloudflare.com
2 solution.urekamedia.com vnexpress.net
2 adservice.google.co.uk securepubads.g.doubleclick.net
2 sync.search.spotxchange.com 1 redirects vnexpress.net
2 g.eclick.vn s1.vnecdn.net
scdn.eclick.vn
2 la2.vnecdn.net s1.vnecdn.net
vnexpress.net
2 adp.vnecdn.net s1.vnecdn.net
2 cdnjs.cloudflare.com s1cdn.vnecdn.net
ads.eu.criteo.com
2 vcdn1-giaitri.vnecdn.net vnexpress.net
2 analytics.google.com www.googletagmanager.com
1 www.googleadservices.com
1 core.polyad.net s.vnecdn.net
1 mug.criteo.com
1 s.vnecdn.net www.googletagmanager.com
1 bh.contextweb.com 1 redirects
1 ads.playground.xyz 1 redirects
1 umfw.adscience.nl 1 redirects
1 freewheel.adhaven.com 1 redirects
1 csync.loopme.me 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 rr3---sn-h0jeenek.googlevideo.com vnexpress.net
1 rr3---sn-h0jelne7.googlevideo.com 1 redirects
1 yt3.ggpht.com vnexpress.net
1 s.tribalfusion.com 1 redirects
1 nxd.adhaven.com 1 redirects
1 tapestry.tapad.com optimize.urekamedia.com
1 cdn.jsdelivr.net optimize.urekamedia.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 s0.2mdn.net imasdk.googleapis.com
1 c.deployads.com ad.lkqd.net
1 cs.krushmedia.com 1 redirects
1 idsync.rlcdn.com ad.lkqd.net
1 ssc-cms.33across.com player.aniview.com
1 acdn.adnxs.com s.eclick.vn
1 sync.aniview.com player.aniview.com
1 googleads4.g.doubleclick.net vnexpress.net
1 js-sec.indexww.com ssum-sec.casalemedia.com
1 nep.advangelists.com 1 redirects
1 bttrack.com ssum-sec.casalemedia.com
1 24f368ee55be02fd0a6e9b86a36b4619.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
1 rtb.nl.eu.criteo.com vnexpress.net
1 a5270.casalemedia.com 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
1 970bb371e797f506c00881496b4bb0e1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 cpm.unibots.in s.eclick.vn
1 bidder.criteo.com s.eclick.vn
1 prebid-asia.creativecdn.com s.eclick.vn
1 vcdn1-kinhdoanh.vnecdn.net vnexpress.net
1 la.vnecdn.net s1.vnecdn.net
1 scdn.eclick.vn s.eclick.vn
1 vcdn1-giadinh.vnecdn.net vnexpress.net
1 static.eclick.vn vnexpress.net
1 vcdn1-suckhoe.vnecdn.net vnexpress.net
1 logperf.vnexpress.net vnexpress.net
1 s1.vnecdn.net vnexpress.net
1 5wify31.gaku23.info 1 redirects
851 156
Subject Issuer Validity Valid
*.vnexpress.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-01-21 -
2022-02-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.eclick.vn
GlobalSign GCC R3 DV TLS CA 2020		 2021-01-21 -
2022-02-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.vnecdn.net
Sectigo RSA Domain Validation Secure Server CA		 2019-12-09 -
2022-03-08		 2 years crt.sh
*.fpt.vn
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-14 -
2022-05-15		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.unibots.in
AlphaSSL CA - SHA256 - G2		 2021-09-02 -
2022-10-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
optimize.urekamedia.com
R3		 2021-11-11 -
2022-02-09		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2021-01-13 -
2022-02-14		 a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-25		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-11-30 -
2022-02-08		 2 months crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.a-mo.net
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-11-26 -
2022-02-24		 3 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.stickyadstv.com
DigiCert SHA2 High Assurance Server CA		 2019-11-25 -
2022-02-18		 2 years crt.sh
ad.lkqd.net
R3		 2021-12-02 -
2022-03-02		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.360yield.com
Amazon		 2021-07-28 -
2022-08-26		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2022-06-18		 2 years crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.polyad.net
Sectigo RSA Domain Validation Secure Server CA		 2021-01-22 -
2022-02-22		 a year crt.sh

This page contains 106 frames:

Primary Page: https://vnexpress.net/
Frame ID: 2ADD25E9753DBFC478C09D78D738C7AA
Requests: 364 HTTP requests in this frame

Frame: https://g.eclick.vn/delivery/eclookup.html?fosp_aid=0c4k3lhxtzag0cpl.1641692148.des&orig_aid=0c4k3lhxtzag0cpl.1641692148.des&myvne_user_id=0
Frame ID: 3FEBB68F406DA2BD18880C829FE389B4
Requests: 1 HTTP requests in this frame

Frame: https://s.eclick.vn/delivery/sync_retar.html
Frame ID: 30DAE14B4171B5B4F1A226AB48EAA939
Requests: 1 HTTP requests in this frame

Frame: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2579EA7C43A5C00C2A2AC6F85F76DD64
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAtmBvyKz0YwbdSpE3nv-dRu4BxKlhI9bkV51aiw-PoFosw79Wqv8nQBs3FBhhYOjfb_YrqkEda3ZpM45JNRgOALS5rRMFL_BVWDlEu8GLAhFiE8qeTl3L2NqWtbIQSWxHuTTc1gK2NuMxUrzwp0mNkKMgrS9MRnhzuJ0mCaws5X6kzAP3PIx5ycIEL9GSYnaeg2970X5l4Y_nos4hpURzfjL5FIprAMnNVJ2R0lWGvvnAeoqybflDSr--0TvIV3EFWJRd2Icq2t-rbe4vH8gPQs7o73UHvVZvdKzFLysiHhXKL3Izzgf_TYK00QifvlNTimXN-k70aLfYxvSxLSlgRL4&sai=AMfl-YRbpdMFZR2nHmq0IpweUDmNEwQkwF99micv0WuzgkrSJ4E_L1Jjaz-k_WKiLBYDPSn6_gVVo_fh0L4m-3dVBw2JD25nKBcQ_TzRlT8o_cjv5YIE4iS-1T8DHKHrz4c4&sig=Cg0ArKJSzKuGyAw9PzFFEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B3A2E43FFE0928AB2D4AAA83905EB7DE
Requests: 15 HTTP requests in this frame

Frame: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 75DAB47DA50BC5490FA56481B55F168B
Requests: 38 HTTP requests in this frame

Frame: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D6629A3A70B7F3136B5E1DDD5770565C
Requests: 10 HTTP requests in this frame

Frame: https://970bb371e797f506c00881496b4bb0e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 20A1B859D016080C9B05D905FE4C1A7E
Requests: 1 HTTP requests in this frame

Frame: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1AB58C76C454C1A82AB92DFB523ED355
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQLEZ_mXTByL2hjI512_jbEzUI27OVOCYRcieLeMjcoOgAjTKLQvY1D1AdeI_UKBY34lVMKDaOnubN6AQZ0VsqfNahUG-zSO2pGs_MEiHq_suShLNk8l1tytel9Hw8hAT7-_94TcHzTUFTh8W_y-JnqhVj7T4vhn237rhTlfC3ejyWhSHIFu3WCfiMAUUgcLHTp6WBG1RcqzuIH8w4S9QRA7_c76g53gycQjkk2T6GY-sJbfTCqEtvMaHtbbSJPRHsaeVciX6YOEhqu82N6NxYI8U66w2zSbuo0AfqyTnpc30XwybGQrqK4-uP_poKvFaxoIgpUwj7WIgh-F_pW8bno1q7pBEJyFNgzw&sig=Cg0ArKJSzNpCIvAeBm0JEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 52F7F27307E231F19A8093F2042E3E3D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3222032697&adsafe=medium&client=ca-pub-5722610347565274&format=300x600_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://vnexpress.net&sub_client=bidder-570660&aceid=MFYXtAAlGLQA-VU0AWZaNAEvYzQBZ280AcJvNAHMbzQBUnA0AbZwNAHNcDQB3XA0Ae5wNAFmcTQBbHE0AXhxNAGHcTQBk3E0AdFxNAHccTQB33E0AelxNAHxcTQB_XE0AQFyNAEDcjQBBXI0AQdyNAFLc0EBU3NBAVhzQQEs_dkBOMhcAtf2iAJB94gC3PmIAidCqgIoQqoCK0KqAl9bqgLQYaoCSHKqAv54qgIoiqoCrpaqAoCbqgKBm6oCgpuqAtqeqgJDoqoCpaaqAhanqgKmp6oCA6iqAqKoqgLiqaoCtKuqAiusqgIdrqoCBa-qApWvqgJ2sKoCebCqAoCwqgKCsKoCibCqAh6zqgLFtaoCnLuqAgG9qgLXvqoCZb-qArzBqgISx6oCtcyqAtXMqgJizaoCz82qAjHOqgIC0aoCb9GqAg3VqgJ81aoCedaqAtvWqgII26oCHtuqAprbqgJN3KoC5N2qAjfeqgJV3qoCfN6qArveqgK_4KoCw-CqAsjgqgK04aoC-OGqAmPjqgIk5KoCa-SqAqDlqgKv6KoCWemqArnpqgI-66oCueuqAsrrqgJV7KoCxeyqAlvtqgJk7qoCAO-qAk3vqgKQ76oCq--qArTvqgK876oCzO-qAurvqgLy76oC-e-qAgTwqgKDMtoCqLPFBWqj-xI_sfsSWrH7EmCx-xLUufsSUMb7EgrK-xLO0fsS49H7EpDS-xK21vsSu9z7Eprg-xLv5vsS7-v7EoDs-xKB7fsSbO77EuPu-xJj7_sSw-_7Ejnx-xKWZmQTZ13QExplcRZtFvcX-FZrGn_LtS4rIvpCRxsHagnS626CY2R-&awbid_c=AKAmf-BN70D1bsNc-lhEZbgvHjRcenW2VK1HGLbjMacE9sGnWb-YUENvXmgoR8DdjAEIx7P7JMvSGmbo6nxfmCaUTfZ43rv2XKkmELH-Qj6sVJybVXIRq0lh-HeYrO0nMyiscQ-5hIvkveGsyqgLf6Jxhzj3pRFe-hgl_CDduFtPyw2HJ6Qo_8c&awbid_d=AKAmf-ByTsuUlrc7ii75jtmhi2vw6IQsQLG132aAA2lcfvZq8x1XBcSOx53bmd_GD8aj9UC9BuR_MpwXA1io-Mgmjrp47BLb99LiqQFK2ysiFHdkyXzCsjXnUdCTSEnVVj5t6ipgYJQepXm8-ESkYSlN2It5JhTiFLztVFWyg5IL3J0m4BvZSwh19ziTWZ3WoBmWxJunGn1eNOyFyRFWxVgke8F3dOP4QIWvoRIp19TS5fRaRC27QoWDKtNZFRvJ3iWY27iPAiakI46kQKStCplLR9ogIm_SprJ5RNeGvt_l6v76MBC_JzzrR8Lnpyx3KkUz_dhtbffF9kmR8tew1j12aWErKGxuoTBuapaBirlYc_AfbIuX9YsPCEQqrbzurIR3JgIiXFlpkHbwR27RdVZnfZJvixCAXQpcCT_S_4OSO94Rz018LEnXpn8jHYRkXWCRbCBNDeN76YS7jBAEJiRxb3fzTOjSO-qXocNHKqy7u3m6TsUQbEmEcdiv_0mVoRuXPQatT4AO8dsfIIGnTU6EgHiHCr2qaKge2HsvSQhEl6JWzLRzlQMjfW1eFmzY5SDtBbRFUEbPEf2qwxZTGqiwjHIsSnJ6P_joeLu3iv211Da7MRMZR6v3-cbHh46vW-lnPyQN4ARTgwlMC0gRrERw7VjCsKcpqs9Y-vokzuazQJTB-18nM0XYpq_QsfZ5V2uCyJ3QOXj7aAzj8UI48Ds3UUUTPXeZeyHCK6PalHoOeHSFwdVdrs4&cid=CAASBORoYlw&exk=1595218560&rfl=https%3A%2F%2Fvnexpress.net%2F&a_pr=13:Ydo79gAAAABeaOYj7INP9jHlq_rb02aOHtaOSA
Frame ID: C6404562E112F484C6029057534798C2
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Frame ID: 5C4A37ED5D2D5C075D9CCD3AD18CD852
Requests: 20 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Frame ID: EEBDFE19A262D9C7FB4248B1C63070E0
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=192938&us_privacy=&gdpr_consent=&gdpr=1&C=1
Frame ID: F5DA242FF8790A019550F81955923646
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 40E045F3D419316C8DB64583F5E108DA
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: F3E040B1C33D14193D03B2786109E939
Requests: 3 HTTP requests in this frame

Frame: https://24f368ee55be02fd0a6e9b86a36b4619.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 40BD627C7898FD225E5DCDDB4D82EC61
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUAqbLXveNaVnKI5Ac2daKkNnVY3DTC0iRKBPrwM4fkIFB2qBavP88Cgx3me6EmHPLP3fhX0GFeLKqIlF9VDzu44Md_f8jj1ohz9HxmgiNLiwiNC_nBAJIBAlzmr9W19OqcZN9H2Nwz9hQsW5VtTATncfxoIOXIpN4HBMyOXxjrfT7A2Ie79MHHRA40gNzZRj4CnmTnK0kd0zA6xeXguKc6NV_yI9rpReJXimi0s92JDSvwCaBjYcWnAN6wqS5zte0vrnBm-drgy_ATw0YSdBCi9cVgS3KnNacmei5m5E6gX8lR4RWHXoQXDAck7z3fnq7jHRNwB2I9c7m-ZixZBnXnrF_wSY&sig=Cg0ArKJSzHNpulr4SWy7EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CF01D8D23FD39EBBD09512759749C32B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BCDA391BCFD076BA0E7DFA62EE39FD70
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC8149B7BD83EF7A4C54E3F3ECF46D6D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9227C22EADA1EA356C7F97D24D8691C4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CF9FBAABDCEB722408F74F36F0B08471
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 94355073627817587851F7398C84C47F
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Frame ID: B8E1806D3A6DA1026FECEF42A2A2A8BE
Requests: 8 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1641692152008-988194208614-007202-009-006442&biddername=55&key=2225192029448763184
Frame ID: 442FA699480BFC639BDDCAFD9B4F7B0A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 7E10ED64B27900D7C1337E656AA147B5
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: E78CD6997E0D4AA58F64FFFB8B6C721E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Frame ID: 14A85CB8E15A7D85B1E2A453D5457972
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A63F56F373D2942AA6073F52879883A5
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Frame ID: F91D5226B0845EEA6F31FFF43472FB72
Requests: 20 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CB63F2C34B174AAA4C703E33D238FB90
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cPJapwk1ur64knaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 512E436DB9B3B019B128EA0249ECA05B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: DAA71B5C9A0EE47AA607DF5F7695865E
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: 81DF8E1E9F2CC8A3D4D7ADFADF401F94
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: 887C8670FAE247F06773CD0CF51236CE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5DBF1A702B31F492B596F0C302D01DA4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F01D861106C50B07F447AA1C83B5B8C9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3C635DF5D138027FC3F97FB1DA0EC78F
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 23F6C59AFB55484F319F66731D803B72
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159970
Frame ID: 050C16AFFCDF251D77758364429C1290
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7DF37F8B-AFF2-40D1-A711-7DBC666DBC80
Frame ID: E39D1F2F63C93A3F8FC47099730E08AB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8290923107004405806
Frame ID: CB22D93E7FB9367E6FBF8ABB5135D4CD
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 405B5BCBE096A4DBB3AE0EBAF0935D77
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7051014107245574290
Frame ID: 54DBE35E24A2A6AF7D96264CC349E667
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ydo7_QAEL6xxdQAm&gdpr=0&gdpr_consent=&_test=Ydo7_QAEL6xxdQAm
Frame ID: F8BB05F307A8BC61B146A979463A2B32
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ravoHU0BQ6dCwkBdd_h-u1LHgig
Frame ID: 891E555BBC718ECEB43DB5CB22EF4434
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: C70ECDF8D1789CBB64B8E47A064EA7AC
Requests: 1 HTTP requests in this frame

Frame: https://optimize.urekamedia.com/cookie.php?code=1874508&type=media&apnx_segment=&referrer=&site_lang=&gauid=&urk_id=&ck=13164169215156&clickid=&offerid=&ordernumber=&amount=&webs=https%3A%2F%2Fvnexpress.net%2F
Frame ID: 86D11483735C484A92176C7C4993B47B
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: 8C75FABD3BB60EA57F8B6E74557DFD5D
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: 8C85339131010E2A76EFB42FBD19B611
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: E14FFCE2BCE6EB4B60E3166E23FC8BB3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0A79B4E7BC95CF158FAD90044C43C33C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 01D8C63CF56A0A488C8A81FC49414B94
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C8E9BC1814AA028D394B877EEF07CD10
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: B5A772F35C040248A7004AEFF8EDE4F2
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 9958499ECB05C56CAE42F422E92A6AEB
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 5E490D63B583F4FE1193A3BAB2F3F1E4
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 8CA9B06BDD6EF17FFC54B3E32ADA90A7
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: 100C35BD483AD2DAF7E40BA42EA690BE
Requests: 24 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: EF0550AD7323E398CC32EA9678039A61
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: 89DF6113B5141DE01934ADFEFEA1965C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6C09DBF45B4D7B4F10CD743E504D54BE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6C7A609CD7FCF168EDE14C9E1405CDEA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1E048185CD392824CBE66C5E752A8A46
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 16F4272EFB59CF277E036DA85CBB80C7
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: FCCAF47CB35CB8BA1CA6B64593518A7F
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: ED8545D378E6092E86114C69B2C5A4D2
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 2100BC4CB740E70E49DA2EA4797BEC45
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: E36910D6EE87C9A0843C4E38AFD05019
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: E0ACE8FBA6D820BB70F46050CDDD3305
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: B981EE0FEC3AFA388851A50C4E01929A
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 471844BD9511F4F0B8482B75F3932A4F
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: B9BF138B5801EC14B7BD8E7DE4783137
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 3F47CFD3064EE385BF741F413CB46998
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 5348A0956DCB246E7B6FD69C90884E4B
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: C5E269A3BA5EB2E21AAF9867155981BB
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 8932EB6C8385AC2AFEB8BBDCA0528839
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: EC7328DF553A0F1EA55E890DC58FCF1C
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 8961ED0E22D5B5791FD0FDC3BF956B6D
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 88ED9A6AC2862D8981FE7A06E9D25D9C
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 2C0C30465ECB4B9D1AD7C479C8D0D57E
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=vnexpress.net
Frame ID: A3D34DE0C8D2BFDB2309DC6A9C3A590E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7CB9ACBA1394C4B54A1B234EEFD9CD6A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ADD20098AF1824A2D3B281C1519A2E66
Requests: 2 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: EC301680C28BA4F460D939370381E926
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 1FA8DC649A65D6C17ACF69491497940F
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: DB1690A5BD5C93AC3ABF770DA0D7C4C5
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 68B92B120EF717437A71A228B7EEE772
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 2BB0F76F99A573B918362BDB11317878
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 6856A8B9366B9ADC2BD8DB51DADB7932
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 53106F4F8C144C038AFEA02108C47A33
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: AA3B2875C67444930741E6202ADF712F
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 33DA79C6D31202954290FB584C02679C
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 2A9AC4BB713368A41DB651A9DC3FC21D
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: B64D5270E7163F099F49FEB7E5ADD191
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: A743DE2147C4866FD8CC555EB680DC9E
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: A7BED7E9ED98003B0DA4DAF99F96C084
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: A20377F66C7DAF818C2F5C27E2817EAD
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 05ED2878D8D52A35211C88601942B3B5
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 1F9E5EA2CE856F7C89ED02C7B9A06387
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 759D431460F26BB5711D8C6E15D5DB8B
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 24EB21648A750BF9B02583C64C367317
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 55CF9B4D0A6D3A61F5C54BBDDAF026AF
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 0AD75515CDE691653923CDC24B536033
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 3F4BAA557193F22B800B00EF5B248B4F
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: AAFC450354C2C8B97F68A8AE6972D957
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

VnExpress - Báo tiếng Việt nhiều người xem nhất

Page URL History Show full URLs

  1. http://5wify31.gaku23.info/4Amt HTTP 302
    http://vnexpress.net/ HTTP 301
    https://vnexpress.net/ Page URL
  2. https://vnexpress.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • /fingerprintjs@(\d)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • zepto.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

851
Requests

92 %
HTTPS

31 %
IPv6

82
Domains

156
Subdomains

108
IPs

14
Countries

18402 kB
Transfer

36265 kB
Size

162
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://5wify31.gaku23.info/4Amt HTTP 302
    http://vnexpress.net/ HTTP 301
    https://vnexpress.net/ Page URL
  2. https://vnexpress.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://5wify31.gaku23.info/4Amt HTTP 302
  • http://vnexpress.net/ HTTP 301
  • https://vnexpress.net/
Request Chain 124
  • https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=79b889e9-70ec-11ec-a818-1a7cb9e30406
Request Chain 255
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=192938&us_privacy=&gdpr_consent=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=192938&us_privacy=&gdpr_consent=&gdpr=1&C=1
Request Chain 260
  • https://gcdn.2mdn.net/videoplayback/id/5ecdaaa7568ff6c8/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781434056/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/80F5C0AB2DB821346E9BBE964F0CBF1B50DF2D69.1160871CF2F04B3E9583BC9351DA81C929C00794/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-h0jeln7l.c.2mdn.net/videoplayback/id/5ecdaaa7568ff6c8/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781434056/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5400802EE05ACD450A0D26A4340844691C80C015.31024D2B2CC8960EA7A6C2601568F848633531A8/key/cms1/cms_redirect/yes/mh/Gk/mip/2a01:4a0:2c::5/mm/42/mn/sn-h0jeln7l/ms/onc/mt/1641691657/mv/u/mvi/4/pl/46/file/file.mp4
Request Chain 287
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ydo797Dx1_GXImrEnafbeQAAB0cAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ydo797Dx1_GXImrEnafbeQAAB0cAAAAB&dcc=t
Request Chain 288
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ydo797Dx1-GXImrEnafbeQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOW21OBXT3ODeBV1k2MQzkU&google_cver=1&gdpr=1
Request Chain 291
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=GWFJahwySzMCYkgzTGIAORZhTDoCMRg_F2OIsiUr
Request Chain 294
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e9561d67-7ec5-46d5-9885-b70ca8d64246
Request Chain 327
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 340
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641692152008-988194208614-007202-009-006442%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1641692152008-988194208614-007202-009-006442&biddername=55&key=2225192029448763184
Request Chain 356
  • https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://idsync.rlcdn.com/464986.gif?partner_uid=XUaOyOgmZWs
Request Chain 357
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=EZyDjihrSWA
Request Chain 358
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=KxFYDAyjl4g&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=7de7a766-2c60-4e06-bde7-59125d4c36af
Request Chain 359
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://c.deployads.com/cs/NXST?b=7SLg1syEHks
Request Chain 360
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8107759937123472539
Request Chain 371
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61ca7663dc3a6aa2704f1c13f2de1ad&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=pc029_7051014107235484574 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjFjYTc2NjNkYzNhNmFhMjcwNGYxYzEzZjJkZTFhZA==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFuM1Fec93WOAtYiBRs7wi0&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=e264eca7-474f-4729-b4ee-b407bfbc0deb HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/61ca7663dc3a6aa2704f1c13f2de1ad?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-BETq7HJE2oNPx_5kqr0gSGYPlUjVpi5PPdHovkY6~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=2225192029448763184 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=e4ed61da-3bf9-4b00-bcfc-6624da7d3ad5&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=7zzDz4mE1N6n7I5&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3034309312447776064 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AB-oM07DtHgAAD_Q9Q76GQ&gdpr=0 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
Request Chain 383
  • https://c1.adform.net/serving/cookie/match?party=14&cid=7DF37F8B-AFF2-40D1-A711-7DBC666DBC80 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7DF37F8B-AFF2-40D1-A711-7DBC666DBC80
Request Chain 384
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8290923107004405806
Request Chain 386
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7051014107245574290
Request Chain 387
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Ydo7_QAEL6xxdQAm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ydo7_QAEL6xxdQAm&gdpr=0&gdpr_consent=&_test=Ydo7_QAEL6xxdQAm
Request Chain 388
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ravoHU0BQ6dCwkBdd_h-u1LHgig
Request Chain 389
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUItb00wN0R0SGdBQURfUTlRNzZHUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 390
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ffN_i6_yQNGnEX28Zm28gA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 391
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=74bc61da-3bf9-4700-bcff-d347d43c2aea
Request Chain 392
  • https://pixel.onaudience.com/?partner=214&mapped=7DF37F8B-AFF2-40D1-A711-7DBC666DBC80 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=62e567d12a34a6a0abb9b379135747e4
Request Chain 393
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0RGMzdGOEItQUZGMi00MEQxLUE3MTEtN0RCQzY2NkRCQzgw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 394
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKbq4YTNKmQIx2ljB7p1wM0&google_cver=1
Request Chain 396
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e4ed61da-3bf9-4b00-bcfc-6624da7d3ad5&gdpr=0&gdpr_consent=
Request Chain 397
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3963778990808868709
Request Chain 398
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e264eca7-474f-4729-b4ee-b407bfbc0deb
Request Chain 399
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2225192029448763184&gdpr=0&gdpr_consent=
Request Chain 400
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7DF37F8B-AFF2-40D1-A711-7DBC666DBC80&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7DF37F8B-AFF2-40D1-A711-7DBC666DBC80&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-klDVAV5E2uUZTdGpmqGqljBcey9TFy0-~A&gdpr=0&gdpr_consent=
Request Chain 402
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-WXGEPw2xEniZsdJrGaPQ_Zlw0DiNZdF92fHjRQT
Request Chain 403
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=03515ecb-0b62-45be-ab21-2992b91fc3d6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk88405a62-5149-48c8-891f-3e818a5e289d&expires=7&user_group=5&ssp=pubmatic&bsw_param=03515ecb-0b62-45be-ab21-2992b91fc3d6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=03515ecb-0b62-45be-ab21-2992b91fc3d6&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 404
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8107759937123472539&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 406
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348&gdpr=0&gdpr_consent=
Request Chain 431
  • https://ib.adnxs.com/getuid?https://optimize.urekamedia.com/data-apnx?user_id=$UID&uid=13164169215156&url=https://vnexpress.net/ HTTP 302
  • https://optimize.urekamedia.com/data-apnx?user_id=2225192029448763184&uid=13164169215156&url=https://vnexpress.net/
Request Chain 454
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Ydo7_QAEL6xxdQAm&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AB-oM07DtHgAAD_Q9Q76GQ&gdpr=0&gdpr_consent=null HTTP 302
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=8107759937123472539 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=4090273&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=7d73659b-70ec-11ec-a4fc-35d6da22ce9f HTTP 302
  • https://sync.adotmob.com/cookie/stickyads?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=257&userId=072a220403ce1ede416ef737&gdpr=0&gdprConsent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D&gdpr=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348%26partner_url%3Dhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D721%2526userId%253D7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348%2526gdpr%253D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348&partner_url=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348%26gdpr%3D0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348&gdpr=0 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&1501=072a220403ce1ede416ef737&159=CAESEFuM1Fec93WOAtYiBRs7wi0&171=8107759937123472539&23329=7zzDz4mE1N6n7I5&25522=7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348&25746=7d73659b-70ec-11ec-a4fc-35d6da22ce9f&26913=AB-oM07DtHgAAD_Q9Q76GQ&45=Ydo7_QAEL6xxdQAm&529=e4ed61da-3bf9-4b00-bcfc-6624da7d3ad5&617=3034309312447776064&717=y-BETq7HJE2oNPx_5kqr0gSGYPlUjVpi5PPdHovkY6%7EA&892=e264eca7-474f-4729-b4ee-b407bfbc0deb&951=2225192029448763184&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849 HTTP 302
  • https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=pc029_7051014107235484574 HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t
Request Chain 457
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ravoHU0BQ6dCwkBdd_h-u1LHgig
Request Chain 458
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_20bcf30a-91d5-45d0-addd-d20aba5e5f50
Request Chain 460
  • https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D85%2526partnerUserId%253D%2524TF_USER_ID_ENC%2524&r=if HTTP 302
  • https://a.tribalfusion.com/i.match?p=b30&u=KxFYDAyjl4g&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b30&u=KxFYDAyjl4g&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
  • https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662314884195622
Request Chain 499
  • https://rr3---sn-h0jelne7.googlevideo.com/videoplayback?expire=1641720955&ei=-zvaYeGGH-eJ6dsPjYei6As&ip=82.199.130.40&id=92294c809deb1d41&itag=22&source=youtube&requiressl=yes&mh=mT&mm=31&mn=sn-h0jelne7&ms=au&mv=m&mvi=3&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=40.077&lmt=1641048891087483&mt=1641692037&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhANKAjR-_O9hhNs0qdq3hdQzK54ltcnqm3YaY9LGGXK_yAiEAmQmtRdw5eja7t0EGyE8SOch1-iy5V-3bfxO-tfo9gNM=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOWzdqQn6zDzE7i3-W-C4RKGrLkVJ2-SYsek_0XowDpXAiBa4Q00wRJ3OLAQVZn5Dfw6R9DQenqju5maumOpOKLOYA==&cpn=eDNaRUvBEmi5IX3g HTTP 302
  • https://rr3---sn-h0jeenek.googlevideo.com/videoplayback?expire=1641720955&ei=-zvaYeGGH-eJ6dsPjYei6As&ip=82.199.130.40&id=92294c809deb1d41&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=40.077&lmt=1641048891087483&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhANKAjR-_O9hhNs0qdq3hdQzK54ltcnqm3YaY9LGGXK_yAiEAmQmtRdw5eja7t0EGyE8SOch1-iy5V-3bfxO-tfo9gNM=&cpn=eDNaRUvBEmi5IX3g&redirect_counter=1&rm=sn-h0jld7s&req_id=6c5e6ab5936a36e2&cms_redirect=yes&ipbypass=yes&mh=mT&mip=2a01:4a0:2c::5&mm=31&mn=sn-h0jeenek&ms=au&mt=1641691444&mv=u&mvi=3&pl=46&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMGT-r4jUK9c-EXeviuijGvhbGFylm12cpdyCgJy4wDfAiAGKXSOScdUQxLcDFZXeXjizdeoKwGNrC05EXuQZibmJw%3D%3D
Request Chain 530
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D&gdpr=0&gdpr_consent=null HTTP 302
  • https://tags.bluekai.com/site/17724?id=7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D721%2526userId%253D7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348%2526gdpr%253D0%2526gdpr_consent%253Dnull
Request Chain 536
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=S3hGWURBeWpsNGc HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEJkzSJSkyr5QDJZcsUdcyRA&google_cver=1
Request Chain 564
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&gdpr=0&gdpr_consent=null HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&gdpr=0&gdpr_consent=null&_cvt=t HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.87e6baabca9c4eb98c08bac186fd6c9f HTTP 302
  • https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=stickyads&bsw_custom_parameter=03515ecb-0b62-45be-ab21-2992b91fc3d6 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=stickyads&bsw_custom_parameter=03515ecb-0b62-45be-ab21-2992b91fc3d6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=633c3dad-923f-4c0b-8216-954ea67f8f2a&ssp=stickyads&expires=30&user_group=5&bsw_param=03515ecb-0b62-45be-ab21-2992b91fc3d6 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=204&userId=03515ecb-0b62-45be-ab21-2992b91fc3d6 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b25&u=61ca7663dc3a6aa2704f1c13f2de1ad&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D977%26userId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=977&userId=18072662314884195622 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156429&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156429%26mpc%3D4%26fp%3D1%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D642%2526userId%253D%2523PMUID HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:04c11832-0234-4b06-b0e1-0860d37a83d9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 572
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=934e8c51-3fdc-4778-a224-12fc61739d12
Request Chain 601
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://freewheel.adhaven.com/bid-engine/cs/b714c175b3fe12d9388dfc1431d76197/v1?rd=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1217%26userId%3D%24UID&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1217&userId=4c_20bcf30a-91d5-45d0-addd-d20aba5e5f50 HTTP 302
  • https://umfw.adscience.nl/sync/freewheel&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1265&userId=E2lXbXSF9Y5tLx7bXzXVTQ-- HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156429&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156429%26mpc%3D4%26fp%3D1%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D642%2526userId%253D%2523PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2225192029448763184 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156429&mpc=4&fp=1&pmc=1&pr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D642%26userId%3D7DF37F8B-AFF2-40D1-A711-7DBC666DBC80 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=642&userId=7DF37F8B-AFF2-40D1-A711-7DBC666DBC80 HTTP 302
  • https://um.simpli.fi/freewheel
Request Chain 609
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=ZLwamts6fBZc&ev=1&pid=561322
Request Chain 641
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Request Chain 648
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=Ydo7_QAEL6xxdQAm
Request Chain 660
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=vnexpress.net&sn=ChromeSyncframe&so=0&topUrl=vnexpress.net&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ETVEhXxnR2ZOMnZzZ3VFOWpYOEVZMnpDdmhPTTgzdGxtc0lYQXd4TnJuWkMyNXhZRWZ3a1dBTGFvM0hmZHFEcy9xRGgvN1VyRkJCK05ZdmMzMGphOTREUFMzN0VyNThKWG1kSmNRL2ZJVi9QU3Z3bjVETWR2L3pjWkVCd2drYk1nRjRyQUVuQWVEclRoWi9UdlplU2c5Zytac2RCNlJ3NjQybVdrN0h5ZVBQVk1SSzFqY1EwWUt5RkxpZHNZN0x4RVBoWHdPTEQrd0J6L253Z1c2QWZzV21LS1RXQWs2NTNtNUp1Zk81ZERZQktRdUJJaVJyby9GMTFFNXUrWFByclJSbjVRbnpYYWhDTzNrSmlqMVVJbXZNYks1dz09fA&cppv=2
Request Chain 679
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=C1BvD-zvaYfXfGfHd7_UP6c6N2AfZtbXDZ5HsqpmYD7CQHxABIJmLvS9gu76cg9AKoAHMlpLkAsgBBakCLvmiMb7Mtj7gAgCoAwGYBACqBO0BT9DP-e13XLaMXAaJXFrTvTNEG7rKcFFD-rv4O-X6RMhf6x-4_crKPJLR0l2lrjjEjp2Ox70PiRzOjFOgaqNGt9ORCa2M9skACT-1gkEA5e2crKaCTkpQ0ga_Y8fBxVdhF04zVNjn_i4SWth7DT_8SuC_YfXmgdTfZwkbHE3nvO31kXTX6Y6i9bwEy_XuYnnjz7OmzfTnkPjLDEzDHqFwGbv4VBK4-fg14_oujC9xbkDu9KN5h91eINkhopl_g3MekBGujKygA4jjLrES5F5RI8rsnFlkUjbJu3_DUS0i9hjqA6GBe3LwrvLinwqhwASXhorn8wPgBAGgBlSAB5zp7ZsBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMzNjQyMjcxMzA4Nzc0NTWxCX6EnMTf8pWMgAoDmAsByAsB0AsPuAwB2BMC0BUBmBYBgBcB&num=1&sig=AOD64_2-MMkOSid7mqWYjbiDDzS7RZh1iw&client=ca-pub-4083612996934505&adurl=https://violifefoods.com/%3Futm_source%3Dyoutube%26utm_medium%3Dpaid%26utm_campaign%3Dcyc-40secvideo&ctype=110&label=video_10s_engaged_view&ad_mt=10214&acvw=sv%3D914%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D975,1200,1200,1600%26p1%3D975,1200,1200,1600%26tos%3D10270,0,0,0,0%26mtos%3D10270,10270,10270,10270,10270%26amtos%3D0,0,0,0,0%26mtos1%3D10268,0,0%26mcvt%3D10270%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10270%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2233%26pst%3D414%26dur%3D40007%26vmtime%3D10213%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D2,2,2,2,2%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D398%26femvt%3D0%26emc%3D54%26emuc%3D0%26emb%3D54,0,0,0,0%26avms%3Dexc%26qi%3D976240591%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D13299%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10270%26ss0%3D0.04%26ss1%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1641692155702 HTTP 302
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=C53bY-zvaYfXfGfHd7_UP6c6N2AfZtbXDZ5HsqpmYD7CQHxABIJmLvS9gu76cg9AKoAHMlpLkAsgBBakCLvmiMb7Mtj7gAgCoAwGYBACqBO0BT9DP-e13XLaMXAaJXFrTvTNEG7rKcFFD-rv4O-X6RMhf6x-4_crKPJLR0l2lrjjEjp2Ox70PiRzOjFOgaqNGt9ORCa2M9skACT-1gkEA5e2crKaCTkpQ0ga_Y8fBxVdhF04zVNjn_i4SWth7DT_8SuC_YfXmgdTfZwkbHE3nvO31kXTX6Y6i9bwEy_XuYnnjz7OmzfTnkPjLDEzDHqFwGbv4VBK4-fg14_oujC9xbkDu9KN5h91eINkhopl_g3MekBGujKygA4jjLrES5F5RI8rsnFlkUjbJu3_DUS0i9hjqA6GBe3LwrvLinwqhwASXhorn8wPgBAHABW6gBlSAB5zp7ZsBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMzNjQyMjcxMzA4Nzc0NTWaCRlodHRwczovL3Zpb2xpZmVmb29kcy5jb20vsQl-hJzE3_KVjIAKA5gLAcgLAdALD7gMAdgTAtAVAZgWAYAXAQ&num=1&client=ca-pub-4083612996934505&ctype=110&label=video_10s_engaged_view&ad_mt=10214&acvw=sv%3D914%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D975,1200,1200,1600%26p1%3D975,1200,1200,1600%26tos%3D10270,0,0,0,0%26mtos%3D10270,10270,10270,10270,10270%26amtos%3D0,0,0,0,0%26mtos1%3D10268,0,0%26mcvt%3D10270%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10270%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2233%26pst%3D414%26dur%3D40007%26vmtime%3D10213%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D2,2,2,2,2%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D398%26femvt%3D0%26emc%3D54%26emuc%3D0%26emb%3D54,0,0,0,0%26avms%3Dexc%26qi%3D976240591%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D13299%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10270%26ss0%3D0.04%26ss1%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1641692155702&cid=CAQSKQCNIrLMuDPT6x42Ah5o0B_oj0fXJnD26m5aGkASXJx-BkIG9-BtflGG&dblrd=1&val=ChAyMmFiYzRlODE4Y2QwMGRkEPb36I4GGgiJQ4aiEbaRNCABKAE&sig=AOD64_3BiH-QObbJOxrfVq9EumpYVtj3bQ&adurl=https://violifefoods.com/%3Futm_source%3Dyoutube%26utm_medium%3Dpaid%26utm_campaign%3Dcyc-40secvideo
Request Chain 697
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Request Chain 705
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1 HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
  • https://tags.bluekai.com/site/5379?id=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Request Chain 731
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Request Chain 739
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
  • https://tags.bluekai.com/site/5379?id=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Request Chain 766
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Request Chain 774
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
  • https://tags.bluekai.com/site/5379?id=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Request Chain 800
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Request Chain 809
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
  • https://tags.bluekai.com/site/5379?id=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Request Chain 835
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Request Chain 843
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
  • https://tags.bluekai.com/site/5379?id=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=

851 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
vnexpress.net/
Redirect Chain
  • http://5wify31.gaku23.info/4Amt
  • http://vnexpress.net/
  • https://vnexpress.net/
193 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.250.2 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
877whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

date
Sun, 09 Jan 2022 01:35:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
v-cache
VNE4
cache-control
max-age=60, stale-while-revalidate=6, stale-if-error=864000, private
etag
W/"a72c7d9d65303d16e5633ffa98d76c8d"
server
877whgldd10bf7c7468e873e79ba2ad139
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip

Redirect headers

Date
Sun, 09 Jan 2022 01:35:45 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Keep-Alive
timeout=60
Location
https://vnexpress.net/
Server
2077whgldd10bf7c7468e873e79ba2ad139
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
ea3.js
s1.vnecdn.net/vnexpress/restruct/j/v1274/eclick/ 		0
0
gtm.js
www.googletagmanager.com/ 		255 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61047
x-xss-protection
0
last-modified
Sun, 09 Jan 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 09 Jan 2022 01:35:47 GMT
analytics.js
www.google-analytics.com/ 		0
0
5c261ec3-2fc9-4939-9fe1-c06f786759fb
https://vnexpress.net/ 		531 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://vnexpress.net/5c261ec3-2fc9-4939-9fe1-c06f786759fb
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
863016606095ee80bec9802da48ef003599574c8b1472e9030f6792bad4f2fc2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
531
Content-Type
text/javascript
eclick.js
s.eclick.vn/delivery/ 		0
0
gpt.js
www.googletagservices.com/tag/js/ 		0
0
dfpbrand.js
s.eclick.vn/delivery/dfp/ 		0
0
prebid.js
s.eclick.vn/delivery/dfp/ 		0
0
ov_pc_vne_home_home.js
s.eclick.vn/delivery/dfp/ 		0
0
1000000.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/blocks/site/ 		0
0
Primary Request /
vnexpress.net/ 		193 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vnexpress.net/
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.250.2 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
877whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash
b9260c76ec8c9e6f02d5e42efbd15b105b80325e9254fe8e6f728fc620069db5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

date
Sun, 09 Jan 2022 01:35:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
v-cache
VNE4
cache-control
max-age=60, stale-while-revalidate=6, stale-if-error=864000, private
etag
W/"a72c7d9d65303d16e5633ffa98d76c8d"
server
877whgldd10bf7c7468e873e79ba2ad139
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip
perf
logperf.vnexpress.net/ 		0
0
eclick.js
s.eclick.vn/delivery/ 		537 B
582 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eclick.vn/delivery/eclick.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.130 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-static_eclick_141_36 /
Resource Hash
23134547cfb0d6e1825ed86a6c9c6efc0385369fafe1e17bc296ef3b7017e971

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
last-modified
Thu, 23 Dec 2021 02:35:31 GMT
server
FPT-static_eclick_141_36
etag
W/"61c3e073-219"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=0, static_eclick_141_36,no-cache
expires
Sun, 09 Jan 2022 01:35:48 GMT
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11b69c31a47917f90c4fd2be44fd96dbcc1ccc8c6235da63773bc18cba3557a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26885
x-xss-protection
0
server
sffe
etag
"1096 / 542 of 1000 / last-modified: 1641462333"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 09 Jan 2022 01:35:47 GMT
dfpbrand.js
s.eclick.vn/delivery/dfp/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eclick.vn/delivery/dfp/dfpbrand.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.130 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-static_eclick_141_36 /
Resource Hash
f5ff7b1a96a0963d7b754722c07b01f20e15ac89b84bdc7cd7d30a1a700f071c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 05:06:50 GMT
server
FPT-static_eclick_141_36
etag
W/"61b03d6a-600e"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
expires
Sun, 09 Jan 2022 02:35:48 GMT
prebid.js
s.eclick.vn/delivery/dfp/ 		283 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eclick.vn/delivery/dfp/prebid.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.130 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-static_eclick_141_36 /
Resource Hash
c37ae6ed07f0d7aea49f75279b9886e17da1b5b47beb7a8fbeb9ce1eb91cb18b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
last-modified
Thu, 23 Dec 2021 09:03:04 GMT
server
FPT-static_eclick_141_36
etag
W/"61c43b48-46d2a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
expires
Sun, 09 Jan 2022 02:35:48 GMT
ov_pc_vne_home_home.js
s.eclick.vn/delivery/dfp/ 		163 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.130 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-static_eclick_141_36 /
Resource Hash
510c8629d39437b562e1f5a3903a50ef69c04d2a6cd19df492df4055144b9653

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
last-modified
Fri, 31 Dec 2021 03:59:08 GMT
server
FPT-static_eclick_141_36
etag
W/"61ce800c-28d6d"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
expires
Sun, 09 Jan 2022 02:35:48 GMT
1000000.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/blocks/site/ 		178 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/blocks/site/1000000.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
cdd5480bca11fbd8f4c91da7255015d055a4c66b33c264944ec3b1cc7884a506

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Wed, 05 Jan 2022 02:17:29 GMT
server
keycdn-engine
etag
W/"61d4ffb9-2c6ab"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/blocks/site/1000000.js>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:47 GMT
general-file.css
s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/ 		132 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/general-file.css
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
850168f47b570c597b2f81cdb44d42bdbd3be1ea0de432a66c4279d773fdeb75

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Thu, 30 Dec 2021 07:22:54 GMT
server
keycdn-engine
etag
W/"61cd5e4e-2112c"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/general-file.css>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:47 GMT
vod.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/ 		1 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/vod.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5429c9d50e6222c5a8082411c59146871a585b8eadc84a9d7843ec0953274ef3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
MISS, HIT
x-shield
active
last-modified
Thu, 06 May 2021 01:24:32 GMT
server
keycdn-engine
etag
W/"60934550-446"
vary
Accept-Encoding
x-handle
0-1
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/vod.js>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:47 GMT
logo.svg
s1cdn.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/logo.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
cd456e897b78da5e11de8896786c7224774c71b21f46d04bc65ee6f32b040958

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 01:23:20 GMT
server
keycdn-engine
link
<http://s1.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/logo.svg>; rel="canonical"
x-edge-location
defr
etag
W/"60934508-13b6"
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
x-shield
active
expires
Mon, 09 Jan 2023 07:24:47 GMT
ea3.js
s1.vnecdn.net/vnexpress/restruct/j/v1274/eclick/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1274/eclick/ea3.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
66cb0f00518d0b6623c75fdd6493c8e9af42fcff888064ca70c1b2172cb782b4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:26:10 GMT
etag
W/"61a8bb62-c112"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Tue, 10 Jan 2023 01:35:48 GMT
gtm.js
www.googletagmanager.com/ 		316 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
40dd8e0e88155c995a0a27986e1da0ba577287699720f139d0f49e821b78c50f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61047
x-xss-protection
0
last-modified
Sun, 09 Jan 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 09 Jan 2022 01:35:47 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2081
date
Sun, 09 Jan 2022 01:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 09 Jan 2022 03:01:06 GMT
perf
logperf.vnexpress.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logperf.vnexpress.net/perf?lt=0&dclt=0&sr=0&url=vne_reload&iscache=0&device_env=4&domain=vnexpress.net&timeserver=1641692100000&timecookie=1641692100000&timeclient=1641717347000&action=no_reload
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
180.148.129.21 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
category.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/config/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/config/category.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
cbea20f6c29eb8fc4a556a29fb722adb7f8bda7afe7dc039f1a9e7b2382e1b43

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Fri, 07 Jan 2022 08:17:05 GMT
server
keycdn-engine
etag
W/"61d7f701-ab33"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/config/category.js>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:47 GMT
fc
vnexpress.net/microservice/ 		158 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vnexpress.net/microservice/fc
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.250.2 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
877whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash
393a5dde977b3c33c177d2fb8fccaed06d77ae88547d13974ac5e75cc63c5c11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
877whgldd10bf7c7468e873e79ba2ad139
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=60, no-cache
x-xss-protection
1; mode=block
v-cache
VNE4
truncated
/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Origin
https://vnexpress.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/font-woff2
Merriweather-woff2.css
s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/webfonts/ 		160 KB
122 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/webfonts/Merriweather-woff2.css
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7c3f0d6cfe9f8fde34bf9653db1b256bd0601b91b14e6336dde2187396a16efe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Thu, 06 May 2021 01:23:00 GMT
server
keycdn-engine
etag
W/"609344f4-280fe"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/webfonts/Merriweather-woff2.css>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:47 GMT
icon-vne.svg
s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/images/graphics/ 		57 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/images/graphics/icon-vne.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
45b83f6b6a8fc5a941655b074f10b26bc4dfca4035c372326e1dba7307c82c43

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 03:00:26 GMT
server
keycdn-engine
link
<http://s1.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/images/graphics/icon-vne.svg>; rel="canonical"
x-edge-location
defr
etag
W/"61c294ca-e3ec"
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
x-shield
active
expires
Mon, 09 Jan 2023 07:24:47 GMT
TEXT10801min-1641661988-4617-1641662085.gif
vcdn1-vnexpress.vnecdn.net/2022/01/09/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-vnexpress.vnecdn.net/2022/01/09/TEXT10801min-1641661988-4617-1641662085.gif?w=220&h=132&q=100&dpr=1&fit=crop&s=l-sP0Q3WwUAXCvgmSEsYQg&t=image
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
370b1bf6c5c75ea567b07b8e57f54bc5c91e2c316c3e69cee33dd9c51087fb66

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
x-edge-location
defr
x-cache
HIT, HIT
x-envoy-upstream-service-time
51
content-length
20093
x-shield
active
last-modified
Sat, 08 Jan 2022 17:15:27 GMT
server
keycdn-engine
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://i1-vnexpress.vnecdn.net/2022/01/09/TEXT10801min-1641661988-4617-1641662085.gif?w=220&h=132&q=100&dpr=1&fit=crop&s=l-sP0Q3WwUAXCvgmSEsYQg&t=image>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:47 GMT
hope_home_pc.png
s1cdn.vnecdn.net/vnexpress/restruct/i/v518/banner/ 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/i/v518/banner/hope_home_pc.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
51bb1a19448d513f7f07b91ab838e23ecdd09018d522b863ce59842e722a5814

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
x-edge-location
defr
x-cache
HIT, HIT
content-length
145840
x-shield
active
last-modified
Thu, 16 Dec 2021 10:20:08 GMT
server
keycdn-engine
etag
"61bb12d8-239b0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://s1.vnecdn.net/vnexpress/restruct/i/v518/banner/hope_home_pc.png>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:47 GMT
e8a03b08-c8bc-41e3-8fcf-02a92f73fb44
https://vnexpress.net/ 		531 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://vnexpress.net/e8a03b08-c8bc-41e3-8fcf-02a92f73fb44
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
863016606095ee80bec9802da48ef003599574c8b1472e9030f6792bad4f2fc2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
531
Content-Type
text/javascript
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
huy-6487-1641634168-1641634184-2403-1641635087.jpg
vcdn1-suckhoe.vnecdn.net/2022/01/08/ 		319 KB
320 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-suckhoe.vnecdn.net/2022/01/08/huy-6487-1641634168-1641634184-2403-1641635087.jpg?w=680&h=408&q=100&dpr=1&fit=crop&s=bssfYE-vwsofVEJBGOotJw
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
e020f5f10dcef4391d10711c2ec50cb88283d02d0ba5c9c5626854ba9367e7e0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
x-edge-location
defr
x-cache
HIT, HIT
x-envoy-upstream-service-time
112
content-length
326667
x-shield
active
last-modified
Sat, 08 Jan 2022 09:44:56 GMT
server
keycdn-engine
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://i1-suckhoe.vnecdn.net/2022/01/08/huy-6487-1641634168-1641634184-2403-1641635087.jpg?w=680&h=408&q=100&dpr=1&fit=crop&s=bssfYE-vwsofVEJBGOotJw>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
markopng-1574358134.png
vcdn1-vnexpress.vnecdn.net/2019/11/22/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-vnexpress.vnecdn.net/2019/11/22/markopng-1574358134.png?w=100&h=100&q=100&dpr=1&fit=crop&s=UCLmEHAUW5YYc2uBejvxlA
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3ab48b117422b65760591d1b3bd926e10bd638cdf291f1f5090efd9f0bfe9d10

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
x-edge-location
defr
x-cache
HIT, HIT
x-envoy-upstream-service-time
189
content-length
8264
x-shield
active
last-modified
Sat, 08 Jan 2022 05:00:22 GMT
server
keycdn-engine
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://i1-vnexpress.vnecdn.net/2019/11/22/markopng-1574358134.png?w=100&h=100&q=100&dpr=1&fit=crop&s=UCLmEHAUW5YYc2uBejvxlA>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:47 GMT
va-n-y-jpeg-1641658979-8779-1641659010.jpg
vcdn1-thethao.vnecdn.net/2022/01/08/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-thethao.vnecdn.net/2022/01/08/va-n-y-jpeg-1641658979-8779-1641659010.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=sgUfCpBZGgSWa6VDnEO2PA
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0ea78a94de81217c3c4f86792f9c034fe55d990abd80b6bde4705175ba01d16f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
x-edge-location
defr
x-cache
HIT, HIT
x-envoy-upstream-service-time
50
content-length
69538
x-shield
active
last-modified
Sat, 08 Jan 2022 16:23:39 GMT
server
keycdn-engine
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://i1-thethao.vnecdn.net/2022/01/08/va-n-y-jpeg-1641658979-8779-1641659010.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=sgUfCpBZGgSWa6VDnEO2PA>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:47 GMT
nha-cach-ly-9922-1641660602.jpg
vcdn1-vnexpress.vnecdn.net/2022/01/08/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-vnexpress.vnecdn.net/2022/01/08/nha-cach-ly-9922-1641660602.jpg?w=680&h=408&q=100&dpr=1&fit=crop&s=qp24IGWoOTTZndDdc827Mw
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f982a2a3b8c8bacfdbcb5c846735f41946cf64408264d9f22cb7914ae51aa1a7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
x-edge-location
defr
x-cache
HIT, HIT
x-envoy-upstream-service-time
84
content-length
126379
x-shield
active
last-modified
Sat, 08 Jan 2022 16:50:08 GMT
server
keycdn-engine
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://i1-vnexpress.vnecdn.net/2022/01/08/nha-cach-ly-9922-1641660602.jpg?w=680&h=408&q=100&dpr=1&fit=crop&s=qp24IGWoOTTZndDdc827Mw>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:47 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9430b19d1678da7e43f00da23ba8a528facb0fd87cdc37696c1244343d92b28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62356
x-xss-protection
0
expires
Sun, 09 Jan 2022 01:35:47 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8bf939288fcaaa94ec7287da90f5a3032eb7ffb483ff7539260bcd05e9d89a58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62413
x-xss-protection
0
expires
Sun, 09 Jan 2022 01:35:47 GMT
cdp.js
octopus-stream01-cads.fpt.vn/ 		129 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://octopus-stream01-cads.fpt.vn/cdp.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.55.119.42 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software
nginx /
Resource Hash
d30d5a15f01d0bf1d2eceda161aad30112be19ba8e5fbd1f1b65b15e32542b47

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:48 GMT
last-modified
Wed, 07 Jul 2021 14:43:31 GMT
server
nginx
etag
"60e5bd93-20428"
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-length
132136
js
www.google-analytics.com/gtm/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-P5FWR6V&t=gtm5&cid=1608223899.1641692148
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ae623015ac4b4ab3c8bdae58951d7f70548eeec733e896962b1466ab0fcb92c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35091
x-xss-protection
0
last-modified
Sun, 09 Jan 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 09 Jan 2022 01:35:47 GMT
lazyload.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/lazyload.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
e5235b9bab8f3e03517428422f94e0cfc8f356ce0089cfc60a0a7032af1825c2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Thu, 06 May 2021 01:24:31 GMT
server
keycdn-engine
etag
W/"6093454f-27d4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/lazyload.js>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:47 GMT
home.defer.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/modules/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/modules/home.defer.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b310c77b39c89cc43370834398da4f10f99498ab9291290aca73782e4db2d856

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Fri, 07 Jan 2022 10:27:25 GMT
server
keycdn-engine
etag
W/"61d8158d-8dbd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/modules/home.defer.js>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:47 GMT
pubads_impl_2022010405.js
securepubads.g.doubleclick.net/gpt/ 		351 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
4645ab9bfd6df40b764a38442029b1b8a1b2177aa42a26ed47889c85bb191036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120815
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 16:09:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 09 Jan 2022 01:35:48 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
980 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vnexpress.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
4b88e322ae9dfbfed22b3257299b7a21008901af1cca8f39b15e50543389301c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Sun, 09 Jan 2022 01:35:47 GMT
collect
analytics.google.com/g/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-DQJ7NF9DN2&gtm=2oe150&_p=1450268577&sr=1600x1200&_gaz=1&ul=en-us&cid=1608223899.1641692148&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&dr=https%3A%2F%2Fvnexpress.net%2F&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sid=1641692147&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DQJ7NF9DN2&cid=1608223899.1641692148&gtm=2oe150&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-57577CKS2C&gtm=2oe150&_p=1450268577&sr=1600x1200&_gaz=1&ul=en-us&cid=1608223899.1641692148&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&dr=https%3A%2F%2Fvnexpress.net%2F&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sid=1641692147&sct=1&seg=0&en=page_view&_fv=2&_ss=1&_c=1&ep.vn_segment=%7Bvn_segment%7D%7D&up.page_category=Home&up.page_category_id=1000000&up.page_subcategory_id=&up.page_type=Home&up.page_platform=Web&up.user_logged_in=No
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-57577CKS2C&cid=1608223899.1641692148&gtm=2oe150&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DQJ7NF9DN2&cid=1608223899.1641692148&gtm=2oe150&aip=1&z=253807445
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-57577CKS2C&cid=1608223899.1641692148&gtm=2oe150&aip=1&z=1684005599
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-50285069-28&cid=1608223899.1641692148&jid=1743168971&gjid=1440508576&_gid=1499767020.1641692148&_u=aGDAgEADQAAAAE~&z=244159609
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 09 Jan 2022 01:35:48 GMT
content-type
text/plain
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1450268577&t=pageview&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQ~&jid=1743168971&gjid=1440508576&cid=1608223899.1641692148&tid=UA-50285069-28&_gid=1499767020.1641692148&gtm=2wg150N3FNJF&cg1=Home&cg4=Home&cd1=1000000&cd8=Home&cd17=No&cd19=Web&cd22=1&cd24=0&cd27=Home&cd37=&cd55=1608223899.1641692148&z=932245905
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 00:03:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5546
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
hls.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v2/helper/vod/ 		239 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v2/helper/vod/hls.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
e31abfba9498eb99c83e4d738058db4f316f1a3ef6d33e8dbb2cd5cf077096cd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
MISS, HIT
x-shield
active
last-modified
Thu, 06 May 2021 01:24:27 GMT
server
keycdn-engine
etag
W/"6093454b-3bc3b"
vary
Accept-Encoding
x-handle
0-1
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v2/helper/vod/hls.js>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:47 GMT
embed_vod.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v2/helper/ 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v2/helper/embed_vod.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
094b9f3481dd02472092ab67546ce7e02314256e3965ba5b488ce7c449f0d7f4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
MISS, HIT
x-shield
active
last-modified
Mon, 27 Dec 2021 04:45:00 GMT
server
keycdn-engine
etag
W/"61c944cc-f6f2"
vary
Accept-Encoding
x-handle
0-1
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v2/helper/embed_vod.js>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:47 GMT
video-js.css
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v2/helper/vod/ 		75 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v2/helper/vod/video-js.css
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/vod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
cce58d4c04c5bc1c3c6cf3687222a843bc8f65c7425d10cb3ade72a7912e49c8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
MISS, HIT
x-shield
active
last-modified
Thu, 06 May 2021 01:24:27 GMT
server
keycdn-engine
etag
W/"6093454b-12c5c"
vary
Accept-Encoding
x-handle
0-1
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
content-type
text/css
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v2/helper/vod/video-js.css>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:47 GMT
ads.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v2/helper/vod/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v2/helper/vod/ads.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9742ad08db82dedf33acd2fe9bea9390d6197e672ccc2a6d3f40d87ed964824c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:47 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Thu, 06 May 2021 01:24:27 GMT
server
keycdn-engine
etag
W/"6093454b-7595"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v2/helper/vod/ads.js>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:47 GMT
truncated
/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
119ec1d9a42611e9ff521ffd50a5a8b85df6006c9c19ce856ebcef1ea373f506

Request headers

Referer
Origin
https://vnexpress.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/ 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92482f69cf8b488f4e0364ce1ead48d89a0bac67ae2d147e7028fd14afb42aae

Request headers

Referer
Origin
https://vnexpress.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/x-font-woff
zepto.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/libs/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/libs/zepto.js
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/modules/home.defer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
464afcd8128470af2c00e32101a2df60a792586747321dd5afa9a21816a385ba

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Thu, 06 May 2021 01:24:31 GMT
server
keycdn-engine
etag
W/"6093454f-9c7d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/libs/zepto.js>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
simple-scrollbar.min.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/libs/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/libs/simple-scrollbar.min.js
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/modules/home.defer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
1601c1cfc82d718d46138f6a4205cae60449697b94e6abf7586735ec2e05c3d0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
MISS, HIT
x-shield
active
last-modified
Thu, 06 May 2021 01:24:31 GMT
server
keycdn-engine
etag
W/"6093454f-10a7"
vary
Accept-Encoding
x-handle
0-1
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/libs/simple-scrollbar.min.js>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
usi.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/usi.js
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/modules/home.defer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
ea42d4bfc86d8174b8d820351d394cb25e53471cce42e6723435a8604575e348

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
MISS, HIT
x-shield
active
last-modified
Tue, 28 Dec 2021 08:17:15 GMT
server
keycdn-engine
etag
W/"61cac80b-3160"
vary
Accept-Encoding
x-handle
0-1
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/usi.js>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
eclick_logo.png
static.eclick.vn/delivery/css/images/graphics/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.eclick.vn/delivery/css/images/graphics/eclick_logo.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.131 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-static_eclick_141_46 /
Resource Hash
28c34d137ec2cc383f7177e97e1d0d1855ec48e45536b9ae395b6ac1f26ee3f5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:49 GMT
last-modified
Tue, 28 Apr 2020 05:02:00 GMT
server
FPT-static_eclick_141_46
etag
"5ea7b8c8-76a"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1898
expires
Tue, 08 Feb 2022 01:35:49 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-50285069-28&cid=1608223899.1641692148&jid=1743168971&_u=aGDAgEADQAAAAE~&z=1586090763
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-50285069-28&cid=1608223899.1641692148&jid=1743168971&_u=aGDAgEADQAAAAE~&z=1586090763
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
TEXT10801min-1641661988-4617-1641662085.gif
vcdn1-vnexpress.vnecdn.net/2022/01/09/ 		93 KB
94 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vcdn1-vnexpress.vnecdn.net/2022/01/09/TEXT10801min-1641661988-4617-1641662085.gif?w=120&h=72&q=100&dpr=2&fit=crop&s=VjctxkqNIbPOEkLLvJcZpw&t=video
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
b725577f3fb370ba9dfe56ea0ccbce05adc5dd89f46edd8c7725876bab2b4bce

Request headers

Referer
https://vnexpress.net/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
x-edge-location
defr
x-cache
HIT, HIT
Content-Range
bytes 0-95207/95208
x-envoy-upstream-service-time
351
Content-Length
95208
x-shield
active
last-modified
Sat, 08 Jan 2022 17:15:16 GMT
server
keycdn-engine
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://i1-vnexpress.vnecdn.net/2022/01/09/TEXT10801min-1641661988-4617-1641662085.gif?w=120&h=72&q=100&dpr=2&fit=crop&s=VjctxkqNIbPOEkLLvJcZpw&t=video>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
viettrinhtop-1641634589-7226-1641635730.jpg
vcdn1-giaitri.vnecdn.net/2022/01/08/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-giaitri.vnecdn.net/2022/01/08/viettrinhtop-1641634589-7226-1641635730.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=xAH6uaDBAKnXXwA9o_ak3g
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0498a92fe380cd854e3186f0fbf5d85938ce21e1adff5b037de30c3392166ca7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:49 GMT
x-edge-location
defr
x-cache
HIT, HIT
x-envoy-upstream-service-time
25
content-length
48518
x-shield
active
last-modified
Sat, 08 Jan 2022 09:55:38 GMT
server
keycdn-engine
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://i1-giaitri.vnecdn.net/2022/01/08/viettrinhtop-1641634589-7226-1641635730.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=xAH6uaDBAKnXXwA9o_ak3g>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:49 GMT
djokovic-jpeg-1641667735-8933-1641667746.jpg
vcdn1-thethao.vnecdn.net/2022/01/09/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-thethao.vnecdn.net/2022/01/09/djokovic-jpeg-1641667735-8933-1641667746.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=t_WcQ-gt9u38VY2bZQTW9A
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
bdfc8159c46abb3d63a9c2599eaf2176c4ef0170902940629700d957cc25e2cc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
x-edge-location
defr
x-cache
HIT, HIT
x-envoy-upstream-service-time
32
content-length
13818
x-shield
active
last-modified
Sat, 08 Jan 2022 18:49:13 GMT
server
keycdn-engine
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://i1-thethao.vnecdn.net/2022/01/09/djokovic-jpeg-1641667735-8933-1641667746.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=t_WcQ-gt9u38VY2bZQTW9A>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
furnaslakebrazil2-1641685983-4380-1641686084.jpg
vcdn1-vnexpress.vnecdn.net/2022/01/09/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-vnexpress.vnecdn.net/2022/01/09/furnaslakebrazil2-1641685983-4380-1641686084.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=IXEEyBEVA1EGYW0ed3UsIQ
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
75768a8bb8162c55400d7595eba3314d9ce100c750e6acdf58f6f99505b66388

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
x-edge-location
defr
x-cache
HIT, HIT
x-envoy-upstream-service-time
41
content-length
30574
x-shield
active
last-modified
Sat, 08 Jan 2022 23:54:51 GMT
server
keycdn-engine
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://i1-vnexpress.vnecdn.net/2022/01/09/furnaslakebrazil2-1641685983-4380-1641686084.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=IXEEyBEVA1EGYW0ed3UsIQ>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
2U3B4LQROFPSVD2XA762TIL4EY-164-4738-2977-1641619319.jpg
vcdn1-vnexpress.vnecdn.net/2022/01/08/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-vnexpress.vnecdn.net/2022/01/08/2U3B4LQROFPSVD2XA762TIL4EY-164-4738-2977-1641619319.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=B2ED-xqlceau4DexhPFpUg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
131ce7ab02169dfcd1692aa7e0e966a287efb21a0cf69e6bfafb991b5f3c0c84

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
x-edge-location
defr
x-cache
HIT, HIT
x-envoy-upstream-service-time
33
content-length
55949
x-shield
active
last-modified
Sat, 08 Jan 2022 05:22:06 GMT
server
keycdn-engine
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://i1-vnexpress.vnecdn.net/2022/01/08/2U3B4LQROFPSVD2XA762TIL4EY-164-4738-2977-1641619319.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=B2ED-xqlceau4DexhPFpUg>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
a4-6061-1607605862-6461-164154-8205-8440-1641676051.jpg
vcdn1-giadinh.vnecdn.net/2022/01/09/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-giadinh.vnecdn.net/2022/01/09/a4-6061-1607605862-6461-164154-8205-8440-1641676051.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=aOVZoT6U6N6OWDlGTB2VIw
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5068333f48c5c362b06d11ef205aeb375dd381374508a886ef91a4fb782beea4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:49 GMT
x-edge-location
defr
x-cache
HIT, HIT
x-envoy-upstream-service-time
22
content-length
19307
x-shield
active
last-modified
Sat, 08 Jan 2022 21:07:35 GMT
server
keycdn-engine
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://i1-giadinh.vnecdn.net/2022/01/09/a4-6061-1607605862-6461-164154-8205-8440-1641676051.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=aOVZoT6U6N6OWDlGTB2VIw>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:49 GMT
NewProject19-1641680382-3281-1641680636.jpg
vcdn1-thethao.vnecdn.net/2022/01/09/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-thethao.vnecdn.net/2022/01/09/NewProject19-1641680382-3281-1641680636.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=7ZmkbIFCYCMG8EELK4Pwtw
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
ecce53a5cb5d1e6096c2a947036eaf2783eafa94bebe62101d43873c50a5091f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
x-edge-location
defr
x-cache
HIT, HIT
x-envoy-upstream-service-time
33
content-length
47820
x-shield
active
last-modified
Sat, 08 Jan 2022 22:24:03 GMT
server
keycdn-engine
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://i1-thethao.vnecdn.net/2022/01/09/NewProject19-1641680382-3281-1641680636.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=7ZmkbIFCYCMG8EELK4Pwtw>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
video.lib.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v2/helper/vod/ 		461 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v2/helper/vod/video.lib.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
765afd4fecb7007452c0ca77ea09b9c06da6b5ca5717025d7fd3ade66affb18d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Thu, 06 May 2021 01:24:27 GMT
server
keycdn-engine
etag
W/"6093454b-73376"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v2/helper/vod/video.lib.js>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
covid.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/widget/ 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/widget/covid.js
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/blocks/site/1000000.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
dba05ea6b33731e31b92093b3834a81ee17c9451af684b07f362706a714d086c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Fri, 07 Jan 2022 10:12:20 GMT
server
keycdn-engine
etag
W/"61d81204-bb29"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/widget/covid.js>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
home
vnexpress.net/microservice/ 		418 KB
68 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vnexpress.net/microservice/home
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/blocks/site/1000000.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.250.2 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
877whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash
6acd6dac0a641eb4f928fc909199694c26593cb36f37d3271a7928faf8a92749
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
877whgldd10bf7c7468e873e79ba2ad139
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=60, no-cache
x-xss-protection
1; mode=block
v-cache
VNE4
th
gw.vnexpress.net/ 		49 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gw.vnexpress.net/th?types=gia_vang_v2,ty_gia_vcb,data_shop_v2_home_vne_160,data_egift,data_shop_v2_home,rao_vat_v2,ewiki,bank_rate_offline,bank_rate_online
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/blocks/site/1000000.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.148.132.75 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-ams_global_139_54 /
Resource Hash
c3ce68e93681c6d2b8f00bd22f56eb7e42390dcc263d289fdafa470b5ba233e2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:49 GMT
content-encoding
gzip
server
FPT-ams_global_139_54
x-kong-server
kong_api_139_55
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
via
kong/1.2.1
fixture
gw.vnexpress.net/football/ 		1 MB
62 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gw.vnexpress.net/football/fixture?league_id=3431,3456,3506,3510,3513,3576,3632,
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/blocks/site/1000000.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.148.132.75 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-ams_global_139_54 /
Resource Hash
19d5e28429abd18e9ff50cc8094752148e0792d8d6d61a0ef636af5a43c27296

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:49 GMT
content-encoding
gzip
server
FPT-ams_global_139_54
x-kong-server
kong_api_139_55
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
via
kong/1.2.1
4245034
vnexpress.net/microservice/getconsultants/aid/ 		21 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vnexpress.net/microservice/getconsultants/aid/4245034
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/blocks/site/1000000.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.250.2 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
877whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash
ad565e2f8e21ff4525bdccc71754b1b648bb8cc8af075e7e6c39a1091a045cb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
877whgldd10bf7c7468e873e79ba2ad139
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=60, no-cache
x-xss-protection
1; mode=block
v-cache
VNE4
/
usi-saas.vnexpress.net/widget/index/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usi-saas.vnexpress.net/widget/index/?cid=4413905-1;4413829-1;4413733-1;4413728-1;4413912-1;4413908-1;4413479-1;4413919-1;4413926-1;4413662-1;4413403-1;4413921-1;4407851-1;4413928-1;4413525-1;4413883-1;4413904-1;4413843-1;4413835-1;4413791-1;4413657-1;4413747-1;4413858-1;4413854-1;4413828-1;4413841-1;4413773-1&
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/usi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.248.197 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
10077inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash
3db5e1dcb72170045dda5facfd0bd30c250e8fe5a8af24d7b9d0857c2bb28ec0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:50 GMT
cache-control
max-age=30
last-modified
Sun, 09 Jan 2022 01:35:43 GMT
server
10077inhcdd10bf7c7468e873e79ba2ad134
etag
"T6NHF0pjDuXwCer28NBIbQ=="
content-length
1277
content-type
text/javascript; charset=utf-8
myvne_users_redesign.js
s1cdn.vnecdn.net/myvne/j/v39/ 		54 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/myvne/j/v39/myvne_users_redesign.js
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/modules/home.defer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
12d1593f964495e00918aecf80797b71bf873d4586ee9701fe947840e52b980e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Thu, 06 Jan 2022 09:20:21 GMT
server
keycdn-engine
etag
W/"61d6b455-d876"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/myvne/j/v39/myvne_users_redesign.js>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
e5d5637e-fb4b-4333-97cc-8c5b317b4c0b
https://vnexpress.net/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://vnexpress.net/e5d5637e-fb4b-4333-97cc-8c5b317b4c0b
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
box-covid-2021.css
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/helper/interactions/covid/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/helper/interactions/covid/css/box-covid-2021.css
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/widget/covid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5e93dd31ec4880cad2911b0980e3b1a6e98dedc059f32351df363569f7b6c057

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Fri, 07 Jan 2022 10:12:20 GMT
server
keycdn-engine
etag
W/"61d81204-60ba"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v3/helper/interactions/covid/css/box-covid-2021.css>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
covid19_2021_by_location
vnexpress.net/microservice/sheet/type/ 		74 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vnexpress.net/microservice/sheet/type/covid19_2021_by_location
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/widget/covid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.250.2 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
877whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash
8f74d59a2aa95f605cfd9c544fab5756d37dbc3dd77facf19aada9111ad8c31d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
877whgldd10bf7c7468e873e79ba2ad139
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=60, no-cache
x-xss-protection
1; mode=block
v-cache
VNE4
covid19_2021_by_day
vnexpress.net/microservice/sheet/type/ 		131 KB
29 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vnexpress.net/microservice/sheet/type/covid19_2021_by_day
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/widget/covid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.250.2 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
877whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash
f92ab0cdaf056935d8f01176f142f6900f43291805ffa9dff8476ea71f9d66ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
877whgldd10bf7c7468e873e79ba2ad139
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=60, no-cache
v-type
1
x-xss-protection
1; mode=block
v-cache
VNE4
covid19_daily_deaths
vnexpress.net/microservice/sheet/type/ 		163 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vnexpress.net/microservice/sheet/type/covid19_daily_deaths
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/widget/covid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.250.2 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
877whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash
ee225ac83d083a3c2b7112c8ef5dab7a91d61be8b14a13fad85519af2c510b55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
877whgldd10bf7c7468e873e79ba2ad139
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=60, no-cache
v-type
1
x-xss-protection
1; mode=block
v-cache
VNE4
vaccine_data_vietnam
vnexpress.net/microservice/sheet/type/ 		57 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vnexpress.net/microservice/sheet/type/vaccine_data_vietnam
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/widget/covid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.250.2 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
877whgldd10bf7c7468e873e79ba2ad139 /
Resource Hash
f2e171aab5b7ab6e474654c08c82633a31754458bfaf1179d9c849fbc8c53ca8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
877whgldd10bf7c7468e873e79ba2ad139
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=60, no-cache
x-xss-protection
1; mode=block
v-cache
VNE4
jquery.magnific-popup.js
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.js
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/myvne/j/v39/myvne_users_redesign.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c24ed0313cd813b049be4a3d06ccb03f34662b3842b4840a4ee37afc1f6c466c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7671825
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10834
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed4-a302"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGSRh8pAkZEgJRE48ju35u9yT5KZliLfuQJuBk3pycsuDc6t7IyTQ1d%2FwtcA%2FHwdMTFxEvm%2FAqPNjlLvSLs1SCv8LVILrGXWcU4iyS7URadt9WfxGI2%2BU3vLHWtkBgdSpfrFAX%2BUkGD92TkkllN4AN5i"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ca9ee59aedef3e3-LHR
expires
Fri, 30 Dec 2022 01:35:48 GMT
client
accounts.google.com/gsi/ 		183 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/myvne/j/v39/myvne_users_redesign.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22425393095a61f02cf64debbd429a4ec0be67a471cc1e1d3a118e9e5d8c5813
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jxNGLE5j4LW9jj2GL1KpiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-jxNGLE5j4LW9jj2GL1KpiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/cspreport
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"
expires
Sun, 09 Jan 2022 01:35:49 GMT
jquery.magnific-popup.min.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/libs/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/libs/jquery.magnific-popup.min.js
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/myvne/j/v39/myvne_users_redesign.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Thu, 06 May 2021 01:24:31 GMT
server
keycdn-engine
etag
W/"6093454f-4ef8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/libs/jquery.magnific-popup.min.js>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
myvne_2019.css
s1cdn.vnecdn.net/myvne/c/v39/ls/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/myvne/c/v39/ls/myvne_2019.css
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/modules/home.defer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
26347690a42de76f183305c56c8d2544d67a6a70defc5a86164953528e306fb4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Wed, 09 Jun 2021 02:20:03 GMT
server
keycdn-engine
etag
W/"60c02553-2e60"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/myvne/c/v39/ls/myvne_2019.css>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
icon-eclick.svg
s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/images/graphics/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/images/graphics/icon-eclick.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 01:23:00 GMT
server
keycdn-engine
link
<http://s1.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/images/graphics/icon-eclick.svg>; rel="canonical"
x-edge-location
defr
etag
W/"609344f4-757"
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
x-shield
active
expires
Mon, 09 Jan 2023 07:24:48 GMT
logo_vlight.svg
s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/images/graphics/ 		336 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/images/graphics/logo_vlight.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
36e0da38b4885b0249cd30778554ee901769ed1b7469bd3f6d35b40a17219fd0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
x-edge-location
defr
x-cache
HIT, HIT
content-length
336
x-shield
active
last-modified
Wed, 22 Sep 2021 07:54:47 GMT
server
keycdn-engine
etag
"614ae147-150"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://s1.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/images/graphics/logo_vlight.svg>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
Download_Huawei.png
s1cdn.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/Download_Huawei.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
713aa0cabaa57ebe333b3069a6975bd48987b8f3d1fe7da9f5fd52b5b626b017

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
x-edge-location
defr
x-cache
HIT, HIT
content-length
7185
x-shield
active
last-modified
Thu, 06 May 2021 01:23:20 GMT
server
keycdn-engine
etag
"60934508-1c11"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://s1.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/Download_Huawei.png>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
Download_AppStore.png
s1cdn.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/Download_AppStore.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
5a7360ce5db7ebcecb6a673d3a64c46fd55d474486ce305119c9a126bfb26ed7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
x-edge-location
defr
x-cache
HIT, HIT
content-length
4569
x-shield
active
last-modified
Thu, 06 May 2021 01:23:20 GMT
server
keycdn-engine
etag
"60934508-11d9"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://s1.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/Download_AppStore.png>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
Download_PlayStore.png
s1cdn.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/Download_PlayStore.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
8f1310c655588faf022662db268ce663d4e320266162b2f8bc84a687a91232f1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
x-edge-location
defr
x-cache
HIT, HIT
content-length
6936
x-shield
active
last-modified
Thu, 06 May 2021 01:23:20 GMT
server
keycdn-engine
etag
"60934508-1b18"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://s1.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/Download_PlayStore.png>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
qr_app.svg
s1cdn.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/ 		65 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/qr_app.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
1f66620f7dae42af4a6a3d1217e1e15a05090cac7bba5828b69e6d3321e5f924

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 01:23:20 GMT
server
keycdn-engine
link
<http://s1.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/qr_app.svg>; rel="canonical"
x-edge-location
defr
etag
W/"60934508-104d3"
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
x-shield
active
expires
Mon, 09 Jan 2023 07:24:48 GMT
qr_app_en.svg
s1cdn.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/ 		68 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/qr_app_en.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aca4f78f6565cf5c888ff9101625789895680f616dd9c2daf62f8396c54a5152

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 01:23:20 GMT
server
keycdn-engine
link
<http://s1.vnecdn.net/vnexpress/restruct/i/v518/v2_2019/pc/graphics/qr_app_en.svg>; rel="canonical"
x-edge-location
defr
etag
W/"60934508-1110a"
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
x-shield
active
expires
Mon, 09 Jan 2023 07:24:48 GMT
icon-eclick.svg
s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/images/graphics/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/images/graphics/icon-eclick.svg
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/general-file.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/general-file.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 01:23:00 GMT
server
keycdn-engine
link
<http://s1.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/images/graphics/icon-eclick.svg>; rel="canonical"
x-edge-location
defr
etag
W/"609344f4-757"
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
x-shield
active
expires
Mon, 09 Jan 2023 07:24:48 GMT
logo_vlight.svg
s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/images/graphics/ 		336 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/images/graphics/logo_vlight.svg
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/general-file.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
36e0da38b4885b0249cd30778554ee901769ed1b7469bd3f6d35b40a17219fd0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s1cdn.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/general-file.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
x-edge-location
defr
x-cache
HIT, HIT
content-length
336
x-shield
active
last-modified
Wed, 22 Sep 2021 07:54:47 GMT
server
keycdn-engine
etag
"614ae147-150"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://s1.vnecdn.net/vnexpress/restruct/c/v1007/v2_2019/pc/images/graphics/logo_vlight.svg>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
adsbyeclick.js
scdn.eclick.vn/delivery/asset/328045369/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scdn.eclick.vn/delivery/asset/328045369/adsbyeclick.js
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/eclick.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
a9f282cc3f6609997b455eb886a43d098b81c9cf0478e284f3fdf1df0f584931

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
last-modified
Thu, 23 Dec 2021 02:34:37 GMT
server
keycdn-engine
link
<http://s.eclick.vn/delivery/asset/328045369/adsbyeclick.js>; rel="canonical"
x-edge-location
defr
etag
W/"61c3e03d-621f"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-shield
active
expires
Sun, 09 Jan 2022 02:35:48 GMT
/
usi-saas.vnexpress.net/widget/index/ 		948 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usi-saas.vnexpress.net/widget/index/?cid=4413759-1;4412396-1;4413448-1;4413779-1;4413751-1;4413929-1;4413927-1;4413911-1;4413920-1;4413922-1;4412152-3;4412906-1;4413792-3;4413249-3;4413698-1;4413895-1;4413858-1;4413499-1;4412486-1;4413745-1&
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/usi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.248.197 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
10077inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash
e0d6303562cdf510524eecf2e39431c0e15800ab6ef20b116ee974b2606baf96

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:50 GMT
cache-control
max-age=30
last-modified
Sun, 09 Jan 2022 01:35:43 GMT
server
10077inhcdd10bf7c7468e873e79ba2ad134
etag
"zvO/MCd8alPlg7DCgSyWdA=="
content-length
948
content-type
text/javascript; charset=utf-8
e-cooking.svg
s1cdn.vnecdn.net/vnexpress/restruct/i/v518/cooking/pc/graphics/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/i/v518/cooking/pc/graphics/e-cooking.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
58c1655edec242ddc2a55d055b02bb32f38b9d1b5bf139d3c050443a05213533

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 02:34:10 GMT
server
keycdn-engine
link
<http://s1.vnecdn.net/vnexpress/restruct/i/v518/cooking/pc/graphics/e-cooking.svg>; rel="canonical"
x-edge-location
defr
etag
W/"60e512a2-13e9"
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
x-shield
active
expires
Mon, 09 Jan 2023 07:24:48 GMT
syncuser
adp.vnecdn.net/ 		110 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adp.vnecdn.net/syncuser?fosp_aid=0c4k3lhxtzag0cpl.1641692148.des&orig_aid=0c4k3lhxtzag0cpl.1641692148.des&myvne_user_id=0
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1274/eclick/ea3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.225 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
dbdc1ca1234084664d9c637a4db4faa0477468b728b41fa1fd21e83d4d1606a5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 09 Jan 2022 08:35:49 GMT
Server
nginx/1.12.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://vnexpress.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
device_model_min.js
la2.vnecdn.net/static/ 		614 KB
614 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://la2.vnecdn.net/static/device_model_min.js
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1274/eclick/ea3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
180.148.132.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FT /
Resource Hash
c9d8c7dcab8308ee345a4cfbe7d52daa42865bf345de17bdb8e89b6450cbaddb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:50 GMT
Last-Modified
Thu, 01 Jul 2021 18:25:29 GMT
Server
FT
ETag
"60de0899-997a5"
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
628645
Expires
Sun, 09 Jan 2022 01:50:50 GMT
get
la.vnecdn.net/ 		261 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://la.vnecdn.net/get?action_name=vnexpress.net%2FVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&idsite=6&rec=1&r=181558&h=1&m=35&s=48&url=https%3A%2F%2Fvnexpress.net%2F&urlref=https%3A%2F%2Fvnexpress.net%2F&_id=f86e4c8d78d892fd&_idts=1641692149&_idvc=1&_idn=1&_refts=0&_viewts=1641692149&cvar=%7B%222%22%3A%5B%22tt_category_id%22%2C%221000000%22%5D%2C%223%22%3A%5B%22tt_article_id%22%2C%221000000%22%5D%2C%226%22%3A%5B%22keyword%22%2C%22VnExpress%2C%20tin%20t%E1%BB%A9c%2C%20tin%20the%20gioi%2C%20tin%20nhanh%2C%20tin%20tuc%20viet%20nam%2C%20doc%20bao%20VnExpress%20tin%20t%E1%BB%A9c%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20-%20Th%C3%B4ng%20tin%20nhanh%20%26%20ch%C3%ADnh%20x%C3%A1c%20%C4%91%C6%B0%E1%BB%A3c%20c%E1%BA%ADp%20nh%E1%BA%ADt%20h%C3%A0ng%20gi%E1%BB%9D.%20%C4%90%E1%BB%8Dc%20b%C3%A1o%20tin%20t%E1%BB%A9c%20online%20Vi%E1%BB%87t%20Nam%20%26%20Th%E1%BA%BF%20gi%E1%BB%9Bi%20n%C3%B3ng%20%22%5D%7D&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&_cvar=%7B%224%22%3A%5B%22fosp_aid%22%2C%22null%22%5D%2C%225%22%3A%5B%22CPMS_LOG%22%2C%22null%22%5D%2C%227%22%3A%5B%22fosp_aid_bk%22%2C%220c4k3lhxtzag0cpl.1641692148.des%22%5D%7D&gt_ms=509&fosp_id=null
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1274/eclick/ea3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
180.148.141.233 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
/
Resource Hash
b7ba116e26726a9e294d974c8f9e8b8e8a795ca792a4ec7e5e40f133f727ae09

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/javascript
Content-Length
261
P3P
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE IND PHY ONL COM NAV OTC NOI DSP COR IDC'
iplookup
g.eclick.vn/ 		288 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.eclick.vn/iplookup
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1274/eclick/ea3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.224 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
a71dbe9204573bf9cc60a9ccc52e007afd06efbed70525b8550b2df599248bf4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx/1.12.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://vnexpress.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
fopt.js
adp.vnecdn.net/ 		139 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adp.vnecdn.net/fopt.js?aid=0c4k3lhxtzag0cpl.1641692148.des
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1274/eclick/ea3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.225 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
dca99a88ee38089f3e3c181d0d93a980c03bbca7f0d5e6b1784d7ccefba29de8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 09 Jan 2022 08:35:49 GMT
Server
nginx/1.12.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=7200, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Expires
Sun, 09 Jan 2022 11:35:49 GMT
bad.js
s.eclick.vn/ 		17 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eclick.vn/bad.js
Requested by
Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1274/eclick/ea3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.130 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-static_eclick_141_36 /
Resource Hash
ed4ef2139cd317225ee317868a334ddb6218915eeb808fa9d8017ab6e9dbabdc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
last-modified
Sun, 09 Aug 2020 14:01:42 GMT
server
FPT-static_eclick_141_36
etag
W/"5f3001c6-11"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
expires
Mon, 10 Jan 2022 01:35:48 GMT
get
la2.vnecdn.net/ 		0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://la2.vnecdn.net/get?app_id=100&ss_id=4234516&pg_id=0aa260e0f5b385085ded837a3667b49c&site_id=1000000&page_type=1&idsite=1000000&type=site&fid=1000000&show_id=&aid=1000000&fosp_aid=0c4k3lhxtzag0cpl.1641692148.des&orig_aid=0c4k3lhxtzag0cpl.1641692148.des&fosp_country=null&fosp_gender=null&fosp_ip=null&fosp_isp=null&fosp_zone=null&fosp_location=null&adblock=0&myvne_user_id=0&referrer=https%3A%2F%2Fvnexpress.net%2F&url=https%3A%2F%2Fvnexpress.net%2F&publication=&author=&article_type=&wordcount=&list_folder=1000000&vn_aid=&vn_source=&vn_medium=&vn_campaign=&vn_term=&vn_content=&utm_source=&utm_medium=&utm_campaign=&utm_term=&utm_content=&index_topic=0&index_format=0&index_type=&dm=&r=0.11625673412553916&v=0813&action=pv
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
180.148.132.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FT /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 09 Jan 2022 01:35:50 GMT
Cache-Control
no-cache
Server
FT
Connection
keep-alive
Expires
Sun, 09 Jan 2022 01:35:49 GMT
DJI-0165-7451-1641615126.jpg
vcdn1-kinhdoanh.vnecdn.net/2022/01/08/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-kinhdoanh.vnecdn.net/2022/01/08/DJI-0165-7451-1641615126.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=dyAM3THbcC7T-hvSPcXb6A
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
e3ebbd72dc5a64020eebe20eb1e0cdb6942e65cc16c508dbb093ad24642253b3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:49 GMT
x-edge-location
defr
x-cache
HIT, HIT
x-envoy-upstream-service-time
259
content-length
73719
x-shield
active
last-modified
Sat, 08 Jan 2022 04:12:18 GMT
server
keycdn-engine
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://i1-kinhdoanh.vnecdn.net/2022/01/08/DJI-0165-7451-1641615126.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=dyAM3THbcC7T-hvSPcXb6A>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:49 GMT
real-madrid-jpeg-1641685802-3617-1641685844.jpg
vcdn1-thethao.vnecdn.net/2022/01/09/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-thethao.vnecdn.net/2022/01/09/real-madrid-jpeg-1641685802-3617-1641685844.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=frPh7limcRQ33UtSr-kO5A
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
ddd1f79e84456dddc8cfb150f3fd8a1517d225e60c4466c9cba261f082ba5c94

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
x-edge-location
defr
x-cache
HIT, HIT
x-envoy-upstream-service-time
29
content-length
51090
x-shield
active
last-modified
Sat, 08 Jan 2022 23:50:48 GMT
server
keycdn-engine
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://i1-thethao.vnecdn.net/2022/01/09/real-madrid-jpeg-1641685802-3617-1641685844.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=frPh7limcRQ33UtSr-kO5A>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
img-0089-1641637538-1641637552.png
vcdn1-giaitri.vnecdn.net/2022/01/08/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn1-giaitri.vnecdn.net/2022/01/08/img-0089-1641637538-1641637552.png?w=380&h=228&q=100&dpr=1&fit=crop&s=bbqMa3bt76agPoR0Gy-6Tg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
352f527606896b074d27bade73ab90f352c835345384728abf5207ef5f376a4b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:49 GMT
x-edge-location
defr
x-cache
HIT, HIT
x-envoy-upstream-service-time
943
content-length
86496
x-shield
active
last-modified
Sat, 08 Jan 2022 10:26:43 GMT
server
keycdn-engine
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://i1-giaitri.vnecdn.net/2022/01/08/img-0089-1641637538-1641637552.png?w=380&h=228&q=100&dpr=1&fit=crop&s=bbqMa3bt76agPoR0Gy-6Tg>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:49 GMT
swiper.min.js
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/libs/ 		122 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/libs/swiper.min.js
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/widget/covid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
ca2e313c4d7f075f05e0175473fd193d50b280a0e45677d9e431782a6588a8f5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
x-edge-location
defr
x-cache
HIT, HIT
x-shield
active
last-modified
Thu, 06 May 2021 01:24:31 GMT
server
keycdn-engine
etag
W/"6093454f-1e949"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/libs/swiper.min.js>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
get_basic
gw.vnexpress.net/ar/ 		103 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.vnexpress.net/ar/get_basic?article_id=4231640&data_select=publish_time
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/widget/covid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.148.132.75 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-ams_global_139_54 /
Resource Hash
1f4ee3ed255e8b3a7fe57f83d12f14107b8d6f83011c776d77a8b6fae3912391

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:49 GMT
content-encoding
gzip
server
FPT-ams_global_139_54
x-kong-server
kong_api_139_55
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
via
kong/1.2.1
get_rule_2
gw.vnexpress.net/ar/ 		708 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.vnexpress.net/ar/get_rule_2?category_id=1005023&limit=3&page=1&&data_select=title,share_url
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/widget/covid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.148.132.75 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-ams_global_139_54 /
Resource Hash
fcbcb21e1a60ef25b4cabb68547bab840d50ef0ffcf6b8680d1a90081648737f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:49 GMT
content-encoding
gzip
server
FPT-ams_global_139_54
x-kong-server
kong_api_139_55
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
via
kong/1.2.1
dotted.svg
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/helper/interactions/covid/images/graphics/ 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/helper/interactions/covid/images/graphics/dotted.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c541888c9497913d5428327a0bc0886290a263284bb7e11d1bcee7733be15304

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:48 GMT
x-edge-location
defr
x-cache
HIT, HIT
content-length
771
x-shield
active
last-modified
Mon, 27 Sep 2021 03:26:56 GMT
server
keycdn-engine
etag
"61513a00-303"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v3/helper/interactions/covid/images/graphics/dotted.svg>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:48 GMT
eclookup.html
g.eclick.vn/delivery/ Frame 3FEB 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g.eclick.vn/delivery/eclookup.html?fosp_aid=0c4k3lhxtzag0cpl.1641692148.des&orig_aid=0c4k3lhxtzag0cpl.1641692148.des&myvne_user_id=0
Requested by
Host: scdn.eclick.vn
URL: https://scdn.eclick.vn/delivery/asset/328045369/adsbyeclick.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.224 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
c4d10214d66669b2cc88ea8affa688376b10bce29d513a0401f4e44b3b187710

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

Server
nginx/1.12.2
Date
Sun, 09 Jan 2022 01:35:49 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
sync_retar.html
s.eclick.vn/delivery/ Frame 30DA 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.eclick.vn/delivery/sync_retar.html
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.130 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-static_eclick_141_36 /
Resource Hash
faf26da8f02338afdb69220c7abfe43a28d02680cdca0d7c50a7d08d4a309572

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

date
Sun, 09 Jan 2022 01:35:49 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Mon, 30 Aug 2021 06:37:54 GMT
etag
W/"612c7cc2-127c"
expires
Mon, 10 Jan 2022 01:35:49 GMT
cache-control
max-age=86400
server
FPT-static_eclick_141_36
content-encoding
gzip
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:50 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:49 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		18 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.5.0&cb=3663696194
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Jan 2022 01:35:48 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
hb
cpm.unibots.in/ 		0
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.unibots.in/hb?zone=148094&v=1.6
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:49 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
0
prebid
ib.adnxs.com/ut/v3/ 		91 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
23d8d2b1e410c2c805de36cd3970bdf3c91718a71ae3e5ca29a017365274b367
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 09 Jan 2022 01:35:49 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
82.199.130.40; 82.199.130.40; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
602e5805-7c47-4fe8-a580-a88c8dae3ef6
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5
  • https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=79b889e9-70ec-11ec-a818-1a7cb9e30406
0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=79b889e9-70ec-11ec-a818-1a7cb9e30406
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Sun, 09 Jan 2022 01:35:49 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
76
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sun, 09 Jan 2022 01:35:49 GMT
Server
nginx
Location
/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=79b889e9-70ec-11ec-a818-1a7cb9e30406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
22
Connection
keep-alive
Content-Length
0
style
accounts.google.com/gsi/ 		658 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.fxvjQx0JT_k.O/am=4iI/d=1/rs=AF0KOtUCngnykR-SPm5-NrWeb-JZpa_olA/m=gis_client_library
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98089a1caaeab7cde0df23540e16fb5e3fe46c07819c23fb63c0854a64381260
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uH5xhvPzMIpvJxMsRD9dIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-uH5xhvPzMIpvJxMsRD9dIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/cspreport
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"
expires
Sun, 09 Jan 2022 01:35:49 GMT
sync_user
octopus-stream01-cads.fpt.vn/analytics/ 		51 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=6d2ec573-3fdc-44d6-9a22-e69d85ff7d5f
Requested by
Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.55.119.42 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software
nginx /
Resource Hash
0451d35fb7064408e50d3d922d9a9429e0eef70eea7af65463c444991438837f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:50 GMT
access-control-allow-credentials
true
server
nginx
content-length
51
content-type
application/json
sync_user
octopus-stream01-cads.fpt.vn/analytics/ 		51 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://octopus-stream01-cads.fpt.vn/analytics/sync_user?fpt_uuid=6d2ec573-3fdc-44d6-9a22-e69d85ff7d5f
Requested by
Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.55.119.42 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software
nginx /
Resource Hash
0451d35fb7064408e50d3d922d9a9429e0eef70eea7af65463c444991438837f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:50 GMT
access-control-allow-credentials
true
server
nginx
content-length
51
content-type
application/json
p
octopus-stream01-cads.fpt.vn/analytics/ 		17 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://octopus-stream01-cads.fpt.vn/analytics/p
Requested by
Host: octopus-stream01-cads.fpt.vn
URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.55.119.42 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software
nginx /
Resource Hash
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 09 Jan 2022 01:35:50 GMT
server
nginx
content-type
application/octet-stream
noun_heal.svg
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/helper/interactions/covid/images/graphics/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/helper/interactions/covid/images/graphics/noun_heal.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
9fef10f19ecd21e2bd95af1dd2dd525fc8f1fcbca16328dba520672d7f0f3ec3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:50 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 03:26:56 GMT
server
keycdn-engine
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v3/helper/interactions/covid/images/graphics/noun_heal.svg>; rel="canonical"
x-edge-location
defr
etag
W/"61513a00-745"
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
x-shield
active
expires
Mon, 09 Jan 2023 07:24:50 GMT
help.svg
s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/helper/interactions/covid/images/graphics/ 		827 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/helper/interactions/covid/images/graphics/help.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c08cce165711c7d45255dee5fa18185b0ac36b0a19ba14629f9e67c192a2fe3a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:50 GMT
x-edge-location
defr
x-cache
HIT, HIT
content-length
827
x-shield
active
last-modified
Mon, 27 Sep 2021 03:26:56 GMT
server
keycdn-engine
etag
"61513a00-33b"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://s1.vnecdn.net/vnexpress/restruct/j/v2778/v3/helper/interactions/covid/images/graphics/help.svg>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:50 GMT
ebox_560x160.jpg
s1cdn.vnecdn.net/vnexpress/restruct/i/v518/banner/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/i/v518/banner/ebox_560x160.jpg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
728e5ff5171dc4de2704cb4d7288ee83533f2d0ee13407059bbae9b3b8a57403

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:50 GMT
x-edge-location
defr
x-cache
HIT, HIT
content-length
86917
x-shield
active
last-modified
Tue, 21 Dec 2021 05:01:43 GMT
server
keycdn-engine
etag
"61c15fb7-15385"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://s1.vnecdn.net/vnexpress/restruct/i/v518/banner/ebox_560x160.jpg>; rel="canonical"
expires
Mon, 09 Jan 2023 07:24:50 GMT
logo-startup.svg
s1cdn.vnecdn.net/vnexpress/restruct/i/v518/banner/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/i/v518/banner/logo-startup.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
aaed9e48c2425016dab5bf1d7220b2553620bbd1beb6f8f662e1606901518652

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:50 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 03:46:49 GMT
server
keycdn-engine
link
<http://s1.vnecdn.net/vnexpress/restruct/i/v518/banner/logo-startup.svg>; rel="canonical"
x-edge-location
defr
etag
W/"60d00ba9-16f2"
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
x-shield
active
expires
Mon, 09 Jan 2023 07:24:50 GMT
logo-vhome.svg
s1cdn.vnecdn.net/vnexpress/restruct/i/v518/banner/ 		44 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1cdn.vnecdn.net/vnexpress/restruct/i/v518/banner/logo-vhome.svg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f01892dc1842a40a7451343fe3b46c61a74e661dfb6404ceac6d7453bd8116ac

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:50 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 03:46:49 GMT
server
keycdn-engine
link
<http://s1.vnecdn.net/vnexpress/restruct/i/v518/banner/logo-vhome.svg>; rel="canonical"
x-edge-location
defr
etag
W/"60d00ba9-aeac"
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556940
access-control-allow-credentials
true
x-shield
active
expires
Mon, 09 Jan 2023 07:24:50 GMT
publishertag.prebid.116.js
static.criteo.net/js/ld/ 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.116.js
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:50 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:13 GMT
server
nginx
etag
W/"618cb9a1-14b33"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 10 Jan 2022 01:35:50 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		98 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1481193655214018&correlator=874531523966759&output=ldjh&impl=fifs&eid=31060437%2C31063820%2C31063942%2C31063978&vrg=2022010405&ptt=17&sc=1&sfv=1-0-38&ecs=20220109&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CMasthead%2CHome%2CLarge1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F5%2F4&prev_iu_szs=320x50%7C1x1%7C728x90%7C900x225%7C970x250%7C1200x150%7C1800x180%7C1920x270%2C320x50%7C1x1%7C300x500%7C300x450&fluid=height%2Cheight&prev_scp=hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D523e00e9e16b19b%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.00%26hb_adid%3D523e00e9e16b19b%26hb_bidder%3Dappnexus%7Chb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D5346f4b69044806%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.00%26hb_adid%3D5346f4b69044806%26hb_bidder%3Dappnexus&eri=1&cust_params=article_type%3D1%26article%3D1000000%26category%3D1000000%26cpd%3D7%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dnone&cookie_enabled=1&bc=31&abxe=1&lmt=1641692150&dt=1641692150409&dlt=1641692147458&idt=773&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C1050&adys=-9%2C392&adks=1832943895%2C1680299014&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvnexpress.net%2F&ref=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C300x0&msz=0x-1%7C300x0&ga_vid=1608223899.1641692148&ga_sid=1641692150&ga_hid=1450268577&ga_fc=true&ga_cid=1499767020.1641692148&fws=2%2C4&ohw=0%2C300&btvi=-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
974b5e57829ebe7517f2d8e644944e6a0c9a6a41caac0b4757af046796fca1a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25928
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2579 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 09 Jan 2022 01:35:50 GMT
expires
Mon, 09 Jan 2023 01:35:50 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1481193655214018&correlator=2517503964063523&output=ldjh&impl=fifs&eid=31060437%2C31063820%2C31063942%2C31063978&vrg=2022010405&ptt=17&sc=1&sfv=1-0-38&ecs=20220109&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CLarge2%2CHome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C300x250%7C300x300%7C300x500%7C300x540%7C300x600&fluid=height&eri=1&cust_params=article_type%3D1%26article%3D1000000%26category%3D1000000%26cpd%3D7%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dnone&cookie_enabled=1&bc=31&abxe=1&lmt=1641692150&dt=1641692150431&dlt=1641692147458&idt=773&frm=20&biw=1600&bih=1200&oid=2&adxs=1010&adys=3932&adks=4260787118&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvnexpress.net%2F&ref=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x0&msz=340x250&ga_vid=1608223899.1641692148&ga_sid=1641692150&ga_hid=1450268577&ga_fc=true&ga_cid=1499767020.1641692148&fws=516&ohw=340&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
6c806ff0c2c266919331226af5f7f8817a55db94135e4d9c6eb5233b5479c0fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
174966
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11585
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
340654
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1481193655214018&correlator=1415394741147125&output=ldjh&impl=fifs&eid=31060437%2C31063820%2C31063942%2C31063978&vrg=2022010405&ptt=17&sc=1&sfv=1-0-38&ecs=20220109&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CRichmedia%2CHome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1&fluid=height&eri=1&cust_params=article_type%3D1%26article%3D1000000%26category%3D1000000%26cpd%3D7%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dnone&cookie_enabled=1&bc=31&abxe=1&lmt=1641692150&dt=1641692150434&dlt=1641692147458&idt=773&frm=20&biw=1600&bih=1200&oid=2&adxs=800&adys=4380&adks=3988550624&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvnexpress.net%2F&ref=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&ga_vid=1608223899.1641692148&ga_sid=1641692150&ga_hid=1450268577&ga_fc=true&ga_cid=1499767020.1641692148&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
712968975168b8cbc7ac9f09957bb09151e3342766b19a6f0eeb64c12261aa84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9062
x-xss-protection
0
google-lineitem-id
5632170936
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138341523710
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B3A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAtmBvyKz0YwbdSpE3nv-dRu4BxKlhI9bkV51aiw-PoFosw79Wqv8nQBs3FBhhYOjfb_YrqkEda3ZpM45JNRgOALS5rRMFL_BVWDlEu8GLAhFiE8qeTl3L2NqWtbIQSWxHuTTc1gK2NuMxUrzwp0mNkKMgrS9MRnhzuJ0mCaws5X6kzAP3PIx5ycIEL9GSYnaeg2970X5l4Y_nos4hpURzfjL5FIprAMnNVJ2R0lWGvvnAeoqybflDSr--0TvIV3EFWJRd2Icq2t-rbe4vH8gPQs7o73UHvVZvdKzFLysiHhXKL3Izzgf_TYK00QifvlNTimXN-k70aLfYxvSxLSlgRL4&sai=AMfl-YRbpdMFZR2nHmq0IpweUDmNEwQkwF99micv0WuzgkrSJ4E_L1Jjaz-k_WKiLBYDPSn6_gVVo_fh0L4m-3dVBw2JD25nKBcQ_TzRlT8o_cjv5YIE4iS-1T8DHKHrz4c4&sig=Cg0ArKJSzKuGyAw9PzFFEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 09 Jan 2022 01:35:50 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B3A2 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
d55fbdab3fe95121adf9d97bc21664eed34c7e18630466c2fe980134fcaa6aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27015
x-xss-protection
0
server
sffe
etag
"1096 / 800 of 1000 / last-modified: 1641462274"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 09 Jan 2022 01:35:50 GMT
analytics.js
www.google-analytics.com/ Frame B3A2 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2084
date
Sun, 09 Jan 2022 01:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 09 Jan 2022 03:01:06 GMT
optimizes.js
optimize.urekamedia.com/ Frame B3A2 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optimize.urekamedia.com/optimizes.js?m=1874508&apnx_segment=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.212.217.26 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
nginx/1.21.5 / PHP/5.6.40
Resource Hash
4f38ea14d699d962c55ee1ce85eeac459f2f4756218770110383c293179e8d27

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:51 GMT
Server
nginx/1.21.5
X-Powered-By
PHP/5.6.40
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Expires
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B3A2 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:35:50 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.116.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:50 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:43 GMT
server
nginx
etag
W/"61cc54f3-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 10 Jan 2022 01:35:50 GMT
collect
www.google-analytics.com/j/ Frame B3A2 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=807836465&t=pageview&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1x1&je=0&_u=AACAAEABAAAAAC~&jid=1666975658&gjid=1168128557&cid=1608223899.1641692148&tid=UA-44808995-10&_gid=1499767020.1641692148&_r=1&_slc=1&z=1435653226
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ Frame B3A2 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 09 Jan 2022 01:35:50 GMT
truncated
/ Frame B3A2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6029aeb04639f2f1c95b229ab7b15bb97d5e3d02d1a25cb9b9a33ce335a79bb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
/
usi-saas.vnexpress.net/widget/index/ 		708 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usi-saas.vnexpress.net/widget/index/?cid=4413916-1;4413833-3;4412843-10;4413760-1;4413796-1;4413673-1;4413657-1;4413827-4;4413658-1;4413660-1;4413852-1;4413552-1;4413823-1;4413841-1;4413795-1&
Requested by
Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/usi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.248.197 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
10077inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash
dbf0b31a8fc3efe0a793c47bc87155a4e9ecfa30ba888037c7a52406ec0a4555

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:50 GMT
cache-control
max-age=30
last-modified
Sun, 09 Jan 2022 01:35:42 GMT
server
10077inhcdd10bf7c7468e873e79ba2ad134
etag
"H+wNuTHiJBhTPrpMZO2vkQ=="
content-length
708
content-type
text/javascript; charset=utf-8
541.png
is.vnecdn.net/objects/teams/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/541.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
9a1b10dacb76fa5da43b5c27b466898ba8819e463107544540ecce30737fa68d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:12:44 GMT
etag
"5ffd059c-56ff"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
22271
expires
Tue, 10 Jan 2023 01:35:52 GMT
532.png
is.vnecdn.net/objects/teams/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/532.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
0b0e0e740896849589bc2dee5dcd6bf235afc5df25ce9b69fa4a4c439a6f871e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:13:00 GMT
etag
"5ffd05ac-3622"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
13858
expires
Tue, 10 Jan 2023 01:35:52 GMT
715.png
is.vnecdn.net/objects/teams/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/715.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
74eae7469f8e473db0ac9facc0ae2d5d9ae5d58b2a5d37fc9174014db52b3e9a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:12:47 GMT
etag
"5ffd059f-1cea"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
7402
expires
Tue, 10 Jan 2023 01:35:52 GMT
529.png
is.vnecdn.net/objects/teams/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/529.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
921329187f251f77c4eeaf04ff2f3189cff526837179ccad6b898304fe14e52e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:12:46 GMT
etag
"5ffd059e-3045"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
12357
expires
Tue, 10 Jan 2023 01:35:52 GMT
517.png
is.vnecdn.net/objects/teams/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/517.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
0866b3367e187eb86aa7f9579b0857e51217a7918c2c692178e24ae8e029cddc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Wed, 21 Jul 2021 02:59:56 GMT
etag
"60f78dac-b36d"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
45933
expires
Tue, 10 Jan 2023 01:35:52 GMT
489.png
is.vnecdn.net/objects/teams/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/489.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
dcceb506e62c750ec2bcd05e867bfb452f95f8b6bdbbcf2def1a852316070e5d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:13:59 GMT
etag
"5ffd05e7-315b"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
12635
expires
Tue, 10 Jan 2023 01:35:52 GMT
497.png
is.vnecdn.net/objects/teams/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/497.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
12e06f1d23fe8f22ded1744d57ad7bac5fa202359cfc6a641474adfb1e304634

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:14:00 GMT
etag
"5ffd05e8-3b04"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
15108
expires
Tue, 10 Jan 2023 01:35:52 GMT
496.png
is.vnecdn.net/objects/teams/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/496.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
265922c97de2cd81f57e8771dbebe35d934423afe090f960132cd0483d8d12a8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:14:04 GMT
etag
"5ffd05ec-dd3"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
3539
expires
Tue, 10 Jan 2023 01:35:52 GMT
80.png
is.vnecdn.net/objects/teams/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/80.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
354c7ad368a99b59e813f43035079c19138b4792f0bfff31b08f8271bd198da0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:13:30 GMT
etag
"5ffd05ca-31fe"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
12798
expires
Tue, 10 Jan 2023 01:35:52 GMT
85.png
is.vnecdn.net/objects/teams/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/85.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
ca6329d951be61f37f8e1267de5845600a9640d9a354e018caa32222408e6333

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:13:33 GMT
etag
"5ffd05cd-750a"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
29962
expires
Tue, 10 Jan 2023 01:35:52 GMT
505.png
is.vnecdn.net/objects/teams/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/505.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
fad4494b6752b2c24e0d25b2234ffe7901e317c425e5e50ab6e90002292e2518

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:14:01 GMT
etag
"5ffd05e9-27ea"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
10218
expires
Tue, 10 Jan 2023 01:35:52 GMT
487.png
is.vnecdn.net/objects/teams/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/487.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
9e8fc4c8e13a101ff6dc68c7e9e595e8315aa37cde1fb9d5d515a8fd1247d03f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:13:58 GMT
etag
"5ffd05e6-2225"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
8741
expires
Tue, 10 Jan 2023 01:35:52 GMT
533.png
is.vnecdn.net/objects/teams/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/533.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
b5012a41584b9d2f7a4e842240d4678af6f7f92f3661ef06dcacd35ab674f38b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:12:48 GMT
etag
"5ffd05a0-45a4"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
17828
expires
Tue, 10 Jan 2023 01:35:52 GMT
530.png
is.vnecdn.net/objects/teams/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/530.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
72c24d7d5607ba05f79991c4b2da9e2f46e89cef8ab2f5bc868d64e3f0edefbb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:12:41 GMT
etag
"5ffd0599-1663"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5731
expires
Tue, 10 Jan 2023 01:35:52 GMT
50.png
is.vnecdn.net/objects/teams/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/50.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
090f6609ab46ca56313d8ddf62ef2185fed4846b2271b77f5f5f95af5cda24dc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:12:26 GMT
etag
"5ffd058a-2b70"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
11120
expires
Tue, 10 Jan 2023 01:35:52 GMT
49.png
is.vnecdn.net/objects/teams/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/49.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
a4353df0d45673ae0685be75ad1345ad25b4786d92775932761d45bd21175e47

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:12:27 GMT
etag
"5ffd058b-6d9d"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
28061
expires
Tue, 10 Jan 2023 01:35:52 GMT
192.png
is.vnecdn.net/objects/teams/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/192.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
d0b10a9241e4c086107bfe4ba089a20f6ebb4752539dde021c32207c6f142e84

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:13:24 GMT
etag
"5ffd05c4-3c5a"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
15450
expires
Tue, 10 Jan 2023 01:35:52 GMT
157.png
is.vnecdn.net/objects/teams/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/157.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
fd65871333f32a3f54174f62fb06282f9dcad18926ad1aaf575f8962f17bc7d8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:13:09 GMT
etag
"5ffd05b5-5ff7"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
24567
expires
Tue, 10 Jan 2023 01:35:52 GMT
66.png
is.vnecdn.net/objects/teams/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/66.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
15f20ce5969bfbd5092053b0226a2fbd8bfaaa7fad468338dec0197ef4e73f31

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:12:29 GMT
etag
"5ffd058d-4037"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
16439
expires
Tue, 10 Jan 2023 01:35:52 GMT
33.png
is.vnecdn.net/objects/teams/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/33.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
891522ce75d989b789bf28488295a58d5c0b41c58f2fea9b02529e824a2ad51f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:12:19 GMT
etag
"5ffd0583-80fb"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
33019
expires
Tue, 10 Jan 2023 01:35:52 GMT
494.png
is.vnecdn.net/objects/teams/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/494.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
2a0c48a90cafb94c2ae3394ffaf5da88121c51944bfe6effc35c65f5821d66f8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:14:13 GMT
etag
"5ffd05f5-797a"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
31098
expires
Tue, 10 Jan 2023 01:35:52 GMT
106.png
is.vnecdn.net/objects/teams/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/106.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
97aeeb355690f18f4f8ab092bf45df8e3270ce82231bde26d44c08670273896f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:13:49 GMT
etag
"5ffd05dd-40ef"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
16623
expires
Tue, 10 Jan 2023 01:35:52 GMT
40.png
is.vnecdn.net/objects/teams/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/40.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
73aadd2c014d9748e4ef42aad4b2ad4c89b249d56dda7a6e2a8fc3ccf2b932f8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:12:16 GMT
etag
"5ffd0580-75bc"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
30140
expires
Tue, 10 Jan 2023 01:35:52 GMT
55.png
is.vnecdn.net/objects/teams/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/55.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
48cae4cee758cced25c68bb6d0c4b1907b7a34034eafce848dba45e025f7cd3f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Wed, 21 Jul 2021 02:59:36 GMT
etag
"60f78d98-2a8f"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
10895
expires
Tue, 10 Jan 2023 01:35:52 GMT
47.png
is.vnecdn.net/objects/teams/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/47.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
8e96eb9ef662beb2cf75392ac7a99dd0d7e678a5cdc9aa7c97c81e65181804b3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:12:24 GMT
etag
"5ffd0588-2dd3"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
11731
expires
Tue, 10 Jan 2023 01:35:52 GMT
42.png
is.vnecdn.net/objects/teams/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/42.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
ba273b85e8fe0043c3dad252bf5f782e67e1f2b43c8339f6393e4020cb4b7123

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:12:37 GMT
etag
"5ffd0595-4993"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
18835
expires
Tue, 10 Jan 2023 01:35:52 GMT
499.png
is.vnecdn.net/objects/teams/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is.vnecdn.net/objects/teams/499.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.70 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.edm1.gatemail.vn
Software
/
Resource Hash
d3cec98d819d9286f106a4fc3079874ee7c7f2908a5de51d9722e8a528af05f7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2477casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Tue, 12 Jan 2021 02:14:07 GMT
etag
"5ffd05ef-34c9"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
13513
expires
Tue, 10 Jan 2023 01:35:52 GMT
container.html
163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 75DA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 09 Jan 2022 01:35:50 GMT
expires
Mon, 09 Jan 2023 01:35:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D662 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 09 Jan 2022 01:35:50 GMT
expires
Mon, 09 Jan 2023 01:35:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.co.uk/adsid/ Frame B3A2 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B3A2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame B3A2 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=96276518886897&correlator=2681517795808579&output=ldjh&impl=fif&eid=31063941%2C31063707&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220109&iu_parts=2627062%2CUreka_Supply_ov.vnexpress.net_SliderPC_1x1_230221&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3Dc7019873f4976685-22345c0318cd00a1%3AT%3D1641692150%3AS%3DALNI_MaEb8KfaDuxy-gEoXel_u468xgNUw&cdm=vnexpress.net&bc=31&abxe=1&lmt=1641692150&dt=1641692150915&dlt=1641692150594&idt=307&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=2&adxs=800&adys=4486&adks=2652662923&ucis=qzgepxhauvex&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fvnexpress.net%2F&top=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x1&msz=1x-1&ga_vid=1608223899.1641692148&ga_sid=1641692151&ga_hid=807836465&ga_fc=true&ga_cid=1499767020.1641692148&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
511b6ac8a9f1f7f97844af8e91b27e683efdc643cbeca89f83b2a7bc18f3ff8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8544
x-xss-protection
0
google-lineitem-id
5858027479
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138375043188
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
970bb371e797f506c00881496b4bb0e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 20A1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://970bb371e797f506c00881496b4bb0e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 09 Jan 2022 01:35:50 GMT
expires
Mon, 09 Jan 2023 01:35:50 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1AB5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 09 Jan 2022 01:35:50 GMT
expires
Mon, 09 Jan 2023 01:35:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 52F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQLEZ_mXTByL2hjI512_jbEzUI27OVOCYRcieLeMjcoOgAjTKLQvY1D1AdeI_UKBY34lVMKDaOnubN6AQZ0VsqfNahUG-zSO2pGs_MEiHq_suShLNk8l1tytel9Hw8hAT7-_94TcHzTUFTh8W_y-JnqhVj7T4vhn237rhTlfC3ejyWhSHIFu3WCfiMAUUgcLHTp6WBG1RcqzuIH8w4S9QRA7_c76g53gycQjkk2T6GY-sJbfTCqEtvMaHtbbSJPRHsaeVciX6YOEhqu82N6NxYI8U66w2zSbuo0AfqyTnpc30XwybGQrqK4-uP_poKvFaxoIgpUwj7WIgh-F_pW8bno1q7pBEJyFNgzw&sig=Cg0ArKJSzNpCIvAeBm0JEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ani-uk-slider-vnexpress-NoAV.js
solution.urekamedia.com/vnexpress.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://solution.urekamedia.com/vnexpress.net/ani-uk-slider-vnexpress-NoAV.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:6036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b5392e14515cf694f44ed05644602c7b86ce163caab004f2a40918cbac6053c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3627
cf-polished
origSize=10258
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 14 Dec 2021 09:33:50 GMT
server
cloudflare
etag
W/"2812-5d317e304bb80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LJWipND6WGTw3d6BzOs%2Fsx4hhD1YysYIf9JzdsEQygYT4PqklaaWCdOufCe5PweOn5RRu4aUX2DAZugo7kqNHYnh%2BSVhXGYqoCk0BEPhFqQo2qA1VZ%2BhTFkiif5amhdU0iUzfLtRdsWL9P%2FKbD9ZHeyIFhJkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
6ca9ee68bbf77413-LHR
cf-bgj
minify
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 52F7 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:35:51 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 75DA 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:24:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
705
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
server
cafe
etag
10405968765291005445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Jan 2022 01:24:06 GMT
css
fonts.googleapis.com/ Frame 75DA 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 09 Jan 2022 00:29:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 09 Jan 2022 01:35:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 Jan 2022 01:35:51 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 75DA 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 18:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27010
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Jan 2023 18:05:41 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 75DA 		355 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 18:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27010
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125995
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Jan 2023 18:05:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 75DA 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
645
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Jan 2022 01:25:06 GMT
l
www.google.com/ads/measurement/ Frame 75DA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSjPwO7oGIetn0a6ZSnkaN4QEhBH3mtrXYGWL6StopJBu-xPG1ZdHfuOtrpZPUbS2uERVMH
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 1AB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxNfa9jvaYcCCIYvO7_UPx_aMiAieoaGuXKH56P6fA8CNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1yAEJ4AIAqAMBqgTrAU_QPVCrOTFzx5v7NnV_dpEiQ021aX0lAZAGLc-QRcocZN5mgXW7XpH-JT6kCmlYkdR2AfBQBcu0nLImVDwEydr6QzUdxeh0WFinS3PbQXF5iunU8uyeBvMiFEqsVjifAhIYGafg8sXhbC5-fLGi5wVIZaOzJ-9o6K4yBTVBXq7NRtFkiZNVl0QIaJ6_hB8tr2B99P1MuZQShVH0Dj8UxfkO_D3BQ4oIMGN4PMg2TeDVxqJdL_1rux2pxe9ZMC6S5VsGCOuEzUBKG4tKjxc-YkSZtpW_uhe_X7TNUVdx-3QwZ_wOtd8ybwmWdYTgBAGABrXzpt_yicnoNaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAcBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTE0ODEwMTk3NTQxODQ5NTUYz7MT&sigh=qND6ulgx6uE&uach_m=[UACH]&cid=CAQSPgCNIrLMT57-xEUBdBV4TSBWFeXVU1ddswYM7LX8bI0Tm9LvE3HS9EeL6AwMBSDIfpBbUl69poOBU14OW1x6GAE
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
adfetch
googleads.g.doubleclick.net/pagead/ Frame C640 		85 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch?adk=3222032697&adsafe=medium&client=ca-pub-5722610347565274&format=300x600_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://vnexpress.net&sub_client=bidder-570660&aceid=MFYXtAAlGLQA-VU0AWZaNAEvYzQBZ280AcJvNAHMbzQBUnA0AbZwNAHNcDQB3XA0Ae5wNAFmcTQBbHE0AXhxNAGHcTQBk3E0AdFxNAHccTQB33E0AelxNAHxcTQB_XE0AQFyNAEDcjQBBXI0AQdyNAFLc0EBU3NBAVhzQQEs_dkBOMhcAtf2iAJB94gC3PmIAidCqgIoQqoCK0KqAl9bqgLQYaoCSHKqAv54qgIoiqoCrpaqAoCbqgKBm6oCgpuqAtqeqgJDoqoCpaaqAhanqgKmp6oCA6iqAqKoqgLiqaoCtKuqAiusqgIdrqoCBa-qApWvqgJ2sKoCebCqAoCwqgKCsKoCibCqAh6zqgLFtaoCnLuqAgG9qgLXvqoCZb-qArzBqgISx6oCtcyqAtXMqgJizaoCz82qAjHOqgIC0aoCb9GqAg3VqgJ81aoCedaqAtvWqgII26oCHtuqAprbqgJN3KoC5N2qAjfeqgJV3qoCfN6qArveqgK_4KoCw-CqAsjgqgK04aoC-OGqAmPjqgIk5KoCa-SqAqDlqgKv6KoCWemqArnpqgI-66oCueuqAsrrqgJV7KoCxeyqAlvtqgJk7qoCAO-qAk3vqgKQ76oCq--qArTvqgK876oCzO-qAurvqgLy76oC-e-qAgTwqgKDMtoCqLPFBWqj-xI_sfsSWrH7EmCx-xLUufsSUMb7EgrK-xLO0fsS49H7EpDS-xK21vsSu9z7Eprg-xLv5vsS7-v7EoDs-xKB7fsSbO77EuPu-xJj7_sSw-_7Ejnx-xKWZmQTZ13QExplcRZtFvcX-FZrGn_LtS4rIvpCRxsHagnS626CY2R-&awbid_c=AKAmf-BN70D1bsNc-lhEZbgvHjRcenW2VK1HGLbjMacE9sGnWb-YUENvXmgoR8DdjAEIx7P7JMvSGmbo6nxfmCaUTfZ43rv2XKkmELH-Qj6sVJybVXIRq0lh-HeYrO0nMyiscQ-5hIvkveGsyqgLf6Jxhzj3pRFe-hgl_CDduFtPyw2HJ6Qo_8c&awbid_d=AKAmf-ByTsuUlrc7ii75jtmhi2vw6IQsQLG132aAA2lcfvZq8x1XBcSOx53bmd_GD8aj9UC9BuR_MpwXA1io-Mgmjrp47BLb99LiqQFK2ysiFHdkyXzCsjXnUdCTSEnVVj5t6ipgYJQepXm8-ESkYSlN2It5JhTiFLztVFWyg5IL3J0m4BvZSwh19ziTWZ3WoBmWxJunGn1eNOyFyRFWxVgke8F3dOP4QIWvoRIp19TS5fRaRC27QoWDKtNZFRvJ3iWY27iPAiakI46kQKStCplLR9ogIm_SprJ5RNeGvt_l6v76MBC_JzzrR8Lnpyx3KkUz_dhtbffF9kmR8tew1j12aWErKGxuoTBuapaBirlYc_AfbIuX9YsPCEQqrbzurIR3JgIiXFlpkHbwR27RdVZnfZJvixCAXQpcCT_S_4OSO94Rz018LEnXpn8jHYRkXWCRbCBNDeN76YS7jBAEJiRxb3fzTOjSO-qXocNHKqy7u3m6TsUQbEmEcdiv_0mVoRuXPQatT4AO8dsfIIGnTU6EgHiHCr2qaKge2HsvSQhEl6JWzLRzlQMjfW1eFmzY5SDtBbRFUEbPEf2qwxZTGqiwjHIsSnJ6P_joeLu3iv211Da7MRMZR6v3-cbHh46vW-lnPyQN4ARTgwlMC0gRrERw7VjCsKcpqs9Y-vokzuazQJTB-18nM0XYpq_QsfZ5V2uCyJ3QOXj7aAzj8UI48Ds3UUUTPXeZeyHCK6PalHoOeHSFwdVdrs4&cid=CAASBORoYlw&exk=1595218560&rfl=https%3A%2F%2Fvnexpress.net%2F&a_pr=13:Ydo79gAAAABeaOYj7INP9jHlq_rb02aOHtaOSA
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b9f893929f5adbb0657b06c0bbc838c5a9bf8e12cc5bb1cbef388e05d18a5bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 09 Jan 2022 01:35:51 GMT
server
cafe
content-length
31447
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 09 Jan 2022 01:35:51 GMT
cache-control
private
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame 1AB5 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2d2be9c15115e6926f572ab0cdc4728a0fa5902b7769cfefedc3a6ae7d8ba4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2005
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5711
x-xss-protection
0
server
cafe
etag
14470587262799823670
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 09 Jan 2022 02:02:26 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 1AB5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Jan 2022 01:33:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1AB5 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:35:51 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 1AB5 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
645
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Jan 2022 01:25:06 GMT
l
www.google.com/ads/measurement/ Frame 1AB5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOyaAuYQX8nwOGfbjCMLtIzHQId1bfGJe3JqaxA68G_br1phyH0_9XnM9N99qnpFwOQvQS
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1AB5 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 18:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27013
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 08 Jan 2023 18:05:38 GMT
v1
a5270.casalemedia.com/impression/ Frame 1AB5 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a5270.casalemedia.com/impression/v1?bidID=b7bdf7b3-c97e-4dea-9e5b-0858e1e2ac28&traceID=c7d3ntjns78dhplhdni0&dspID=85&userID=&cmpro=0&ap=Ydo79gAIQUAIu-cLAAM7RyzAdqqaLmg_BwBknw
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.61.211 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:51 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1AB5 		0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-AuU9ZJnzJMtS8NrMBI4qhrNabt3NZdCh5Id1U-kITxLTbz2HPGmp6fXNDEWIaFUybupelOKMh_Myu_2yXeuLSJC_JAxQ&pr=13:Ydo79gAAAAD_jubyBKdHtoWkEsbicmFOXVSHkA
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D662 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxqH39jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOQBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69hnk4UVxvGBtxX5ez9niA7dOrvkMpshxEW5N2_blinuG4KJlo0zS4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTQ4MTAxOTc1NDE4NDk1NRjPsxM&sigh=0E6126SX_II&uach_m=[UACH]&cid=CAQSPwCNIrLM0aKcd5sSFitPldwQflKl4uZAt8gsN7qTS7CR4RAX3VMCXjskpDTUEvvRrFqkd8qg1Ti13BV6uMrIhRgB
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame D662 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=V47UD7j5RKwC9AOH-lcYAgAAAMBIevBXDE-VJ5ycOwj3kkD6Gn71EPU72mGYZls_z7X-xqSQsAAS&wp=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
server
Kestrel
server-processing-duration-in-ticks
159379
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 5C4A 		112 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f38f76a5fccb4b20dbbbf15bc1e35ae75c1e7cb4600376e15111154635b20ad6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=SXpES0Cnp0MyBTA3fU2MrPfiZCXb8MXQKkbyTqmUndDnelXMKqSZRD64IYxhuH2zS6aIzm3V9IIFOpRazW9hGuaHeLjYQ7xQtMQRO6IaBtnSoBwIxBxSt97ZYrzCvk5NNOb8SzqWHGnjjcJZC2zqrcrfRnYbDTyWU3sGZSWjXLRQao7nxsHYYz0tmbZi985qHyZBzKsXJ0KKygYeKqwsZvRln7qcJy5wkJIFiQ23bTyZ7UGNHM61RLK1OBcV0OALKlAIwg"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
67515494
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame D662 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Jan 2022 01:33:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D662 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:35:51 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame D662 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
645
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Jan 2022 01:25:06 GMT
l
www.google.com/ads/measurement/ Frame D662 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNUpYgPqq1AwUcFoXcjtBno3noQiTEV4Az0cYO0wp0VuZ0v1o354Ic-a7Vh775GT0PE2PC
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D662 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 18:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27013
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 08 Jan 2023 18:05:38 GMT
truncated
/ Frame 52F7 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e95f1ba25ae50547139ef3c6fbd333228aa22581699cd62de2b7c35a13009c2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 52F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3wsTdS8r3429n-2jVRVRi8dYnsDs1g99R5k96XI6Wte_CGcXcX3EjLAmW51uhi4hCV5D_5NKLsz7Zo55CSMO0t4R7fjSVrEV0k-HFL3MP9aF_dGu9Pvo0fH_Sd8B0eDpWSk0uOa9wcSNpztuKgPIJIuLOnoETNcxRA5ML0F_oYNCI3kqGXRMoFbHdl8m2qaSrk8BIqBx6d1NtrdlVvcpXuXbyuOsA5xqvaOT3fJn-j4AlmZSl412FiEK3iSIviLzxCla7A3IKLMex1LBQqjERcSrYFN_XOjoL1QJVjDeMTzcLkV9tZ9Fm512ig1zf0sVRZMBSIZCQy2oFv6jTHsv_Pzp8lYJOqY_a1ADD&sig=Cg0ArKJSzB851uMoNKYCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 09 Jan 2022 01:35:51 GMT
player.js
player.aniview.com/script/6.1/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js
Requested by
Host: solution.urekamedia.com
URL: https://solution.urekamedia.com/vnexpress.net/ani-uk-slider-vnexpress-NoAV.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
374b50037edd1f5a47a17d77ee3eac2797e508a3e7e1dc4ee0f37822d9edb97e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsEb_QVP_wrqp0Ck_dnGZNwj4kG_DmyEp3PpM95eoUQs4c51yJNZvgXyc9cgaElCNrCfplonDfNST7U6vHpy1bt8653hQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9567
last-modified
Tue, 04 Jan 2022 12:52:39 GMT
server
UploadServer
etag
"7e962c78ba1aac98a8d7b843a49ce8f1"
vary
Accept-Encoding
x-goog-hash
crc32c=pXX/rw==, md5=fpYseLoarJio17hDpJzo8Q==
content-language
en
access-control-allow-origin
*
x-goog-generation
1641300759237908
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9567
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 09 Jan 2022 01:40:51 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e63d10e28a0614d2b01395e&cid=61b84e5ed1591577585f0169&e=playerLoaded&cb=1641692151199
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ Frame D662 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd8d7438348ffab730a6d097b976bff79a6531a88a8f2adb261c6a016737d97b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5C4A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Jan 2023 01:35:51 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 5C4A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Jan 2023 01:35:51 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5C4A 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 04 Jan 2023 01:35:51 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 5C4A 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Wed, 04 Jan 2023 01:35:51 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 5C4A 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=WO8U9tZfP2O7ISnVCKwMw2dzzvT59nkW3eQR_cp2ZOe3PmpkLh9l2r2HEPh1BJBEoEEzfn_ZknUClNodVQIIZiZ7INuH1kJBvSPtzlYm6HuFVqucWt_2R4UD0CNgMbtD5qxoDtwO4_dDVfzrmwOmWxsIsuarXi6b7PDSoPO2OG-tGiwfzSQ6pqNhe6k3FJtMA8Ydm2_lS4tC2hdJoAvUGrkST1zOSGnE4eyySJUrDvl_t73ZJpucaY4WHWg0XaYWNJ_c2J_lToMCLiaaG5GYENLtx-vfxuuIgDc03AD6VDqkBpBN-988Fi7qNCQlPa2OQggiVUhZak7pFEeunP8-BMafergcXAafmTA68Fz6JNyKNud_R0Ax29sVI2TO-qEP5r5Qn7agubyx1hDZfgbLISN5frrN5LlhG-aD-qdLo_1xwKIN0KeYBoX41ikjj_7-t-C_WQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:50 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3032472
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5C4A 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2081132
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XA04RE7xhddlTHht6JpbLueLsBIM%2FFOkYpn4x%2BmRIDAs0mO7RxSEaXiOyrRBZknw%2BYfv%2FhEGrjhovZWAOnHKe8iJ8A4QO5alPyCQ4K66nnjYhNF4I%2FO380NTv9201ws6xaQ923UnGBFuRtgnNQDRS9pT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ca9ee6a49adf3ef-LHR
expires
Fri, 30 Dec 2022 01:35:51 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame EEBD 		366 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1fdc5ef5534a96b551757afdc0246822673bd0edbc30005605a069209623e39f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv6wyAWwelTCOD4-m7KNNgY1D_kcNnCfulpHmO3IYGfciph-0BlImzCoH-4-CeQeZbZdq9MtVK0_ExKu-XF1k0iseAEbw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
105426
last-modified
Tue, 04 Jan 2022 12:51:59 GMT
server
UploadServer
etag
"23c0148dda2d3471c153bc49c7939493"
vary
Accept-Encoding
x-goog-hash
crc32c=cZ7ksQ==, md5=I8AUjdotNHHBU7xJx5OUkw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1641300719414717
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
105426
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 09 Jan 2022 01:40:51 GMT
csi
csi.gstatic.com/ Frame 75DA 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ky6l4b5h&c=1212803427979&slotId=606401713989.5&qqid=CLfb2uvDo_UCFYnluwgdGioAFA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4005:813::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 75DA 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 17:56:19 GMT
x-content-type-options
nosniff
age
286772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 17:56:19 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 75DA 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 21:18:23 GMT
x-content-type-options
nosniff
age
447448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 03 Jan 2023 21:18:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 75DA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
129363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 13:39:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 75DA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CHLtC9jvaYbeIIYnL7_UPmtSAoAGIwsnTZ7uU3_n4DqGvjMiuJxABIMfHnyNgu76cg9AKoAHQtvqqAcgBBagDAcgDmwSqBN8BT9Ad_INpEk7u0V2WD5ry-nlRbNa5nd0YXdtzUo4_BYQf_inJBOof2FKKDLRyj8DO64Ytn1f9rUU2f4Q3tOd5ixJtSMSwG7YErJFBECvJl5RLjRKF_dXNov8Dkp66qLPMRlOSBk-dGoIiV03hgUcmyp-VgppYzSdu6QuRxjgYF7ed2Dsu0LpgibQRyCZnfjiDfJAsBqg20xdpY1bnVa1M4lVGnH_OzBM_WCltM4q1KUNZDKpb9RJ3MAYpDAlV5pVm-tfcXau5quJ8_n-EodW9-r_aEIkgDXxM2NTw9AQkksAErt7xnNwD4AQDkAYBoAZOgAeYyYXVAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YBwEAEYHYAKA5gLAcgLAYAMAbATuZHnDdATANgTA4gUSdgUAdAVAYAXAQ&eventType=clickstring&clientTime=1641692151442&ai=CHLtC9jvaYbeIIYnL7_UPmtSAoAGIwsnTZ7uU3_n4DqGvjMiuJxABIMfHnyNgu76cg9AKoAHQtvqqAcgBBagDAcgDmwSqBN8BT9Ad_INpEk7u0V2WD5ry-nlRbNa5nd0YXdtzUo4_BYQf_inJBOof2FKKDLRyj8DO64Ytn1f9rUU2f4Q3tOd5ixJtSMSwG7YErJFBECvJl5RLjRKF_dXNov8Dkp66qLPMRlOSBk-dGoIiV03hgUcmyp-VgppYzSdu6QuRxjgYF7ed2Dsu0LpgibQRyCZnfjiDfJAsBqg20xdpY1bnVa1M4lVGnH_OzBM_WCltM4q1KUNZDKpb9RJ3MAYpDAlV5pVm-tfcXau5quJ8_n-EodW9-r_aEIkgDXxM2NTw9AQkksAErt7xnNwD4AQDkAYBoAZOgAeYyYXVAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YBwEAEYHYAKA5gLAcgLAYAMAbATuZHnDdATANgTA4gUSdgUAdAVAYAXAQ
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 75DA 		28 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DSSaH8kZD_kn2cQ7XBkXsD9OHVnhyJOHNhIzkmDhpqF1gVVFgrxsDmh2vVud1nXYfBSHC1UfR4VTU0KMmudrkW3PW8Cw&dbm_d=AKAmf-Bj_7zZxUa6kyXXWuG14IYmgmr8_GlzqirkDBB5ljzUoFeH62RZ3u2SMCC7OB_srX6nFPnj3FrBmk8Ard_tza8rzqhEit9maVVd00qWWzvwMFa2CeqdJ2SvgGfyhH8UlibLfU4FKUezheBgAxV2ykav1DNOhfP17Djq1I73AhH9zGMTL4FTpfre14H4U8JKL8_dUTAs0FkDp9aeELHKx4WcjL056rJp79zeGqkzWnibMhN8jTrh76sbAIUeVsFSoV7_DvyPdPGMHO0WLgGxqMfW2bAcHLo95HXYqNeevLU-SIsFzfNaPRVYe5SwDn1RhRjXUobW_LS_GOy_y3YQdOaIP5EitQAU_ugNBOG6F4kgZFZOzhuE447MXyBKepYVV5UsmWsHsnFMkQYpEZbRsBG3uGiTeYj8I0AefCtLdc9YPzWqp2n__oR591ylD0VXmiR04cFPWgDdXknzUmeUVUhuXwFulupP7GXjoK1APjSXzMRyiU0WN0qb036hS4QgkWpNNc8PTbVdJzYL2hsBlVX0Hb-C-Mv34B9LVujLotQM8ClC_CNJnwPPaFNRCOCt9LFm-KWMgQ7RB8fIjSyvBgJQp8PUBY_8bLGmjLQBRL6RHKXIqAsmTicQF4lf2XMwVNASepuYFKp8miiE0MjlFlwtbR6E6h1kAtVKcpyiCdhfj76sKKnw8-kS8-P-b3u-KBsduMY3BID-Zi8RCBDKJQo6R9vkFIBIf-PROkCrVVbb-4hmcH_fGh-ekWKWf5p46uN9mSev1kdXDncemA_Extj-KuJ-wwLIJVHHL1Pfa3xVIx7dlM0VoKGdGQHd6c5eMBECQizpjQ2wYe0vnM27Ogg9zAYbnP2HNznM8XXcPvmjrM5xvhgnBzO2OpmsCNhFYL97rxuxZ-97kFo5b_mq95YqBZi21E2kD-ip_lDJXFEVl-OiJY5U1DjtFZolRDwE-BcejRT_-vuiswh-3DlE15dV4C4f-4IyhgzmokImN4n5dwv5npMts-3tUeYdNwgSyiT_B3z7E3eJkzgAc8LhoAyK7lwOHWqnikLMa59Y7urjHDep0m7cKv1gnNvkAa1qbtNyf54KlYrEzu6tJGhH0fXOW5ehQPVrYgL5NK9ypU4yCn7dG30sCtNI4AlQfw70KJhjJgU4IrdQ2wh_7m2wSvo_eGcmZDFdogQ6xN5xtPmfmuMjBQ3XZYhxvy2yD8QvNCJBJiJfXy3hIM2rfg70DxHIsGDcDSf3bHEDVBqyfZsLLnZshV-I60AN29SE92nAa2fO5Jk4lYH_qq_cnN7ZL7mWuxUTsQ8KjFgryHa21YqLqZP-ZD9GLqOSlv8K2cV1OuaxDtTW39R-3_P2WkEiXQsn_aD1QI-0Kl2-DS7cKARoPPAk0jT_eTedoX73iuleNvlpSy8D4P9eC77kNmgL33Jq8c8djOAiuFtEUHrJ8_6f0jzn93JpU-d_fJ--c8DYtAEOuKJhmL4x92l95nSwLQvTDoGGw7P7hux6VTv3F_5ek7wcgt8QcSvyMTAmiDW1d2hwKE6Ylo6b8D5xqJdljEuTmE2UhtlS0QKW6h-ysOIVgyfWl2QYreUOAj4LcFMKxOhgvwh1X_DvU7jlg42SXescZCEEQBvzaexrcTdNgfihW7vkGmMumn1MK-Kq4yKlH0WV3i0Cfsv19j3PCP8cFiv4CaMCekMIzjtzPA1i0zMN0G-x0OOQ-4BKTf5ZwTjuOyUBDW2WvfwKUHONEAgeTuyy_dRXVYGqMFqtgZ4UCY4nVyF8nnNww_iId7HS-HRS77owFOKAaLWfTbINgL5oWuO9316W6AwwuwF3gmh3ZQg7LBODynEncZ9xYIPZe4932Wp-Wz53RgEKT440dmlzQvSer2Q3EE9fzQMU65XXIEgphUDFgcR3GeSRqQKUMR1Ko8miiDAos8L61Tcc3uQugNIS8oFHvCEcza_f4rsOvI2DiAQmotkFd1taIMsIMBl5J7LxJoG6oCY9SVamW9dqAqu4pIRy0eYAc4JdMvsjNE-Jv_uZhM7i3vdZb8HTQ4gM1QUy-7RDYU1rbQLFaXYge5fK1-_fWJItaeyy3LhGwigqwmG84Ik7VmYBBGxXvBmLwfibQfMUKy61rsq1ExLW11fGitynMP-85W5p9DIHO7Nm0n8UEP9dP0Cv9hZMlwHC9kHM2lsHLJFiImfzgmW9fwci4uN6AOIpw2ey5pAyNK-oURcv6REiCD550enoop5HUxdWm33B2etEbOxTfGgKxiEqCaNbmjsk8UY2XLR5C7FUuQQEGxpsINCaQQA9mjQK5a59Qt-HO5j8kTUjoua5rXlmSqDMUvqkZoNp5rzGM6RJaolUnjHHEjmA6uqlp0flDqsvdUnbDG0wreYdBiVqgTTutVZu-4FlSAbFijLvShy5vtUizeyMLsX0k7uVZeL0xCTvl_CU5rKrSdNd-7OKvQhncWOtNiyx_rbt0BepLV4G97JXshrXimuBtqv8TkYO4X4tFyAiA63R4Tp2aiM-tYnNqhWCtQY4MA4m3ime4vSdFw0hcjXrsNtBuq-Rg67_jXr71T6x7Wm3B_tDa8D4LjDLSjqyqBWN6ngeWhps_WUnYRukV77WgMUvm1jhTNHr3ZInQQ40D3i2-KboqvSysLVUcjMJpO8y5uCC7wStSAeWSFxETuPxMJD1MhHU80aamMYW988OB0BB9wEfpXAwTfSQ5WV5zVWraWGQUgAr8v8kMUMw-QpywzWeIDuFOauPjhL7Z3-rh3aTZ0X4yscYq6v5dzYhYZewkALRhkhgYxtsumSvbdFMBB8HUBdeb-uPZzVwMbjusy-8rWIyvFg1AJzufQyqIZhAIOWNbzwd_nqCW7GF9F91v8dUtMzezwOIEC4FMjTCnEreXOPw4QiSkqexq9EXzg7CVme_PqgvLtKGkGFlw6e8AL9ZzDN936IPUXB8EqCfZnx8iUKwL3tbY0pRo6AYwyE3MswtqYRwVay1ibK_MEGjyJ8A2hko8XQbWulvVshro4UIUYWz4EpBrkaMRFmpcSl1GUoDVFJNJFCHAdIicRrByddIdDNMKLIwaAHON-1gz9ww2hdWqtJocYWBmnY4elpwRaTo7XfW8ESGzp1NP_tg9hCBGsHezHJ4eZ9iioGxpHt5liOfXLH5GJtnN_y2OesV4d1QYLhvY18SAIx6LI6XuPoZ1rg0cWLVvAGeYlIYS8o9ReBUFJrU6-gGD8Q08CfW3b47j-Vx4wMyaNHu3U83C174KPYLmXAuQzJl2sRp&cid=CAASPeRoWACH8HlrEaHv_Oel9BuqPsuEHbIvatHQXX7iufHlCZtpcLgEbEekc_mowYtS4J-SDEE_GfuhS5nilDQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.71.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f156.1e100.net
Software
cafe /
Resource Hash
362dd4ca63f7b924a45eebb4fb81dcbec959485f92a97e6436e5a19698e048f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13848
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 75DA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZYze9jvaYbeIIYnL7_UPmtSAoAGIwsnTZ7uU3_n4DqGvjMiuJxABIMfHnyNgu76cg9AKoAHQtvqqAcgBBagDAaoE3AFP0B38g2kSTu7RXZYPmvL6eVFs1rmd3Rhd23NSjj8FhB_-KckE6h_YUooMtHKPwM7rhi2fV_2tRTZ_hDe053mLEm1IxLAbtgSskUEQK8mXlEuNEoX91c2i_wOSnrqos8xGU5IGT50agiJXTeGBRybKn5WCmljNJ27pC5HGOBgXt53YOy7QumCJtBHIJmd-OIN8kCwGqDbTF2ljVudVrUziVUbEflQ5gK0eu6jcZLjvrVbLMgI1ijTm617azHn6n-Lz_sSYdTnzIsZiaqq5CnIPyAzfITUhZIsCIv0ywASu3vGc3APgBAOIBaj198c5kgUGCAMQBRgBkgUGCBsQAxgBkgULCCIQAxgBSKC0pgGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB5jJhdUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ4copGOzYhL0B0ggJCIjhgHAQARgdgAoDyAsBsBO5kecNyBOQ_-jeA9ATANgTA4gUSdgUAdAVAYAXAbIXHgocCAASFHB1Yi0xNDgxMDE5NzU0MTg0OTU1GM-zEw&sigh=21tr4bqlB1o&uach_m=[UACH]&cid=CAQSPwCNIrLM0aKcd5sSFitPldwQflKl4uZAt8gsN7qTS7CR4RAX3VMCXjskpDTUEvvRrFqkd8qg1Ti13BV6uMrIhQ&vt=10
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
truncated
/ Frame 75DA 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
351252424bb8f27e1b4e1a758af27368401ee65f334c81922f2cb7eebf950b39

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame 5C4A 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Jan 2023 01:35:51 GMT
img
pix.eu.criteo.net/img/ Frame 5C4A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=116&m=0&partner=4137&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F4137%2F211019%2F1e07a97022894d049a654b9c4cc6fea7_coupon_300x40.jpg&v=3&w=596&s=EQii1sGuIDsSIdIncmlhfb9g
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fca8259d70551600ba57772469fd3b5fa6340f935b1941eeea3a77c4aaa55f7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 15:53:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
121331
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=29526298
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
2186
expires
Thu, 15 Dec 2022 09:38:38 GMT
img
pix.eu.criteo.net/img/ Frame 5C4A 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=4137&q=80&r=0&u=https%3A%2F%2F5fbb4b60e5a371522c26-c46478628be7be7c70f96ec65a31d1c7.ssl.cf3.rackcdn.com%2FImages%2FProductImages%2F0a5c2e57-0093-4a_192222_A.jpg&v=3&w=400&s=PotRk_CDAl2UyySPnNrn-Hzp&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
6462a807dd3e11bf62c983e71fd2b43b51881825a60180ec80266bd5ddb3b4ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 16:20:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
119747
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=790221
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
6498
expires
Sun, 16 Jan 2022 19:50:25 GMT
img
pix.eu.criteo.net/img/ Frame 5C4A 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=4137&q=80&r=0&u=https%3A%2F%2F5fbb4b60e5a371522c26-c46478628be7be7c70f96ec65a31d1c7.ssl.cf3.rackcdn.com%2FImages%2FProductImages%2Ffa015593-d89d-46_213788_A.jpg&v=3&w=400&s=Fi2uaml3IJJ7q7ctu74-J7xQ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
37458c2992906d104f88bcc474e76d63344401de0748ba0e7dca1e6946a9cb2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:34:51 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
59
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=71399
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
16590
expires
Sat, 08 Jan 2022 12:54:51 GMT
img
pix.eu.criteo.net/img/ Frame 5C4A 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=4137&q=80&r=0&u=https%3A%2F%2F5fbb4b60e5a371522c26-c46478628be7be7c70f96ec65a31d1c7.ssl.cf3.rackcdn.com%2FImages%2FProductImages%2Ff27f0d08-d28e-46_146722R_C.jpg&v=3&w=400&s=fr3AwQWWoSoKuRcGjnMiAqp-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9e7d5733ae9b2da0e411aa9711cb74fe7ea4791275e00fe1a75eea70c47b82b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 02:40:25 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
82526
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=2575519
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
11480
expires
Sun, 06 Feb 2022 22:05:45 GMT
img
pix.eu.criteo.net/img/ Frame 5C4A 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=4137&q=80&r=0&u=https%3A%2F%2F5fbb4b60e5a371522c26-c46478628be7be7c70f96ec65a31d1c7.ssl.cf3.rackcdn.com%2FImages%2FProductImages%2F44a06875-3c38-4a_137036_30.jpg&v=3&w=400&s=Ao518L23r9uISa4i4NGZO5DF&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a848badec3e5321bd9458ac63ab62d424d76742f532e338afef91d5f0297a4b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 15:56:29 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
121160
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=815766
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
10552
expires
Mon, 17 Jan 2022 02:32:37 GMT
all
csm.eu.criteo.net/ Frame 5C4A 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=SXpES0Cnp0MyBTA3fU2MrPfiZCXb8MXQKkbyTqmUndDnelXMKqSZRD64IYxhuH2zS6aIzm3V9IIFOpRazW9hGuaHeLjYQ7xQtMQRO6IaBtnSoBwIxBxSt97ZYrzCvk5NNOb8SzqWHGnjjcJZC2zqrcrfRnYbDTyWU3sGZSWjXLRQao7nxsHYYz0tmbZi985qHyZBzKsXJ0KKygYeKqwsZvRln7qcJy5wkJIFiQ23bTyZ7UGNHM61RLK1OBcV0OALKlAIwg&sds=2&rev=79985.3&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Jan 2022 01:35:51 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5C4A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Jan 2023 01:35:51 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5C4A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Jan 2023 01:35:51 GMT
css
fonts.googleapis.com/ Frame 5C4A 		1003 B
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83b2db06e4e840f5c818b986001e24ed7added38a25e036e6e12607025d14f0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 09 Jan 2022 01:28:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 09 Jan 2022 01:35:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 Jan 2022 01:35:51 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=vnexpress.net&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.1.2.95&apppkg=&fv=3&proto=https&pid=5e63d10e28a0614d2b01395e&cid=61b84e5ed1591577585f0169&stagid=&stplid=&e=inventory&vi=100&cb=1641692151600
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
Ureka_Supply_vnexpress.net_Slider_passback_Aniview.js
bd.urekamedia.com/publishers/code/vnexpress.net/ 		1 KB
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bd.urekamedia.com/publishers/code/vnexpress.net/Ureka_Supply_vnexpress.net_Slider_passback_Aniview.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:6036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad29f2f1dd0f3e65be64c8c50673b20671760d7251811b8362da31193aba7625

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1001455
cf-polished
origSize=1072
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 12 Aug 2020 08:34:21 GMT
server
cloudflare
etag
W/"5f33a98d-430"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAzx0QqqcKaVdYlxr%2BnuJaJ7crmLUnE1ZPDM%2FrBoY6DxB4YuFezMLB2HHEHgta4HNt30GyxWodTY4TrRiRp81NF5CN%2BYzmEZXLIh50rOBnm2TZFJpHdopHtFXgOFIpr4jW%2F4Te7roSrjsFNRssjzog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
6ca9ee6bedbd7413-LHR
expires
Thu, 27 Jan 2022 11:24:56 GMT
/
go1.aniview.com/api/adserver/tag/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fvnexpress.net%2F&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&AV_CHANNELID=61b84e5ed1591577585f0169&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=vnexpress.net&AV_DADPOS=3&AV_PLACEMENT=5&d36=6.1.2.95&responsive=1&sver=1&avtoken=151599&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1641692151635
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.20.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-20-60.compute-1.amazonaws.com
Software
/
Resource Hash
a983bd0c3fd8abb928ec9381f5737963732572d4b2df0e04beed7285d0c45b10

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 28 Dec 2021 11:49:12 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ Frame 5C4A 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 14:28:31 GMT
x-content-type-options
nosniff
age
40040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 08 Jan 2023 14:28:31 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 1AB5 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e4721b32776ef17b081967b6bd9ddd94ffe55255bffb09c72bc7d6fb995d651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27999
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385871714204"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:35:51 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F5DA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=192938&us_privacy=&gdpr_consent=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=192938&us_privacy=&gdpr_consent=&gdpr=1&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=192938&us_privacy=&gdpr_consent=&gdpr=1&C=1
Requested by
Host: 163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
URL: https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f7958ab4918a785ca6e0166881769fa4758850b2d753e91b11e941791b3afed0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|45|39|230|81|190|156|195
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1750
Expires
Sun, 09 Jan 2022 01:35:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:51 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
364
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=192938&us_privacy=&gdpr_consent=&gdpr=1&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 09 Jan 2022 01:35:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:51 GMT
Connection
keep-alive
truncated
/ Frame 1AB5 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
899cd623ab4c8906b087aa56a6c1a6ff0621d96fa60f060c413be862281d93cb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 75DA 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 17:53:14 GMT
x-content-type-options
nosniff
age
459757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5524
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 03 Jan 2023 17:53:14 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 40E0 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bd.urekamedia.com
URL: https://bd.urekamedia.com/publishers/code/vnexpress.net/Ureka_Supply_vnexpress.net_Slider_passback_Aniview.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
d55fbdab3fe95121adf9d97bc21664eed34c7e18630466c2fe980134fcaa6aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27015
x-xss-protection
0
server
sffe
etag
"1096 / 804 of 1000 / last-modified: 1641462274"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 09 Jan 2022 01:35:51 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 75DA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 18:05:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27005
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Jan 2023 18:05:46 GMT
file.mp4
r4---sn-h0jeln7l.c.2mdn.net/videoplayback/id/5ecdaaa7568ff6c8/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781434056/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 75DA
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/5ecdaaa7568ff6c8/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781434056/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r4---sn-h0jeln7l.c.2mdn.net/videoplayback/id/5ecdaaa7568ff6c8/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781434056/sparams/acao,ctier,expire,id,ip,ipbits,i...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-h0jeln7l.c.2mdn.net/videoplayback/id/5ecdaaa7568ff6c8/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781434056/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5400802EE05ACD450A0D26A4340844691C80C015.31024D2B2CC8960EA7A6C2601568F848633531A8/key/cms1/cms_redirect/yes/mh/Gk/mip/2a01:4a0:2c::5/mm/42/mn/sn-h0jeln7l/ms/onc/mt/1641691657/mv/u/mvi/4/pl/46/file/file.mp4
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
HTTP/1.1
Server
2a00:1450:4016:1::9 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:52 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4316373
Last-Modified
Mon, 15 Nov 2021 14:20:55 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sun, 09 Jan 2022 01:35:52 GMT

Redirect headers

date
Sun, 09 Jan 2022 01:35:51 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
646
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r4---sn-h0jeln7l.c.2mdn.net/videoplayback/id/5ecdaaa7568ff6c8/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781434056/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5400802EE05ACD450A0D26A4340844691C80C015.31024D2B2CC8960EA7A6C2601568F848633531A8/key/cms1/cms_redirect/yes/mh/Gk/mip/2a01:4a0:2c::5/mm/42/mn/sn-h0jeln7l/ms/onc/mt/1641691657/mv/u/mvi/4/pl/46/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 75DA 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ky6l4b6c&c=1212803427979&slotId=606401713989.5&qqid=CLfb2uvDo_UCFYnluwgdGioAFA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=944&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=18&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&met.4=videopreviewvisible.10n
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4005:813::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B3A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuZ2aUoF0aAxGFBVD_KNLowTXkUEWkxWbBbJmdtyJfhcTzXahykM1WZXFeH2C_HYkfeGn6b6iXVUyDY081Li3_cZvIXSHEuH29TESTX4_pWpUroLsXle12bTs1dqwuKTajq1rereIM8iVpl55wuPhH5c2dzidcCACxq5o71ZOeG4r0quiI9yIUzOX6jvIJTFph8VMcza6sY4e13SwGbYth_y29Z6_Cjlw__k9E9ZyMX7v9s38B3IU-xZSgGg7-tfjHMkqdM6yQKJtrh9YG_rN-x7q8kGNvLocO8EqLJFzh2DtD-S6Z8OfuYuOANJ_BbFvDiqT_qGrE-ornO91A4aC55v8jFA&sai=AMfl-YR9kuzzqD1a9G4s3gOtnhqH-fEl4Z_JKbH74ZBfUKSbKO2UMx6N9IiD0CZXdVJ6z4Afa4OZAE1UVx4oP_rkCv2OARpeaerfKSgUrZAa01arX-BlV663oZmApJzNufHT&sig=Cg0ArKJSzF2dLUVe0ZKbEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 09 Jan 2022 01:35:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B3A2 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cbcd1cd725c844cb4a385a19ae33c45aa99af24013039ca0e86503056eb23e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8652
x-xss-protection
0
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ Frame 40E0 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 09 Jan 2022 01:35:51 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame F3E0 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
date
Sat, 08 Jan 2022 18:06:33 GMT
expires
Sun, 08 Jan 2023 18:06:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
26958
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
13186406604848041934
tpc.googlesyndication.com/simgad/ Frame C640 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13186406604848041934?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qniNmp-2U8jZD2MGNQNsiN8CDNjWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3222032697&adsafe=medium&client=ca-pub-5722610347565274&format=300x600_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://vnexpress.net&sub_client=bidder-570660&aceid=MFYXtAAlGLQA-VU0AWZaNAEvYzQBZ280AcJvNAHMbzQBUnA0AbZwNAHNcDQB3XA0Ae5wNAFmcTQBbHE0AXhxNAGHcTQBk3E0AdFxNAHccTQB33E0AelxNAHxcTQB_XE0AQFyNAEDcjQBBXI0AQdyNAFLc0EBU3NBAVhzQQEs_dkBOMhcAtf2iAJB94gC3PmIAidCqgIoQqoCK0KqAl9bqgLQYaoCSHKqAv54qgIoiqoCrpaqAoCbqgKBm6oCgpuqAtqeqgJDoqoCpaaqAhanqgKmp6oCA6iqAqKoqgLiqaoCtKuqAiusqgIdrqoCBa-qApWvqgJ2sKoCebCqAoCwqgKCsKoCibCqAh6zqgLFtaoCnLuqAgG9qgLXvqoCZb-qArzBqgISx6oCtcyqAtXMqgJizaoCz82qAjHOqgIC0aoCb9GqAg3VqgJ81aoCedaqAtvWqgII26oCHtuqAprbqgJN3KoC5N2qAjfeqgJV3qoCfN6qArveqgK_4KoCw-CqAsjgqgK04aoC-OGqAmPjqgIk5KoCa-SqAqDlqgKv6KoCWemqArnpqgI-66oCueuqAsrrqgJV7KoCxeyqAlvtqgJk7qoCAO-qAk3vqgKQ76oCq--qArTvqgK876oCzO-qAurvqgLy76oC-e-qAgTwqgKDMtoCqLPFBWqj-xI_sfsSWrH7EmCx-xLUufsSUMb7EgrK-xLO0fsS49H7EpDS-xK21vsSu9z7Eprg-xLv5vsS7-v7EoDs-xKB7fsSbO77EuPu-xJj7_sSw-_7Ejnx-xKWZmQTZ13QExplcRZtFvcX-FZrGn_LtS4rIvpCRxsHagnS626CY2R-&awbid_c=AKAmf-BN70D1bsNc-lhEZbgvHjRcenW2VK1HGLbjMacE9sGnWb-YUENvXmgoR8DdjAEIx7P7JMvSGmbo6nxfmCaUTfZ43rv2XKkmELH-Qj6sVJybVXIRq0lh-HeYrO0nMyiscQ-5hIvkveGsyqgLf6Jxhzj3pRFe-hgl_CDduFtPyw2HJ6Qo_8c&awbid_d=AKAmf-ByTsuUlrc7ii75jtmhi2vw6IQsQLG132aAA2lcfvZq8x1XBcSOx53bmd_GD8aj9UC9BuR_MpwXA1io-Mgmjrp47BLb99LiqQFK2ysiFHdkyXzCsjXnUdCTSEnVVj5t6ipgYJQepXm8-ESkYSlN2It5JhTiFLztVFWyg5IL3J0m4BvZSwh19ziTWZ3WoBmWxJunGn1eNOyFyRFWxVgke8F3dOP4QIWvoRIp19TS5fRaRC27QoWDKtNZFRvJ3iWY27iPAiakI46kQKStCplLR9ogIm_SprJ5RNeGvt_l6v76MBC_JzzrR8Lnpyx3KkUz_dhtbffF9kmR8tew1j12aWErKGxuoTBuapaBirlYc_AfbIuX9YsPCEQqrbzurIR3JgIiXFlpkHbwR27RdVZnfZJvixCAXQpcCT_S_4OSO94Rz018LEnXpn8jHYRkXWCRbCBNDeN76YS7jBAEJiRxb3fzTOjSO-qXocNHKqy7u3m6TsUQbEmEcdiv_0mVoRuXPQatT4AO8dsfIIGnTU6EgHiHCr2qaKge2HsvSQhEl6JWzLRzlQMjfW1eFmzY5SDtBbRFUEbPEf2qwxZTGqiwjHIsSnJ6P_joeLu3iv211Da7MRMZR6v3-cbHh46vW-lnPyQN4ARTgwlMC0gRrERw7VjCsKcpqs9Y-vokzuazQJTB-18nM0XYpq_QsfZ5V2uCyJ3QOXj7aAzj8UI48Ds3UUUTPXeZeyHCK6PalHoOeHSFwdVdrs4&cid=CAASBORoYlw&exk=1595218560&rfl=https%3A%2F%2Fvnexpress.net%2F&a_pr=13:Ydo79gAAAABeaOYj7INP9jHlq_rb02aOHtaOSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7b991a8f301f69e048536edd37635eb8ce3dd3f83fb898de7df764a89f508a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 09:56:49 GMT
x-content-type-options
nosniff
age
229142
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44738
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 15:46:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Jan 2023 09:56:49 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C640 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CD2B79jvaYe2WJYnBmLAP-vmosAz-t8eWZ_H6xI-iD5Cux-G-MxABILflhCFglQKgAbnzhfADyAECqQKDayIY0A-zPqgDAcgDyQSqBMcBT9Akq1gZF2flgaZevm40OQVMiB37li2RjhQGpGG-O-f2sBYqKShfe4czzkGIUxyVX4vW9YrUFAQumxBywHdu9iqJ3KRLSstFEzjwWrgE5FwKIHWfYOEG6Mj0XA6lOXzgYLNDrDpPmwtUmgYjlGH5V2RFrNQ54rno15XmPP6P_51t343-iMjVAg2Mz5vPX82VSW_uwZ_ZUhLQdzJ_9rh_rn2kh2a7q6wQXlI8BXgzAc5HhEUJR5CQtsWSvUGKz8Dc4ZYQ5siw-MAE3LvZm-sDkgUECAQYAZIFBAgFGASgBgKAB5f5n0aoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAdIIBwiAYRABGADyCA1iaWRkZXItNTcwNjYwgAoEyAsB2BMN0BUBgBcBshcICgYIABIAGAA&sigh=nfrHwAmwGx4&uach_m=[UACH]&pr=13:Ydo79gAAAABeaOYj7INP9jHlq_rb02aOHtaOSA&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3222032697&adsafe=medium&client=ca-pub-5722610347565274&format=300x600_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://vnexpress.net&sub_client=bidder-570660&aceid=MFYXtAAlGLQA-VU0AWZaNAEvYzQBZ280AcJvNAHMbzQBUnA0AbZwNAHNcDQB3XA0Ae5wNAFmcTQBbHE0AXhxNAGHcTQBk3E0AdFxNAHccTQB33E0AelxNAHxcTQB_XE0AQFyNAEDcjQBBXI0AQdyNAFLc0EBU3NBAVhzQQEs_dkBOMhcAtf2iAJB94gC3PmIAidCqgIoQqoCK0KqAl9bqgLQYaoCSHKqAv54qgIoiqoCrpaqAoCbqgKBm6oCgpuqAtqeqgJDoqoCpaaqAhanqgKmp6oCA6iqAqKoqgLiqaoCtKuqAiusqgIdrqoCBa-qApWvqgJ2sKoCebCqAoCwqgKCsKoCibCqAh6zqgLFtaoCnLuqAgG9qgLXvqoCZb-qArzBqgISx6oCtcyqAtXMqgJizaoCz82qAjHOqgIC0aoCb9GqAg3VqgJ81aoCedaqAtvWqgII26oCHtuqAprbqgJN3KoC5N2qAjfeqgJV3qoCfN6qArveqgK_4KoCw-CqAsjgqgK04aoC-OGqAmPjqgIk5KoCa-SqAqDlqgKv6KoCWemqArnpqgI-66oCueuqAsrrqgJV7KoCxeyqAlvtqgJk7qoCAO-qAk3vqgKQ76oCq--qArTvqgK876oCzO-qAurvqgLy76oC-e-qAgTwqgKDMtoCqLPFBWqj-xI_sfsSWrH7EmCx-xLUufsSUMb7EgrK-xLO0fsS49H7EpDS-xK21vsSu9z7Eprg-xLv5vsS7-v7EoDs-xKB7fsSbO77EuPu-xJj7_sSw-_7Ejnx-xKWZmQTZ13QExplcRZtFvcX-FZrGn_LtS4rIvpCRxsHagnS626CY2R-&awbid_c=AKAmf-BN70D1bsNc-lhEZbgvHjRcenW2VK1HGLbjMacE9sGnWb-YUENvXmgoR8DdjAEIx7P7JMvSGmbo6nxfmCaUTfZ43rv2XKkmELH-Qj6sVJybVXIRq0lh-HeYrO0nMyiscQ-5hIvkveGsyqgLf6Jxhzj3pRFe-hgl_CDduFtPyw2HJ6Qo_8c&awbid_d=AKAmf-ByTsuUlrc7ii75jtmhi2vw6IQsQLG132aAA2lcfvZq8x1XBcSOx53bmd_GD8aj9UC9BuR_MpwXA1io-Mgmjrp47BLb99LiqQFK2ysiFHdkyXzCsjXnUdCTSEnVVj5t6ipgYJQepXm8-ESkYSlN2It5JhTiFLztVFWyg5IL3J0m4BvZSwh19ziTWZ3WoBmWxJunGn1eNOyFyRFWxVgke8F3dOP4QIWvoRIp19TS5fRaRC27QoWDKtNZFRvJ3iWY27iPAiakI46kQKStCplLR9ogIm_SprJ5RNeGvt_l6v76MBC_JzzrR8Lnpyx3KkUz_dhtbffF9kmR8tew1j12aWErKGxuoTBuapaBirlYc_AfbIuX9YsPCEQqrbzurIR3JgIiXFlpkHbwR27RdVZnfZJvixCAXQpcCT_S_4OSO94Rz018LEnXpn8jHYRkXWCRbCBNDeN76YS7jBAEJiRxb3fzTOjSO-qXocNHKqy7u3m6TsUQbEmEcdiv_0mVoRuXPQatT4AO8dsfIIGnTU6EgHiHCr2qaKge2HsvSQhEl6JWzLRzlQMjfW1eFmzY5SDtBbRFUEbPEf2qwxZTGqiwjHIsSnJ6P_joeLu3iv211Da7MRMZR6v3-cbHh46vW-lnPyQN4ARTgwlMC0gRrERw7VjCsKcpqs9Y-vokzuazQJTB-18nM0XYpq_QsfZ5V2uCyJ3QOXj7aAzj8UI48Ds3UUUTPXeZeyHCK6PalHoOeHSFwdVdrs4&cid=CAASBORoYlw&exk=1595218560&rfl=https%3A%2F%2Fvnexpress.net%2F&a_pr=13:Ydo79gAAAABeaOYj7INP9jHlq_rb02aOHtaOSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=3222032697&adsafe=medium&client=ca-pub-5722610347565274&format=300x600_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://vnexpress.net&sub_client=bidder-570660&aceid=MFYXtAAlGLQA-VU0AWZaNAEvYzQBZ280AcJvNAHMbzQBUnA0AbZwNAHNcDQB3XA0Ae5wNAFmcTQBbHE0AXhxNAGHcTQBk3E0AdFxNAHccTQB33E0AelxNAHxcTQB_XE0AQFyNAEDcjQBBXI0AQdyNAFLc0EBU3NBAVhzQQEs_dkBOMhcAtf2iAJB94gC3PmIAidCqgIoQqoCK0KqAl9bqgLQYaoCSHKqAv54qgIoiqoCrpaqAoCbqgKBm6oCgpuqAtqeqgJDoqoCpaaqAhanqgKmp6oCA6iqAqKoqgLiqaoCtKuqAiusqgIdrqoCBa-qApWvqgJ2sKoCebCqAoCwqgKCsKoCibCqAh6zqgLFtaoCnLuqAgG9qgLXvqoCZb-qArzBqgISx6oCtcyqAtXMqgJizaoCz82qAjHOqgIC0aoCb9GqAg3VqgJ81aoCedaqAtvWqgII26oCHtuqAprbqgJN3KoC5N2qAjfeqgJV3qoCfN6qArveqgK_4KoCw-CqAsjgqgK04aoC-OGqAmPjqgIk5KoCa-SqAqDlqgKv6KoCWemqArnpqgI-66oCueuqAsrrqgJV7KoCxeyqAlvtqgJk7qoCAO-qAk3vqgKQ76oCq--qArTvqgK876oCzO-qAurvqgLy76oC-e-qAgTwqgKDMtoCqLPFBWqj-xI_sfsSWrH7EmCx-xLUufsSUMb7EgrK-xLO0fsS49H7EpDS-xK21vsSu9z7Eprg-xLv5vsS7-v7EoDs-xKB7fsSbO77EuPu-xJj7_sSw-_7Ejnx-xKWZmQTZ13QExplcRZtFvcX-FZrGn_LtS4rIvpCRxsHagnS626CY2R-&awbid_c=AKAmf-BN70D1bsNc-lhEZbgvHjRcenW2VK1HGLbjMacE9sGnWb-YUENvXmgoR8DdjAEIx7P7JMvSGmbo6nxfmCaUTfZ43rv2XKkmELH-Qj6sVJybVXIRq0lh-HeYrO0nMyiscQ-5hIvkveGsyqgLf6Jxhzj3pRFe-hgl_CDduFtPyw2HJ6Qo_8c&awbid_d=AKAmf-ByTsuUlrc7ii75jtmhi2vw6IQsQLG132aAA2lcfvZq8x1XBcSOx53bmd_GD8aj9UC9BuR_MpwXA1io-Mgmjrp47BLb99LiqQFK2ysiFHdkyXzCsjXnUdCTSEnVVj5t6ipgYJQepXm8-ESkYSlN2It5JhTiFLztVFWyg5IL3J0m4BvZSwh19ziTWZ3WoBmWxJunGn1eNOyFyRFWxVgke8F3dOP4QIWvoRIp19TS5fRaRC27QoWDKtNZFRvJ3iWY27iPAiakI46kQKStCplLR9ogIm_SprJ5RNeGvt_l6v76MBC_JzzrR8Lnpyx3KkUz_dhtbffF9kmR8tew1j12aWErKGxuoTBuapaBirlYc_AfbIuX9YsPCEQqrbzurIR3JgIiXFlpkHbwR27RdVZnfZJvixCAXQpcCT_S_4OSO94Rz018LEnXpn8jHYRkXWCRbCBNDeN76YS7jBAEJiRxb3fzTOjSO-qXocNHKqy7u3m6TsUQbEmEcdiv_0mVoRuXPQatT4AO8dsfIIGnTU6EgHiHCr2qaKge2HsvSQhEl6JWzLRzlQMjfW1eFmzY5SDtBbRFUEbPEf2qwxZTGqiwjHIsSnJ6P_joeLu3iv211Da7MRMZR6v3-cbHh46vW-lnPyQN4ARTgwlMC0gRrERw7VjCsKcpqs9Y-vokzuazQJTB-18nM0XYpq_QsfZ5V2uCyJ3QOXj7aAzj8UI48Ds3UUUTPXeZeyHCK6PalHoOeHSFwdVdrs4&cid=CAASBORoYlw&exk=1595218560&rfl=https%3A%2F%2Fvnexpress.net%2F&a_pr=13:Ydo79gAAAABeaOYj7INP9jHlq_rb02aOHtaOSA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 09 Jan 2022 01:35:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 40E0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 40E0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 40E0 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=495189319852117&correlator=2922949443441503&output=ldjh&impl=fif&eid=31063377%2C31063942&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220109&iu_parts=2627062%2Can.passback_ov.vnexpress.net_SliderPC_240420&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3Dc7019873f4976685%3AT%3D1641692150%3AS%3DALNI_MbCasTC_0F0l5CMagDPAamm_VLlQg&cdm=vnexpress.net&bc=31&abxe=1&lmt=1641692151&dt=1641692151909&dlt=1641692151706&idt=197&ea=0&frm=23&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=984466752&ucis=k3pmfw4pg4nk&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fvnexpress.net%2F&top=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=1499767020.1641692148&ga_sid=1641692152&ga_hid=53592700&ga_fc=true&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
fced8fc26b36b1d49051abc3c84c24cee40ddf32978e9777e6bc90f29803872c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8388
x-xss-protection
0
google-lineitem-id
5416437550
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138316342509
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 40E0 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
336f06ff19606c731a1d88adb3a68c1dae89ba483e6d3c7bd51404a0f1aed52f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8604
x-xss-protection
0
container.html
24f368ee55be02fd0a6e9b86a36b4619.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 40BD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://24f368ee55be02fd0a6e9b86a36b4619.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 09 Jan 2022 01:35:51 GMT
expires
Mon, 09 Jan 2023 01:35:51 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B3A2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:35:51 GMT
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame C640 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3222032697&adsafe=medium&client=ca-pub-5722610347565274&format=300x600_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://vnexpress.net&sub_client=bidder-570660&aceid=MFYXtAAlGLQA-VU0AWZaNAEvYzQBZ280AcJvNAHMbzQBUnA0AbZwNAHNcDQB3XA0Ae5wNAFmcTQBbHE0AXhxNAGHcTQBk3E0AdFxNAHccTQB33E0AelxNAHxcTQB_XE0AQFyNAEDcjQBBXI0AQdyNAFLc0EBU3NBAVhzQQEs_dkBOMhcAtf2iAJB94gC3PmIAidCqgIoQqoCK0KqAl9bqgLQYaoCSHKqAv54qgIoiqoCrpaqAoCbqgKBm6oCgpuqAtqeqgJDoqoCpaaqAhanqgKmp6oCA6iqAqKoqgLiqaoCtKuqAiusqgIdrqoCBa-qApWvqgJ2sKoCebCqAoCwqgKCsKoCibCqAh6zqgLFtaoCnLuqAgG9qgLXvqoCZb-qArzBqgISx6oCtcyqAtXMqgJizaoCz82qAjHOqgIC0aoCb9GqAg3VqgJ81aoCedaqAtvWqgII26oCHtuqAprbqgJN3KoC5N2qAjfeqgJV3qoCfN6qArveqgK_4KoCw-CqAsjgqgK04aoC-OGqAmPjqgIk5KoCa-SqAqDlqgKv6KoCWemqArnpqgI-66oCueuqAsrrqgJV7KoCxeyqAlvtqgJk7qoCAO-qAk3vqgKQ76oCq--qArTvqgK876oCzO-qAurvqgLy76oC-e-qAgTwqgKDMtoCqLPFBWqj-xI_sfsSWrH7EmCx-xLUufsSUMb7EgrK-xLO0fsS49H7EpDS-xK21vsSu9z7Eprg-xLv5vsS7-v7EoDs-xKB7fsSbO77EuPu-xJj7_sSw-_7Ejnx-xKWZmQTZ13QExplcRZtFvcX-FZrGn_LtS4rIvpCRxsHagnS626CY2R-&awbid_c=AKAmf-BN70D1bsNc-lhEZbgvHjRcenW2VK1HGLbjMacE9sGnWb-YUENvXmgoR8DdjAEIx7P7JMvSGmbo6nxfmCaUTfZ43rv2XKkmELH-Qj6sVJybVXIRq0lh-HeYrO0nMyiscQ-5hIvkveGsyqgLf6Jxhzj3pRFe-hgl_CDduFtPyw2HJ6Qo_8c&awbid_d=AKAmf-ByTsuUlrc7ii75jtmhi2vw6IQsQLG132aAA2lcfvZq8x1XBcSOx53bmd_GD8aj9UC9BuR_MpwXA1io-Mgmjrp47BLb99LiqQFK2ysiFHdkyXzCsjXnUdCTSEnVVj5t6ipgYJQepXm8-ESkYSlN2It5JhTiFLztVFWyg5IL3J0m4BvZSwh19ziTWZ3WoBmWxJunGn1eNOyFyRFWxVgke8F3dOP4QIWvoRIp19TS5fRaRC27QoWDKtNZFRvJ3iWY27iPAiakI46kQKStCplLR9ogIm_SprJ5RNeGvt_l6v76MBC_JzzrR8Lnpyx3KkUz_dhtbffF9kmR8tew1j12aWErKGxuoTBuapaBirlYc_AfbIuX9YsPCEQqrbzurIR3JgIiXFlpkHbwR27RdVZnfZJvixCAXQpcCT_S_4OSO94Rz018LEnXpn8jHYRkXWCRbCBNDeN76YS7jBAEJiRxb3fzTOjSO-qXocNHKqy7u3m6TsUQbEmEcdiv_0mVoRuXPQatT4AO8dsfIIGnTU6EgHiHCr2qaKge2HsvSQhEl6JWzLRzlQMjfW1eFmzY5SDtBbRFUEbPEf2qwxZTGqiwjHIsSnJ6P_joeLu3iv211Da7MRMZR6v3-cbHh46vW-lnPyQN4ARTgwlMC0gRrERw7VjCsKcpqs9Y-vokzuazQJTB-18nM0XYpq_QsfZ5V2uCyJ3QOXj7aAzj8UI48Ds3UUUTPXeZeyHCK6PalHoOeHSFwdVdrs4&cid=CAASBORoYlw&exk=1595218560&rfl=https%3A%2F%2Fvnexpress.net%2F&a_pr=13:Ydo79gAAAABeaOYj7INP9jHlq_rb02aOHtaOSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f974e8d6e570fde2dd07cee4041a1b83dc62b583b47a817c2caa29ada0f1c7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 00:52:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9529
x-xss-protection
0
server
cafe
etag
16937460792814555877
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Jan 2022 00:52:52 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame C640 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3222032697&adsafe=medium&client=ca-pub-5722610347565274&format=300x600_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://vnexpress.net&sub_client=bidder-570660&aceid=MFYXtAAlGLQA-VU0AWZaNAEvYzQBZ280AcJvNAHMbzQBUnA0AbZwNAHNcDQB3XA0Ae5wNAFmcTQBbHE0AXhxNAGHcTQBk3E0AdFxNAHccTQB33E0AelxNAHxcTQB_XE0AQFyNAEDcjQBBXI0AQdyNAFLc0EBU3NBAVhzQQEs_dkBOMhcAtf2iAJB94gC3PmIAidCqgIoQqoCK0KqAl9bqgLQYaoCSHKqAv54qgIoiqoCrpaqAoCbqgKBm6oCgpuqAtqeqgJDoqoCpaaqAhanqgKmp6oCA6iqAqKoqgLiqaoCtKuqAiusqgIdrqoCBa-qApWvqgJ2sKoCebCqAoCwqgKCsKoCibCqAh6zqgLFtaoCnLuqAgG9qgLXvqoCZb-qArzBqgISx6oCtcyqAtXMqgJizaoCz82qAjHOqgIC0aoCb9GqAg3VqgJ81aoCedaqAtvWqgII26oCHtuqAprbqgJN3KoC5N2qAjfeqgJV3qoCfN6qArveqgK_4KoCw-CqAsjgqgK04aoC-OGqAmPjqgIk5KoCa-SqAqDlqgKv6KoCWemqArnpqgI-66oCueuqAsrrqgJV7KoCxeyqAlvtqgJk7qoCAO-qAk3vqgKQ76oCq--qArTvqgK876oCzO-qAurvqgLy76oC-e-qAgTwqgKDMtoCqLPFBWqj-xI_sfsSWrH7EmCx-xLUufsSUMb7EgrK-xLO0fsS49H7EpDS-xK21vsSu9z7Eprg-xLv5vsS7-v7EoDs-xKB7fsSbO77EuPu-xJj7_sSw-_7Ejnx-xKWZmQTZ13QExplcRZtFvcX-FZrGn_LtS4rIvpCRxsHagnS626CY2R-&awbid_c=AKAmf-BN70D1bsNc-lhEZbgvHjRcenW2VK1HGLbjMacE9sGnWb-YUENvXmgoR8DdjAEIx7P7JMvSGmbo6nxfmCaUTfZ43rv2XKkmELH-Qj6sVJybVXIRq0lh-HeYrO0nMyiscQ-5hIvkveGsyqgLf6Jxhzj3pRFe-hgl_CDduFtPyw2HJ6Qo_8c&awbid_d=AKAmf-ByTsuUlrc7ii75jtmhi2vw6IQsQLG132aAA2lcfvZq8x1XBcSOx53bmd_GD8aj9UC9BuR_MpwXA1io-Mgmjrp47BLb99LiqQFK2ysiFHdkyXzCsjXnUdCTSEnVVj5t6ipgYJQepXm8-ESkYSlN2It5JhTiFLztVFWyg5IL3J0m4BvZSwh19ziTWZ3WoBmWxJunGn1eNOyFyRFWxVgke8F3dOP4QIWvoRIp19TS5fRaRC27QoWDKtNZFRvJ3iWY27iPAiakI46kQKStCplLR9ogIm_SprJ5RNeGvt_l6v76MBC_JzzrR8Lnpyx3KkUz_dhtbffF9kmR8tew1j12aWErKGxuoTBuapaBirlYc_AfbIuX9YsPCEQqrbzurIR3JgIiXFlpkHbwR27RdVZnfZJvixCAXQpcCT_S_4OSO94Rz018LEnXpn8jHYRkXWCRbCBNDeN76YS7jBAEJiRxb3fzTOjSO-qXocNHKqy7u3m6TsUQbEmEcdiv_0mVoRuXPQatT4AO8dsfIIGnTU6EgHiHCr2qaKge2HsvSQhEl6JWzLRzlQMjfW1eFmzY5SDtBbRFUEbPEf2qwxZTGqiwjHIsSnJ6P_joeLu3iv211Da7MRMZR6v3-cbHh46vW-lnPyQN4ARTgwlMC0gRrERw7VjCsKcpqs9Y-vokzuazQJTB-18nM0XYpq_QsfZ5V2uCyJ3QOXj7aAzj8UI48Ds3UUUTPXeZeyHCK6PalHoOeHSFwdVdrs4&cid=CAASBORoYlw&exk=1595218560&rfl=https%3A%2F%2Fvnexpress.net%2F&a_pr=13:Ydo79gAAAABeaOYj7INP9jHlq_rb02aOHtaOSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
272f3d0f2cce62e707f9c0686695e2adbac257d88fff6eecf1bf96f43048f935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 00:22:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1201
x-xss-protection
0
server
cafe
etag
2856655861756061653
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Jan 2022 00:22:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C640 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3222032697&adsafe=medium&client=ca-pub-5722610347565274&format=300x600_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://vnexpress.net&sub_client=bidder-570660&aceid=MFYXtAAlGLQA-VU0AWZaNAEvYzQBZ280AcJvNAHMbzQBUnA0AbZwNAHNcDQB3XA0Ae5wNAFmcTQBbHE0AXhxNAGHcTQBk3E0AdFxNAHccTQB33E0AelxNAHxcTQB_XE0AQFyNAEDcjQBBXI0AQdyNAFLc0EBU3NBAVhzQQEs_dkBOMhcAtf2iAJB94gC3PmIAidCqgIoQqoCK0KqAl9bqgLQYaoCSHKqAv54qgIoiqoCrpaqAoCbqgKBm6oCgpuqAtqeqgJDoqoCpaaqAhanqgKmp6oCA6iqAqKoqgLiqaoCtKuqAiusqgIdrqoCBa-qApWvqgJ2sKoCebCqAoCwqgKCsKoCibCqAh6zqgLFtaoCnLuqAgG9qgLXvqoCZb-qArzBqgISx6oCtcyqAtXMqgJizaoCz82qAjHOqgIC0aoCb9GqAg3VqgJ81aoCedaqAtvWqgII26oCHtuqAprbqgJN3KoC5N2qAjfeqgJV3qoCfN6qArveqgK_4KoCw-CqAsjgqgK04aoC-OGqAmPjqgIk5KoCa-SqAqDlqgKv6KoCWemqArnpqgI-66oCueuqAsrrqgJV7KoCxeyqAlvtqgJk7qoCAO-qAk3vqgKQ76oCq--qArTvqgK876oCzO-qAurvqgLy76oC-e-qAgTwqgKDMtoCqLPFBWqj-xI_sfsSWrH7EmCx-xLUufsSUMb7EgrK-xLO0fsS49H7EpDS-xK21vsSu9z7Eprg-xLv5vsS7-v7EoDs-xKB7fsSbO77EuPu-xJj7_sSw-_7Ejnx-xKWZmQTZ13QExplcRZtFvcX-FZrGn_LtS4rIvpCRxsHagnS626CY2R-&awbid_c=AKAmf-BN70D1bsNc-lhEZbgvHjRcenW2VK1HGLbjMacE9sGnWb-YUENvXmgoR8DdjAEIx7P7JMvSGmbo6nxfmCaUTfZ43rv2XKkmELH-Qj6sVJybVXIRq0lh-HeYrO0nMyiscQ-5hIvkveGsyqgLf6Jxhzj3pRFe-hgl_CDduFtPyw2HJ6Qo_8c&awbid_d=AKAmf-ByTsuUlrc7ii75jtmhi2vw6IQsQLG132aAA2lcfvZq8x1XBcSOx53bmd_GD8aj9UC9BuR_MpwXA1io-Mgmjrp47BLb99LiqQFK2ysiFHdkyXzCsjXnUdCTSEnVVj5t6ipgYJQepXm8-ESkYSlN2It5JhTiFLztVFWyg5IL3J0m4BvZSwh19ziTWZ3WoBmWxJunGn1eNOyFyRFWxVgke8F3dOP4QIWvoRIp19TS5fRaRC27QoWDKtNZFRvJ3iWY27iPAiakI46kQKStCplLR9ogIm_SprJ5RNeGvt_l6v76MBC_JzzrR8Lnpyx3KkUz_dhtbffF9kmR8tew1j12aWErKGxuoTBuapaBirlYc_AfbIuX9YsPCEQqrbzurIR3JgIiXFlpkHbwR27RdVZnfZJvixCAXQpcCT_S_4OSO94Rz018LEnXpn8jHYRkXWCRbCBNDeN76YS7jBAEJiRxb3fzTOjSO-qXocNHKqy7u3m6TsUQbEmEcdiv_0mVoRuXPQatT4AO8dsfIIGnTU6EgHiHCr2qaKge2HsvSQhEl6JWzLRzlQMjfW1eFmzY5SDtBbRFUEbPEf2qwxZTGqiwjHIsSnJ6P_joeLu3iv211Da7MRMZR6v3-cbHh46vW-lnPyQN4ARTgwlMC0gRrERw7VjCsKcpqs9Y-vokzuazQJTB-18nM0XYpq_QsfZ5V2uCyJ3QOXj7aAzj8UI48Ds3UUUTPXeZeyHCK6PalHoOeHSFwdVdrs4&cid=CAASBORoYlw&exk=1595218560&rfl=https%3A%2F%2Fvnexpress.net%2F&a_pr=13:Ydo79gAAAABeaOYj7INP9jHlq_rb02aOHtaOSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:35:52 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame C640 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3222032697&adsafe=medium&client=ca-pub-5722610347565274&format=300x600_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://vnexpress.net&sub_client=bidder-570660&aceid=MFYXtAAlGLQA-VU0AWZaNAEvYzQBZ280AcJvNAHMbzQBUnA0AbZwNAHNcDQB3XA0Ae5wNAFmcTQBbHE0AXhxNAGHcTQBk3E0AdFxNAHccTQB33E0AelxNAHxcTQB_XE0AQFyNAEDcjQBBXI0AQdyNAFLc0EBU3NBAVhzQQEs_dkBOMhcAtf2iAJB94gC3PmIAidCqgIoQqoCK0KqAl9bqgLQYaoCSHKqAv54qgIoiqoCrpaqAoCbqgKBm6oCgpuqAtqeqgJDoqoCpaaqAhanqgKmp6oCA6iqAqKoqgLiqaoCtKuqAiusqgIdrqoCBa-qApWvqgJ2sKoCebCqAoCwqgKCsKoCibCqAh6zqgLFtaoCnLuqAgG9qgLXvqoCZb-qArzBqgISx6oCtcyqAtXMqgJizaoCz82qAjHOqgIC0aoCb9GqAg3VqgJ81aoCedaqAtvWqgII26oCHtuqAprbqgJN3KoC5N2qAjfeqgJV3qoCfN6qArveqgK_4KoCw-CqAsjgqgK04aoC-OGqAmPjqgIk5KoCa-SqAqDlqgKv6KoCWemqArnpqgI-66oCueuqAsrrqgJV7KoCxeyqAlvtqgJk7qoCAO-qAk3vqgKQ76oCq--qArTvqgK876oCzO-qAurvqgLy76oC-e-qAgTwqgKDMtoCqLPFBWqj-xI_sfsSWrH7EmCx-xLUufsSUMb7EgrK-xLO0fsS49H7EpDS-xK21vsSu9z7Eprg-xLv5vsS7-v7EoDs-xKB7fsSbO77EuPu-xJj7_sSw-_7Ejnx-xKWZmQTZ13QExplcRZtFvcX-FZrGn_LtS4rIvpCRxsHagnS626CY2R-&awbid_c=AKAmf-BN70D1bsNc-lhEZbgvHjRcenW2VK1HGLbjMacE9sGnWb-YUENvXmgoR8DdjAEIx7P7JMvSGmbo6nxfmCaUTfZ43rv2XKkmELH-Qj6sVJybVXIRq0lh-HeYrO0nMyiscQ-5hIvkveGsyqgLf6Jxhzj3pRFe-hgl_CDduFtPyw2HJ6Qo_8c&awbid_d=AKAmf-ByTsuUlrc7ii75jtmhi2vw6IQsQLG132aAA2lcfvZq8x1XBcSOx53bmd_GD8aj9UC9BuR_MpwXA1io-Mgmjrp47BLb99LiqQFK2ysiFHdkyXzCsjXnUdCTSEnVVj5t6ipgYJQepXm8-ESkYSlN2It5JhTiFLztVFWyg5IL3J0m4BvZSwh19ziTWZ3WoBmWxJunGn1eNOyFyRFWxVgke8F3dOP4QIWvoRIp19TS5fRaRC27QoWDKtNZFRvJ3iWY27iPAiakI46kQKStCplLR9ogIm_SprJ5RNeGvt_l6v76MBC_JzzrR8Lnpyx3KkUz_dhtbffF9kmR8tew1j12aWErKGxuoTBuapaBirlYc_AfbIuX9YsPCEQqrbzurIR3JgIiXFlpkHbwR27RdVZnfZJvixCAXQpcCT_S_4OSO94Rz018LEnXpn8jHYRkXWCRbCBNDeN76YS7jBAEJiRxb3fzTOjSO-qXocNHKqy7u3m6TsUQbEmEcdiv_0mVoRuXPQatT4AO8dsfIIGnTU6EgHiHCr2qaKge2HsvSQhEl6JWzLRzlQMjfW1eFmzY5SDtBbRFUEbPEf2qwxZTGqiwjHIsSnJ6P_joeLu3iv211Da7MRMZR6v3-cbHh46vW-lnPyQN4ARTgwlMC0gRrERw7VjCsKcpqs9Y-vokzuazQJTB-18nM0XYpq_QsfZ5V2uCyJ3QOXj7aAzj8UI48Ds3UUUTPXeZeyHCK6PalHoOeHSFwdVdrs4&cid=CAASBORoYlw&exk=1595218560&rfl=https%3A%2F%2Fvnexpress.net%2F&a_pr=13:Ydo79gAAAABeaOYj7INP9jHlq_rb02aOHtaOSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dbe05d27c8fb73029fdc1159739af3abda61b58bc6af35e080cc69fb6a94917
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:12:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7353
x-xss-protection
0
server
cafe
etag
13595072073811023517
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Jan 2022 01:12:23 GMT
l
www.google.com/ads/measurement/ Frame C640 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSY1tnIwgexErJGagr0B4DH-X6VJcelaNZ92JRW8r0xjqEUym-BQ1JU9wGf5FAmnadk_Ez-NgYTCcIOSRGQRJw5uzVHkQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3222032697&adsafe=medium&client=ca-pub-5722610347565274&format=300x600_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://vnexpress.net&sub_client=bidder-570660&aceid=MFYXtAAlGLQA-VU0AWZaNAEvYzQBZ280AcJvNAHMbzQBUnA0AbZwNAHNcDQB3XA0Ae5wNAFmcTQBbHE0AXhxNAGHcTQBk3E0AdFxNAHccTQB33E0AelxNAHxcTQB_XE0AQFyNAEDcjQBBXI0AQdyNAFLc0EBU3NBAVhzQQEs_dkBOMhcAtf2iAJB94gC3PmIAidCqgIoQqoCK0KqAl9bqgLQYaoCSHKqAv54qgIoiqoCrpaqAoCbqgKBm6oCgpuqAtqeqgJDoqoCpaaqAhanqgKmp6oCA6iqAqKoqgLiqaoCtKuqAiusqgIdrqoCBa-qApWvqgJ2sKoCebCqAoCwqgKCsKoCibCqAh6zqgLFtaoCnLuqAgG9qgLXvqoCZb-qArzBqgISx6oCtcyqAtXMqgJizaoCz82qAjHOqgIC0aoCb9GqAg3VqgJ81aoCedaqAtvWqgII26oCHtuqAprbqgJN3KoC5N2qAjfeqgJV3qoCfN6qArveqgK_4KoCw-CqAsjgqgK04aoC-OGqAmPjqgIk5KoCa-SqAqDlqgKv6KoCWemqArnpqgI-66oCueuqAsrrqgJV7KoCxeyqAlvtqgJk7qoCAO-qAk3vqgKQ76oCq--qArTvqgK876oCzO-qAurvqgLy76oC-e-qAgTwqgKDMtoCqLPFBWqj-xI_sfsSWrH7EmCx-xLUufsSUMb7EgrK-xLO0fsS49H7EpDS-xK21vsSu9z7Eprg-xLv5vsS7-v7EoDs-xKB7fsSbO77EuPu-xJj7_sSw-_7Ejnx-xKWZmQTZ13QExplcRZtFvcX-FZrGn_LtS4rIvpCRxsHagnS626CY2R-&awbid_c=AKAmf-BN70D1bsNc-lhEZbgvHjRcenW2VK1HGLbjMacE9sGnWb-YUENvXmgoR8DdjAEIx7P7JMvSGmbo6nxfmCaUTfZ43rv2XKkmELH-Qj6sVJybVXIRq0lh-HeYrO0nMyiscQ-5hIvkveGsyqgLf6Jxhzj3pRFe-hgl_CDduFtPyw2HJ6Qo_8c&awbid_d=AKAmf-ByTsuUlrc7ii75jtmhi2vw6IQsQLG132aAA2lcfvZq8x1XBcSOx53bmd_GD8aj9UC9BuR_MpwXA1io-Mgmjrp47BLb99LiqQFK2ysiFHdkyXzCsjXnUdCTSEnVVj5t6ipgYJQepXm8-ESkYSlN2It5JhTiFLztVFWyg5IL3J0m4BvZSwh19ziTWZ3WoBmWxJunGn1eNOyFyRFWxVgke8F3dOP4QIWvoRIp19TS5fRaRC27QoWDKtNZFRvJ3iWY27iPAiakI46kQKStCplLR9ogIm_SprJ5RNeGvt_l6v76MBC_JzzrR8Lnpyx3KkUz_dhtbffF9kmR8tew1j12aWErKGxuoTBuapaBirlYc_AfbIuX9YsPCEQqrbzurIR3JgIiXFlpkHbwR27RdVZnfZJvixCAXQpcCT_S_4OSO94Rz018LEnXpn8jHYRkXWCRbCBNDeN76YS7jBAEJiRxb3fzTOjSO-qXocNHKqy7u3m6TsUQbEmEcdiv_0mVoRuXPQatT4AO8dsfIIGnTU6EgHiHCr2qaKge2HsvSQhEl6JWzLRzlQMjfW1eFmzY5SDtBbRFUEbPEf2qwxZTGqiwjHIsSnJ6P_joeLu3iv211Da7MRMZR6v3-cbHh46vW-lnPyQN4ARTgwlMC0gRrERw7VjCsKcpqs9Y-vokzuazQJTB-18nM0XYpq_QsfZ5V2uCyJ3QOXj7aAzj8UI48Ds3UUUTPXeZeyHCK6PalHoOeHSFwdVdrs4&cid=CAASBORoYlw&exk=1595218560&rfl=https%3A%2F%2Fvnexpress.net%2F&a_pr=13:Ydo79gAAAABeaOYj7INP9jHlq_rb02aOHtaOSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
one_click_handler_one_afma.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame C640 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/one_click_handler_one_afma.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3222032697&adsafe=medium&client=ca-pub-5722610347565274&format=300x600_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://vnexpress.net&sub_client=bidder-570660&aceid=MFYXtAAlGLQA-VU0AWZaNAEvYzQBZ280AcJvNAHMbzQBUnA0AbZwNAHNcDQB3XA0Ae5wNAFmcTQBbHE0AXhxNAGHcTQBk3E0AdFxNAHccTQB33E0AelxNAHxcTQB_XE0AQFyNAEDcjQBBXI0AQdyNAFLc0EBU3NBAVhzQQEs_dkBOMhcAtf2iAJB94gC3PmIAidCqgIoQqoCK0KqAl9bqgLQYaoCSHKqAv54qgIoiqoCrpaqAoCbqgKBm6oCgpuqAtqeqgJDoqoCpaaqAhanqgKmp6oCA6iqAqKoqgLiqaoCtKuqAiusqgIdrqoCBa-qApWvqgJ2sKoCebCqAoCwqgKCsKoCibCqAh6zqgLFtaoCnLuqAgG9qgLXvqoCZb-qArzBqgISx6oCtcyqAtXMqgJizaoCz82qAjHOqgIC0aoCb9GqAg3VqgJ81aoCedaqAtvWqgII26oCHtuqAprbqgJN3KoC5N2qAjfeqgJV3qoCfN6qArveqgK_4KoCw-CqAsjgqgK04aoC-OGqAmPjqgIk5KoCa-SqAqDlqgKv6KoCWemqArnpqgI-66oCueuqAsrrqgJV7KoCxeyqAlvtqgJk7qoCAO-qAk3vqgKQ76oCq--qArTvqgK876oCzO-qAurvqgLy76oC-e-qAgTwqgKDMtoCqLPFBWqj-xI_sfsSWrH7EmCx-xLUufsSUMb7EgrK-xLO0fsS49H7EpDS-xK21vsSu9z7Eprg-xLv5vsS7-v7EoDs-xKB7fsSbO77EuPu-xJj7_sSw-_7Ejnx-xKWZmQTZ13QExplcRZtFvcX-FZrGn_LtS4rIvpCRxsHagnS626CY2R-&awbid_c=AKAmf-BN70D1bsNc-lhEZbgvHjRcenW2VK1HGLbjMacE9sGnWb-YUENvXmgoR8DdjAEIx7P7JMvSGmbo6nxfmCaUTfZ43rv2XKkmELH-Qj6sVJybVXIRq0lh-HeYrO0nMyiscQ-5hIvkveGsyqgLf6Jxhzj3pRFe-hgl_CDduFtPyw2HJ6Qo_8c&awbid_d=AKAmf-ByTsuUlrc7ii75jtmhi2vw6IQsQLG132aAA2lcfvZq8x1XBcSOx53bmd_GD8aj9UC9BuR_MpwXA1io-Mgmjrp47BLb99LiqQFK2ysiFHdkyXzCsjXnUdCTSEnVVj5t6ipgYJQepXm8-ESkYSlN2It5JhTiFLztVFWyg5IL3J0m4BvZSwh19ziTWZ3WoBmWxJunGn1eNOyFyRFWxVgke8F3dOP4QIWvoRIp19TS5fRaRC27QoWDKtNZFRvJ3iWY27iPAiakI46kQKStCplLR9ogIm_SprJ5RNeGvt_l6v76MBC_JzzrR8Lnpyx3KkUz_dhtbffF9kmR8tew1j12aWErKGxuoTBuapaBirlYc_AfbIuX9YsPCEQqrbzurIR3JgIiXFlpkHbwR27RdVZnfZJvixCAXQpcCT_S_4OSO94Rz018LEnXpn8jHYRkXWCRbCBNDeN76YS7jBAEJiRxb3fzTOjSO-qXocNHKqy7u3m6TsUQbEmEcdiv_0mVoRuXPQatT4AO8dsfIIGnTU6EgHiHCr2qaKge2HsvSQhEl6JWzLRzlQMjfW1eFmzY5SDtBbRFUEbPEf2qwxZTGqiwjHIsSnJ6P_joeLu3iv211Da7MRMZR6v3-cbHh46vW-lnPyQN4ARTgwlMC0gRrERw7VjCsKcpqs9Y-vokzuazQJTB-18nM0XYpq_QsfZ5V2uCyJ3QOXj7aAzj8UI48Ds3UUUTPXeZeyHCK6PalHoOeHSFwdVdrs4&cid=CAASBORoYlw&exk=1595218560&rfl=https%3A%2F%2Fvnexpress.net%2F&a_pr=13:Ydo79gAAAABeaOYj7INP9jHlq_rb02aOHtaOSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5a1b91c192e5ed238507efddf3221800532b0ed1cca24b7fcd0e05cb458563a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 09:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58831
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14085
x-xss-protection
0
server
cafe
etag
3923012237517151956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 22 Jan 2022 09:15:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 40E0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:35:52 GMT
94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
pagead2.googlesyndication.com/bg/ Frame F3E0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 18:05:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
27005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13400
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Jan 2023 18:05:47 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CF01 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUAqbLXveNaVnKI5Ac2daKkNnVY3DTC0iRKBPrwM4fkIFB2qBavP88Cgx3me6EmHPLP3fhX0GFeLKqIlF9VDzu44Md_f8jj1ohz9HxmgiNLiwiNC_nBAJIBAlzmr9W19OqcZN9H2Nwz9hQsW5VtTATncfxoIOXIpN4HBMyOXxjrfT7A2Ie79MHHRA40gNzZRj4CnmTnK0kd0zA6xeXguKc6NV_yI9rpReJXimi0s92JDSvwCaBjYcWnAN6wqS5zte0vrnBm-drgy_ATw0YSdBCi9cVgS3KnNacmei5m5E6gX8lR4RWHXoQXDAck7z3fnq7jHRNwB2I9c7m-ZixZBnXnrF_wSY&sig=Cg0ArKJSzHNpulr4SWy7EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ani-uk-slider-vnexpress.net-avantis.js
solution.urekamedia.com/vnexpress.net/avantis/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://solution.urekamedia.com/vnexpress.net/avantis/ani-uk-slider-vnexpress.net-avantis.js
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:6036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adee1eb7f9c1d8f269073423a59b4164fa0cb078a41206ba6a8b7dd6c3e4083

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6472
cf-polished
origSize=9785
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 26 Nov 2021 07:46:35 GMT
server
cloudflare
etag
W/"2639-5d1ac4a51acc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXvKQpMlzqf%2F1THGPjQVFj7qUa5U5%2B%2BzQ%2BnVxI%2B4pnXJxNHQtbVJa0N0xzkMyBL3joF%2BmB2tYR92NTObE%2FrnUjp%2FqImWYpkejs95NFkEW3XYuimKpuD3ZfLcMwWqB07gyJaSBRxVPxaPQJBWhenDACZghu9lRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
6ca9ee6e9ac772bb-LHR
cf-bgj
minify
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CF01 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:35:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BCDA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Sat, 08 Jan 2022 23:05:15 GMT
expires
Sun, 08 Jan 2023 23:05:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9037
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame AC81 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2db1b8ffef6478aa074dd1b800f8ea28a0f0f844c40bea8813dcd093730baf6c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OeqF5bX7CRryRAcN81YNyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 09 Jan 2022 01:35:52 GMT
date
Sun, 09 Jan 2022 01:35:52 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-OeqF5bX7CRryRAcN81YNyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dcm
s.amazon-adsystem.com/ Frame F5DA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ydo797Dx1_GXImrEnafbeQAAB0cAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ydo797Dx1_GXImrEnafbeQAAB0cAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ydo797Dx1_GXImrEnafbeQAAB0cAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=192938&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:52 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NKMPC98D6C18Y1PN634N
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:52 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MEHRNEG6MSEBTVG6A1GZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ydo797Dx1_GXImrEnafbeQAAB0cAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F5DA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ydo797Dx1-GXImrEnafbeQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOW21OBXT3ODeBV1k2MQzkU&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOW21OBXT3ODeBV1k2MQzkU&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=192938&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 09 Jan 2022 01:35:52 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOW21OBXT3ODeBV1k2MQzkU&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F5DA 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=192938&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame F5DA 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ydo797Dx1_GXImrEnafbeQAAB0cAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=192938&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F5DA
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=GWFJahwySzMCYkgzTGIAORZhTDoCMRg_F2OIsiUr
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=GWFJahwySzMCYkgzTGIAORZhTDoCMRg_F2OIsiUr
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=192938&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 09 Jan 2022 01:35:52 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=GWFJahwySzMCYkgzTGIAORZhTDoCMRg_F2OIsiUr
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
getuid
ib.adnxs.com/ Frame F5DA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=192938&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
cookiesync
bttrack.com/pixel/ Frame F5DA 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=192938&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:52 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
crum
dsum-sec.casalemedia.com/ Frame F5DA
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e9561d67-7ec5-46d5-9885-b70ca8d64246
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e9561d67-7ec5-46d5-9885-b70ca8d64246
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=192938&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 09 Jan 2022 01:35:52 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-e9561d67-7ec5-46d5-9885-b70ca8d64246
date
Sun, 09 Jan 2022 01:35:52 GMT
server
Apache-Coyote/1.1
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame F5DA 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Ydo797Dx1_GXImrEnafbeQAAB0cAAAAB?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=192938&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:52 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2217
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 09 Jan 2022 02:12:49 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9227 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3222032697&adsafe=medium&client=ca-pub-5722610347565274&format=300x600_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://vnexpress.net&sub_client=bidder-570660&aceid=MFYXtAAlGLQA-VU0AWZaNAEvYzQBZ280AcJvNAHMbzQBUnA0AbZwNAHNcDQB3XA0Ae5wNAFmcTQBbHE0AXhxNAGHcTQBk3E0AdFxNAHccTQB33E0AelxNAHxcTQB_XE0AQFyNAEDcjQBBXI0AQdyNAFLc0EBU3NBAVhzQQEs_dkBOMhcAtf2iAJB94gC3PmIAidCqgIoQqoCK0KqAl9bqgLQYaoCSHKqAv54qgIoiqoCrpaqAoCbqgKBm6oCgpuqAtqeqgJDoqoCpaaqAhanqgKmp6oCA6iqAqKoqgLiqaoCtKuqAiusqgIdrqoCBa-qApWvqgJ2sKoCebCqAoCwqgKCsKoCibCqAh6zqgLFtaoCnLuqAgG9qgLXvqoCZb-qArzBqgISx6oCtcyqAtXMqgJizaoCz82qAjHOqgIC0aoCb9GqAg3VqgJ81aoCedaqAtvWqgII26oCHtuqAprbqgJN3KoC5N2qAjfeqgJV3qoCfN6qArveqgK_4KoCw-CqAsjgqgK04aoC-OGqAmPjqgIk5KoCa-SqAqDlqgKv6KoCWemqArnpqgI-66oCueuqAsrrqgJV7KoCxeyqAlvtqgJk7qoCAO-qAk3vqgKQ76oCq--qArTvqgK876oCzO-qAurvqgLy76oC-e-qAgTwqgKDMtoCqLPFBWqj-xI_sfsSWrH7EmCx-xLUufsSUMb7EgrK-xLO0fsS49H7EpDS-xK21vsSu9z7Eprg-xLv5vsS7-v7EoDs-xKB7fsSbO77EuPu-xJj7_sSw-_7Ejnx-xKWZmQTZ13QExplcRZtFvcX-FZrGn_LtS4rIvpCRxsHagnS626CY2R-&awbid_c=AKAmf-BN70D1bsNc-lhEZbgvHjRcenW2VK1HGLbjMacE9sGnWb-YUENvXmgoR8DdjAEIx7P7JMvSGmbo6nxfmCaUTfZ43rv2XKkmELH-Qj6sVJybVXIRq0lh-HeYrO0nMyiscQ-5hIvkveGsyqgLf6Jxhzj3pRFe-hgl_CDduFtPyw2HJ6Qo_8c&awbid_d=AKAmf-ByTsuUlrc7ii75jtmhi2vw6IQsQLG132aAA2lcfvZq8x1XBcSOx53bmd_GD8aj9UC9BuR_MpwXA1io-Mgmjrp47BLb99LiqQFK2ysiFHdkyXzCsjXnUdCTSEnVVj5t6ipgYJQepXm8-ESkYSlN2It5JhTiFLztVFWyg5IL3J0m4BvZSwh19ziTWZ3WoBmWxJunGn1eNOyFyRFWxVgke8F3dOP4QIWvoRIp19TS5fRaRC27QoWDKtNZFRvJ3iWY27iPAiakI46kQKStCplLR9ogIm_SprJ5RNeGvt_l6v76MBC_JzzrR8Lnpyx3KkUz_dhtbffF9kmR8tew1j12aWErKGxuoTBuapaBirlYc_AfbIuX9YsPCEQqrbzurIR3JgIiXFlpkHbwR27RdVZnfZJvixCAXQpcCT_S_4OSO94Rz018LEnXpn8jHYRkXWCRbCBNDeN76YS7jBAEJiRxb3fzTOjSO-qXocNHKqy7u3m6TsUQbEmEcdiv_0mVoRuXPQatT4AO8dsfIIGnTU6EgHiHCr2qaKge2HsvSQhEl6JWzLRzlQMjfW1eFmzY5SDtBbRFUEbPEf2qwxZTGqiwjHIsSnJ6P_joeLu3iv211Da7MRMZR6v3-cbHh46vW-lnPyQN4ARTgwlMC0gRrERw7VjCsKcpqs9Y-vokzuazQJTB-18nM0XYpq_QsfZ5V2uCyJ3QOXj7aAzj8UI48Ds3UUUTPXeZeyHCK6PalHoOeHSFwdVdrs4&cid=CAASBORoYlw&exk=1595218560&rfl=https%3A%2F%2Fvnexpress.net%2F&a_pr=13:Ydo79gAAAABeaOYj7INP9jHlq_rb02aOHtaOSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=3222032697&adsafe=medium&client=ca-pub-5722610347565274&format=300x600_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://vnexpress.net&sub_client=bidder-570660&aceid=MFYXtAAlGLQA-VU0AWZaNAEvYzQBZ280AcJvNAHMbzQBUnA0AbZwNAHNcDQB3XA0Ae5wNAFmcTQBbHE0AXhxNAGHcTQBk3E0AdFxNAHccTQB33E0AelxNAHxcTQB_XE0AQFyNAEDcjQBBXI0AQdyNAFLc0EBU3NBAVhzQQEs_dkBOMhcAtf2iAJB94gC3PmIAidCqgIoQqoCK0KqAl9bqgLQYaoCSHKqAv54qgIoiqoCrpaqAoCbqgKBm6oCgpuqAtqeqgJDoqoCpaaqAhanqgKmp6oCA6iqAqKoqgLiqaoCtKuqAiusqgIdrqoCBa-qApWvqgJ2sKoCebCqAoCwqgKCsKoCibCqAh6zqgLFtaoCnLuqAgG9qgLXvqoCZb-qArzBqgISx6oCtcyqAtXMqgJizaoCz82qAjHOqgIC0aoCb9GqAg3VqgJ81aoCedaqAtvWqgII26oCHtuqAprbqgJN3KoC5N2qAjfeqgJV3qoCfN6qArveqgK_4KoCw-CqAsjgqgK04aoC-OGqAmPjqgIk5KoCa-SqAqDlqgKv6KoCWemqArnpqgI-66oCueuqAsrrqgJV7KoCxeyqAlvtqgJk7qoCAO-qAk3vqgKQ76oCq--qArTvqgK876oCzO-qAurvqgLy76oC-e-qAgTwqgKDMtoCqLPFBWqj-xI_sfsSWrH7EmCx-xLUufsSUMb7EgrK-xLO0fsS49H7EpDS-xK21vsSu9z7Eprg-xLv5vsS7-v7EoDs-xKB7fsSbO77EuPu-xJj7_sSw-_7Ejnx-xKWZmQTZ13QExplcRZtFvcX-FZrGn_LtS4rIvpCRxsHagnS626CY2R-&awbid_c=AKAmf-BN70D1bsNc-lhEZbgvHjRcenW2VK1HGLbjMacE9sGnWb-YUENvXmgoR8DdjAEIx7P7JMvSGmbo6nxfmCaUTfZ43rv2XKkmELH-Qj6sVJybVXIRq0lh-HeYrO0nMyiscQ-5hIvkveGsyqgLf6Jxhzj3pRFe-hgl_CDduFtPyw2HJ6Qo_8c&awbid_d=AKAmf-ByTsuUlrc7ii75jtmhi2vw6IQsQLG132aAA2lcfvZq8x1XBcSOx53bmd_GD8aj9UC9BuR_MpwXA1io-Mgmjrp47BLb99LiqQFK2ysiFHdkyXzCsjXnUdCTSEnVVj5t6ipgYJQepXm8-ESkYSlN2It5JhTiFLztVFWyg5IL3J0m4BvZSwh19ziTWZ3WoBmWxJunGn1eNOyFyRFWxVgke8F3dOP4QIWvoRIp19TS5fRaRC27QoWDKtNZFRvJ3iWY27iPAiakI46kQKStCplLR9ogIm_SprJ5RNeGvt_l6v76MBC_JzzrR8Lnpyx3KkUz_dhtbffF9kmR8tew1j12aWErKGxuoTBuapaBirlYc_AfbIuX9YsPCEQqrbzurIR3JgIiXFlpkHbwR27RdVZnfZJvixCAXQpcCT_S_4OSO94Rz018LEnXpn8jHYRkXWCRbCBNDeN76YS7jBAEJiRxb3fzTOjSO-qXocNHKqy7u3m6TsUQbEmEcdiv_0mVoRuXPQatT4AO8dsfIIGnTU6EgHiHCr2qaKge2HsvSQhEl6JWzLRzlQMjfW1eFmzY5SDtBbRFUEbPEf2qwxZTGqiwjHIsSnJ6P_joeLu3iv211Da7MRMZR6v3-cbHh46vW-lnPyQN4ARTgwlMC0gRrERw7VjCsKcpqs9Y-vokzuazQJTB-18nM0XYpq_QsfZ5V2uCyJ3QOXj7aAzj8UI48Ds3UUUTPXeZeyHCK6PalHoOeHSFwdVdrs4&cid=CAASBORoYlw&exk=1595218560&rfl=https%3A%2F%2Fvnexpress.net%2F&a_pr=13:Ydo79gAAAABeaOYj7INP9jHlq_rb02aOHtaOSA

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 09 Jan 2022 01:34:50 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
62
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
avpb3.js
player.aniview.com/script/6.1/ Frame EEBD 		314 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0c8de3a334754a312eae4a2e9c981f57d71052818d1e1ae26424df244a1d1a1d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvep-E9usLsKth49Ca9VTy8Uj5Mpx9zWT32Psb9kQ7EKJ5ekHKomuelHchyurcE-DKXv4sxjY8AkPD7CvkOSwim6ceY5w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99493
last-modified
Tue, 04 Jan 2022 12:50:36 GMT
server
UploadServer
etag
"3ee5f7000f64e3442d18317708c163a1"
vary
Accept-Encoding
x-goog-hash
crc32c=kuHJCg==, md5=PuX3AA9k40QtGDF3CMFjoQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1641300636602977
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99493
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 09 Jan 2022 01:40:52 GMT
avpb3a0.js
player.aniview.com/script/6.1/ Frame EEBD 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9a6a403a35e94f2a7689050dbfed4e75fecf7a2941da8dd9cacf74f24264252a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduKPayuAOLbn95BztPUFbhzIEV5N8umOnsKuh_jMlaCfrgVMtXpnf4h1q7FtGO4inSM2Ujv3Yys0l7MdSHgv-N1Tz6n9Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
20983
last-modified
Tue, 04 Jan 2022 12:50:51 GMT
server
UploadServer
etag
"bd2f4af6d1b5cc8a960ea707d7e649ff"
vary
Accept-Encoding
x-goog-hash
crc32c=GNRGPA==, md5=vS9K9tG1zIqWDqcH1+ZJ/w==
content-language
en
access-control-allow-origin
*
x-goog-generation
1641300651111954
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20983
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 09 Jan 2022 01:40:52 GMT
avpb3a2.js
player.aniview.com/script/6.1/ Frame EEBD 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3a2.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8026dd5fe3b88ee31310e5eb914953539a250d6d7b4333426cf0c9b68230d1fb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtI8PQuMtW1EayRCmsRu3_Z2yc0GMj16V9PS8dFQIA--cfyaOqYE9ZxDXPJTcwm-sRc3wGs8pHTa3pQoBixL5BPlv4uNg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
21183
last-modified
Tue, 04 Jan 2022 12:51:25 GMT
server
UploadServer
etag
"29b7433300ce9349cf07501bd9eb8df5"
vary
Accept-Encoding
x-goog-hash
crc32c=zsE6zg==, md5=KbdDMwDOk0nPB1Ab2euN9Q==
content-language
en
access-control-allow-origin
*
x-goog-generation
1641300685538792
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
21183
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 09 Jan 2022 01:40:52 GMT
avpb3a1.js
player.aniview.com/script/6.1/ Frame EEBD 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9695a8916319f74956c93bfaa8ec9b47bb92c65db44cd2058c6ef412e81bebe5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvsbTQcskGKWbHbAJOA9Wqks1UlhTsRSWJuDlFLOkIBkm3O5-JkWjdzWQ9EsW2cjX5y3tlN9lR7_eXNzWsOQx3Z5R6I8A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
19997
last-modified
Tue, 04 Jan 2022 12:51:05 GMT
server
UploadServer
etag
"251fb2abe5f141b27df433467b6a8021"
vary
Accept-Encoding
x-goog-hash
crc32c=nhbBzw==, md5=JR+yq+XxQbJ99DNGe2qAIQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1641300665552375
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
19997
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 09 Jan 2022 01:40:52 GMT
12472193
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/12472193?series=575892314681412188&_fw_gdpr=0&_fw_gdpr_consent=&cbb=1692152086
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dda679b7fe3fbed551af0d855998345904103614ce2f2d092ecc9651307d5b0a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:52 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1142
x-sticky-vk
1641692152224008-380
Expires
Sun, 09 Jan 2022 01:35:52 GMT
ad
v.lkqd.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692152087
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
2ef09436a70ad1da1505303ad491cbf28a5edf68629fe84d782b269af413b64c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1322
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=request&cb=1641692152088&asid=5fb766e909e8a7781132bf27%2C5fed564af85e674fd7743e89%2C5f8fa1ee713056439365ef64%2C61bb0d65cc98767fac45f024%2C5f0d606459839f7d1d016397%2C605424ee9b78ee5fe94060a9&ofpr=3%2C3%2C%2C3%2C%2C1&fpo=%2C%2C%2C%2C%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ Frame C640 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6482df5f749cc35409387540414aee5648252400f60321df11b211be3a1dfdd8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF9F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Sat, 08 Jan 2022 23:05:15 GMT
expires
Sun, 08 Jan 2023 23:05:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9037
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9435 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7b0b0433364b5f72cea206aad660a4e5014e32d9a76b02de94a5eca9f1f7077e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IaUuOxm03rL2Vc2judWDgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 09 Jan 2022 01:35:52 GMT
date
Sun, 09 Jan 2022 01:35:52 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-IaUuOxm03rL2Vc2judWDgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame CF01 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrLJMbYK6_yEZhCI58h_xWaMXjnTpHeDU6fSVnVbMcMU_gX7Mgw22_k0RdxTc9aBYIP3uFCU0fJ7JA__qZz8fAdHVC43RjrLvc_TC7Y3c09o6YUS_fN-SiMGtJ3TFD6Zsg2Z8TKNGNEpjPC7_gPOnCFBRW2Oj0VX3HLemyM9uanJBIYD79IUTCMFB9vdDdE7_l6iTh8gWmeJHkEsns0w_woRwhdqcIGRWj7Co90F6W5OLfqhxXcAiWFCImXWr5PTufUwYDEi-YnAu7ke1uWBDePPNXE3YTqBZfzUihcfesiJRBrE2isOm8qZiTTzjmv2BuDxPnH1LjAVeeRDgX9xZ0PuOejZnpMA&sig=Cg0ArKJSzHt2XFJL7o04EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 09 Jan 2022 01:35:52 GMT
player.js
player.aniview.com/script/6.1/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js
Requested by
Host: solution.urekamedia.com
URL: https://solution.urekamedia.com/vnexpress.net/avantis/ani-uk-slider-vnexpress.net-avantis.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
374b50037edd1f5a47a17d77ee3eac2797e508a3e7e1dc4ee0f37822d9edb97e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsEb_QVP_wrqp0Ck_dnGZNwj4kG_DmyEp3PpM95eoUQs4c51yJNZvgXyc9cgaElCNrCfplonDfNST7U6vHpy1bt8653hQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9567
last-modified
Tue, 04 Jan 2022 12:52:39 GMT
server
UploadServer
etag
"7e962c78ba1aac98a8d7b843a49ce8f1"
vary
Accept-Encoding
x-goog-hash
crc32c=pXX/rw==, md5=fpYseLoarJio17hDpJzo8Q==
content-language
en
access-control-allow-origin
*
x-goog-generation
1641300759237908
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9567
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 09 Jan 2022 01:40:52 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5d81ec9228a0610a0033fe67&cid=5d81ed7928a06164620898f0&e=playerLoaded&cb=1641692152166
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame AC81 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=96276518886897&rc=
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
pagead2.googlesyndication.com/bg/ Frame BCDA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 18:05:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
27005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13400
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Jan 2023 18:05:47 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D662 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfDTZxtEt6c5WTFJ6FH-djzRxp3-ZEwXx-JF5uNidcPBjc4OE7xykiqh4d5-DUwX9VUK5Y78g7Ro10IsB-dX5yhQ&sig=Cg0ArKJSzLywqgnlN5zTEAE&id=lidar2&mcvt=1018&p=412,1050,912,1350&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20220105&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1680299014&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641692150883&rpt=311&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r4---sn-h0jeln7l.c.2mdn.net/videoplayback/id/5ecdaaa7568ff6c8/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781434056/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 75DA 		4 MB
4 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-h0jeln7l.c.2mdn.net/videoplayback/id/5ecdaaa7568ff6c8/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3781434056/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5400802EE05ACD450A0D26A4340844691C80C015.31024D2B2CC8960EA7A6C2601568F848633531A8/key/cms1/cms_redirect/yes/mh/Gk/mip/2a01:4a0:2c::5/mm/42/mn/sn-h0jeln7l/ms/onc/mt/1641691657/mv/u/mvi/4/pl/46/file/file.mp4
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4016:1::9 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
2388ba32cb405e19a6e6f04a6642db3b5339efcce8dab464a8fe5c0ba951d2bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4316372/4316373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4316373
expires
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Mon, 15 Nov 2021 14:20:55 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
client-protocol
quic
csi
csi.gstatic.com/ Frame 75DA 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ky6l4be9&c=1212803427979&slotId=606401713989.5&qqid=CLfb2uvDo_UCFYnluwgdGioAFA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=944&mt=video%2Fmp4&vs=640x360&ple=0&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F5ecdaaa7568ff6c8%252Fitag%252F343%252Fsource%252Fdoubleclick_dmm%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F3781434056%252Fsparams%252Fid%252Citag%252Csource%252Cctier%252Cacao%252Cip%252Cipbits%252Cexpire%252Fsignature%252F80F5C0AB2DB821346E9BBE964F0CBF1B50DF2D69.1160871CF2F04B3E9583BC9351DA81C929C00794%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4005:813::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sun, 09 Jan 2022 01:35:52 GMT
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
c
prebid.a-mo.net/a/ 		0
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:51 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
124
vary
origin, Accept-Encoding
mvo
tag.1rx.io/rmp/211377/0/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
unruly_prebid
targeting.unrulymedia.com/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
hb
ssc.33across.com/api/v1/ 		65 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cPJapwk1ur64knaKlId8sQ
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
bf0ea5dd058376e251516ad20850f31ce6b7dbf97d1eecfac964fb485ef2278f

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
AVmanager.js
player.aniview.com/script/6.1/ Frame B8E1 		366 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1fdc5ef5534a96b551757afdc0246822673bd0edbc30005605a069209623e39f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv6wyAWwelTCOD4-m7KNNgY1D_kcNnCfulpHmO3IYGfciph-0BlImzCoH-4-CeQeZbZdq9MtVK0_ExKu-XF1k0iseAEbw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
105426
last-modified
Tue, 04 Jan 2022 12:51:59 GMT
server
UploadServer
etag
"23c0148dda2d3471c153bc49c7939493"
vary
Accept-Encoding
x-goog-hash
crc32c=cZ7ksQ==, md5=I8AUjdotNHHBU7xJx5OUkw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1641300719414717
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
105426
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 09 Jan 2022 01:40:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9435 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=495189319852117&rc=
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
pagead2.googlesyndication.com/bg/ Frame CF9F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 18:05:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
27005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13400
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Jan 2023 18:05:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F3E0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B4UtV9zvaYeaPJ9iKbZHutYgPAAAAADgB4AQC&bg=!_f6l_rrNAAbDtiZlw7Y7ACkAdvg8Wr_pfCYCQQ1irlryzfqzzkxWuZfCpB0ZotEkrPQciBuA1m2AFQIAAAC8UgAAABJoAQeZAuFpgrLeJhYMFPjQdwsARTliuwDaVm6hP1qTDRf5hXS9DVLu0SqKVuCrTW-rqaORLAfeQA5ay65dvVQ0Vr4nE9l4QWkTTIgJXZjVwM8pXDQDX0jaxDILX8CMpzOV-gHpqM-sheXT2VmNgRteH0CqAhlvLJ33_1dK1CkC9890UwA8EPZL_dSrIneg4Q-xeq3y-Fg9dvRwSRiUNEQV_qSEI4VSGuaqE4gRBUYHCLjfcZJj9JbDqvAJbhSZtJvJMpE6Kgnffq8btavEAAfZFOUkXlTKRd_SfBo4-jPoyjRazm-2Ghp0BUM4ytrDnaGM70rs32qgouaKzRaeha-YFLg9W9tzeBi9IdjRhm0B_h33Z4MKZ_YPc-Dx-9hgL9eiBMN1XbfAQh5m7uyBeVDFK3AopYqqjX1OGvotUuNuCUNnYlE1ec2jBFTzrBbc1ULnfIQD1yulUOdsHtvuxd9Ra3rbFfdLjVqHDr9tdGMFOpt4pWbpaSEG1BzGhG9wPROUcrsn_LJRozdhVXmXGY0P0UTzuDDbA_zwyFGNGyLRP3VXffsA696T9jJaN3IuHhO276NngP32dy7h47SnPpSm1kLjEM3O8rGIAyXWuSUpW89zVwS7JhpqpETLSXzbNjJfNdhTAnpGeUqTpMaY-ibKAx2rLUn4KO3ztUUYNdqGbZkIZWycgLZuQAxHk0inCy9aK4qBwfHTUSW4tysZW1Y_xg5NS0et4BUr528HvOJY0K7sZWUkd-39W6MeysfFtC84OCjqasvuKOwt7p6XKFF6InUuJ9GhPoZFKmSSYyvBnU5s4VDzShKqddWJn4dFgRSaIdc24_hZhDxTmLyY6XGtwMDOYyfTamXg4EUKvwBdB5-0ifm3Q1PBG9j6vqut9DtjenSh9yratZJjjMRBx81eyNDe8lugsJ0Lr5H8HMGcux9t6Wsd_uWaB0eiJ834XlZI731Xl37dOKQ68zohlqt6fNnd4OMjxg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=vnexpress.net&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.1.2.95&apppkg=&fv=3&proto=https&pid=5d81ec9228a0610a0033fe67&cid=5d81ed7928a06164620898f0&stagid=&stplid=&e=inventory&vi=100&cb=1641692152346
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fvnexpress.net%2F&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&AV_CHANNELID=5d81ed7928a06164620898f0&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=vnexpress.net&AV_DADPOS=3&AV_PLACEMENT=5&d36=6.1.2.95&responsive=1&sver=1&avtoken=152345&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1641692152369&AV_C_USER_ID=1641692152008-988194208614-007202-009-006442
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.20.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-20-60.compute-1.amazonaws.com
Software
/
Resource Hash
f24bc9a7913cba8b040d66bcb781f82dcf4441ebbfde2a02ff2dd2e4694dc76d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 28 Dec 2021 11:49:12 GMT
ureka_logo_white_89x65.png
bd.urekamedia.com/static/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bd.urekamedia.com/static/logo/ureka_logo_white_89x65.png
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:6036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d569b3809a5bb3ea042e90e5e15403ee2208fcf17063f83009610ede46f6396e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1001369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1744
last-modified
Fri, 26 Nov 2021 08:07:42 GMT
server
cloudflare
etag
"61a095ce-6d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05WQ3RY%2BZgJ%2Ft6jcdH2Id%2FZVbFY4ta6tOJXQQYU4ndsbUpCnbbqIoDrJAgzfHnbMboiF0i%2BKdNGciwi8kaYImmy9T8rxzID0qLqMdnZCGV%2FdVFauPg8t%2FWynwF8fI6GfToZxInbo%2FArr08Vwp5Uw9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6ca9ee707c6072bb-LHR
expires
Thu, 27 Jan 2022 11:26:22 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9227
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3222032697&adsafe=medium&client=ca-pub-5722610347565274&format=300x600_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://vnexpress.net&sub_client=bidder-570660&aceid=MFYXtAAlGLQA-VU0AWZaNAEvYzQBZ280AcJvNAHMbzQBUnA0AbZwNAHNcDQB3XA0Ae5wNAFmcTQBbHE0AXhxNAGHcTQBk3E0AdFxNAHccTQB33E0AelxNAHxcTQB_XE0AQFyNAEDcjQBBXI0AQdyNAFLc0EBU3NBAVhzQQEs_dkBOMhcAtf2iAJB94gC3PmIAidCqgIoQqoCK0KqAl9bqgLQYaoCSHKqAv54qgIoiqoCrpaqAoCbqgKBm6oCgpuqAtqeqgJDoqoCpaaqAhanqgKmp6oCA6iqAqKoqgLiqaoCtKuqAiusqgIdrqoCBa-qApWvqgJ2sKoCebCqAoCwqgKCsKoCibCqAh6zqgLFtaoCnLuqAgG9qgLXvqoCZb-qArzBqgISx6oCtcyqAtXMqgJizaoCz82qAjHOqgIC0aoCb9GqAg3VqgJ81aoCedaqAtvWqgII26oCHtuqAprbqgJN3KoC5N2qAjfeqgJV3qoCfN6qArveqgK_4KoCw-CqAsjgqgK04aoC-OGqAmPjqgIk5KoCa-SqAqDlqgKv6KoCWemqArnpqgI-66oCueuqAsrrqgJV7KoCxeyqAlvtqgJk7qoCAO-qAk3vqgKQ76oCq--qArTvqgK876oCzO-qAurvqgLy76oC-e-qAgTwqgKDMtoCqLPFBWqj-xI_sfsSWrH7EmCx-xLUufsSUMb7EgrK-xLO0fsS49H7EpDS-xK21vsSu9z7Eprg-xLv5vsS7-v7EoDs-xKB7fsSbO77EuPu-xJj7_sSw-_7Ejnx-xKWZmQTZ13QExplcRZtFvcX-FZrGn_LtS4rIvpCRxsHagnS626CY2R-&awbid_c=AKAmf-BN70D1bsNc-lhEZbgvHjRcenW2VK1HGLbjMacE9sGnWb-YUENvXmgoR8DdjAEIx7P7JMvSGmbo6nxfmCaUTfZ43rv2XKkmELH-Qj6sVJybVXIRq0lh-HeYrO0nMyiscQ-5hIvkveGsyqgLf6Jxhzj3pRFe-hgl_CDduFtPyw2HJ6Qo_8c&awbid_d=AKAmf-ByTsuUlrc7ii75jtmhi2vw6IQsQLG132aAA2lcfvZq8x1XBcSOx53bmd_GD8aj9UC9BuR_MpwXA1io-Mgmjrp47BLb99LiqQFK2ysiFHdkyXzCsjXnUdCTSEnVVj5t6ipgYJQepXm8-ESkYSlN2It5JhTiFLztVFWyg5IL3J0m4BvZSwh19ziTWZ3WoBmWxJunGn1eNOyFyRFWxVgke8F3dOP4QIWvoRIp19TS5fRaRC27QoWDKtNZFRvJ3iWY27iPAiakI46kQKStCplLR9ogIm_SprJ5RNeGvt_l6v76MBC_JzzrR8Lnpyx3KkUz_dhtbffF9kmR8tew1j12aWErKGxuoTBuapaBirlYc_AfbIuX9YsPCEQqrbzurIR3JgIiXFlpkHbwR27RdVZnfZJvixCAXQpcCT_S_4OSO94Rz018LEnXpn8jHYRkXWCRbCBNDeN76YS7jBAEJiRxb3fzTOjSO-qXocNHKqy7u3m6TsUQbEmEcdiv_0mVoRuXPQatT4AO8dsfIIGnTU6EgHiHCr2qaKge2HsvSQhEl6JWzLRzlQMjfW1eFmzY5SDtBbRFUEbPEf2qwxZTGqiwjHIsSnJ6P_joeLu3iv211Da7MRMZR6v3-cbHh46vW-lnPyQN4ARTgwlMC0gRrERw7VjCsKcpqs9Y-vokzuazQJTB-18nM0XYpq_QsfZ5V2uCyJ3QOXj7aAzj8UI48Ds3UUUTPXeZeyHCK6PalHoOeHSFwdVdrs4&cid=CAASBORoYlw&exk=1595218560&rfl=https%3A%2F%2Fvnexpress.net%2F&a_pr=13:Ydo79gAAAABeaOYj7INP9jHlq_rb02aOHtaOSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 09 Jan 2022 01:35:52 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 09 Jan 2022 01:35:52 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 09 Jan 2022 01:35:52 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame B3A2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=96276518886897&bg=!VFelVxPNAAbDtiZlw7Y7ACkAdvg8WjKSXsOeHICjSlM16s4AfWz6kcl44mv85Xsy1pcZfBVBXA2XkgIAAACWUgAAAAxoAQcKABVnWpeRB3_R0kfzEtX1YVB3zh0njE6ZApEko5WB8cjs4tj0EbrVnN_-swwDvxcGiv1AqEeOmS139vQowNH6gYPaHlPw8HN40ymhGwbWjp6Q4muTTbFm0gnU5UqwmA-6jyvxz-neRgvVi9ttHNLCHkh6knBVohWuBvVYxRZJ7AFXuCaV3e37HMZJ_VDuIVEfRNrRAk3uJMC319svW5myfDxi-X6RtREnd_1uPjXMBevhhS3o3MqU9SbzhRmLI4LAEQ05p4oZ79QxLVdgYObZEdK552zykNF435zcuNYAjOGAfXidpIRaQsX5KDOx5wv3EjDBSW2er7k_XxxHkzbguNgtcNZS2ygYs00OOzjuD8yJwIGSie2PwnQEMz0RB1A7Zix12RV9pQTDst8gPC6fZJn64-5yHfK53PC4k5PyVkZSsOzBid9o-lbGtBDbCscIwgzDSXOF0oHftJJ0UeT4J6QfAhnO-Q_fB9zJEwZKhfZJ4Wv1b-EbPlBC44PsJsGDGCRpMTRKo5FVPhmSRKq99Rz3vpZNkgE64ROYJjL2DkuJOXYFeL_3p8Z2JyVFTXVmDM906LN9OyUfGoj41osn1ljli3AmRCd6qcGoIeT1UrnwopvN95ma85Fa2LuFji-cOTBME5tggUOetf9phaQyTH6bTrHE_0d7PU9EGcpZdrUmY2JVBRo_xyeOzj1M-OiHfIITuZ3b7xJgaP1Ls9JDsIB6Qa2OWvce2sXl9SgOZFgDB236nduHYftSvrV_Brgte759K_yeH0B36C3cz3oU-ApJYdsfoKJWcBwuWc1oMdk1JD2E1MzW-YtahILbIAZLqq-tAzUpqzDudUl8cjBqN9H5nigD-K_exVssm1ZHVlViWEZU_caALELFtiC3Q4CrswvRRHPOo61FjFg
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame CF9F 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?sCNojQ
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dc_oe=ChMIpued7MOj9QIVWEUbCh0Rdw3xEAAYACDR3pJNQhMIt9va68Oj9QIVieW7CB0aKgAU;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,...
ade.googlesyndication.com/ddm/activity/ Frame 75DA 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpued7MOj9QIVWEUbCh0Rdw3xEAAYACDR3pJNQhMIt9va68Oj9QIVieW7CB0aKgAU;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30293%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D531702911%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1641692152466;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 75DA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHLtC9jvaYbeIIYnL7_UPmtSAoAGIwsnTZ7uU3_n4DqGvjMiuJxABIMfHnyNgu76cg9AKoAHQtvqqAcgBBagDAcgDmwSqBN8BT9Ad_INpEk7u0V2WD5ry-nlRbNa5nd0YXdtzUo4_BYQf_inJBOof2FKKDLRyj8DO64Ytn1f9rUU2f4Q3tOd5ixJtSMSwG7YErJFBECvJl5RLjRKF_dXNov8Dkp66qLPMRlOSBk-dGoIiV03hgUcmyp-VgppYzSdu6QuRxjgYF7ed2Dsu0LpgibQRyCZnfjiDfJAsBqg20xdpY1bnVa1M4lVGnH_OzBM_WCltM4q1KUNZDKpb9RJ3MAYpDAlV5pVm-tfcXau5quJ8_n-EodW9-r_aEIkgDXxM2NTw9AQkksAErt7xnNwD4AQDkAYBoAZOgAeYyYXVAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YBwEAEYHYAKA5gLAcgLAYAMAbATuZHnDdATANgTA4gUSdgUAdAVAYAXAQ&sigh=XA8VBGFDUBU&label=part2viewed&ad_mt=4&acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30293%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D531702911%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1641692152466
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 75DA 		0
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssoktcH63Zox5leflwoGrFLqo5GBvCw68l_qaZ2X3hOw1ebtW2g5ukKpbhsjRcubEE8rIUv7LlkqJyLIX3RUvDTruP7La1uZAxO9H9JWXHRsC8_B4g3EaB6NdNQH4j4tHH_LUCpji5BlVdxRHTAtl-_67BoS0hnp3qzfsnoYhtTWyNsBDp_6uEXc3HVXSZFzO7UyP3DjtBAP-xhIocqzrJ9EtHJO2q2hj5B38Zdc55nx81-gFM3_C_WVcb0vkjY1-yvmKCWHaXZZpMm9gpdNwAhrVbOa7gc8TjFRsTfJQdeZHTHBNAWRos8UBrwMerouowQRQABIi3TBJoGjVeQVUfJSnr3c3hWOKJ-ZFW2uhBLd7vNV2r-tP8_1eUBvAKtF-M3AnOyuHbNA0xeaDg2otbisV9q4RGPUWPXK2qVFsqnP1bY4TJPptPCHXK4opLfln8F9Il9SBmCy0OJAuTLNL-QAJcLJM0SpsQyrDlHWtcSjRDAfBoiGZctxb3_dYGH1PkA0xSw8ktGX_0g29uY0Sk2SAaIk0W_9nk5o4JQmojRx-GEJ_K6CBDg11RZpt8sm-uC5o_9qDK34FhWKETVoI8_MjHIS-vSpPGftxAbjf7LbgstbacsIfJEpFYCU-Er_EWCSHeKZc3GchExsKc5tb7VPzeYM8kj3088FRwZ0NgcqrCehbJo9PQcTad9XCnHzAYA2fxHf0PbndrrC4v36uqFwP-xReIK6LufABEJxjc_vroAymENEL2ajIhXYh0D14A1m3yWpxQMprtZI8hBASinGlAu3FXZ3rJWRjrBAYWVp4lelIbqg-ynwJ28oMBoJHp6fx8_-qqLDRGaZYbj-nLoaCWzzfXzb_Vph3IPBDcNs29_5lviJ1-jAoFYCOsYrEOIyDv9539Ts_eqMe2RcvbrNEJNhqdZz_mngrTBeLo-tDyRFhM0AzNV-J3nrbR4vp0lXdVCEfr543TMwwoB2lz3eGQtH075fA6hxjL77Kjuu75moJWo0ucG5HHqVJ8VUmRVGlTmi5IxRY8tTlZogrTn-cbpdut_2oRz-e50TRA9KGNNPZG6-pUnZ_NFfDkirtK_GMqZqMitNWN0_ezq8aDU9KcjTEsEMq0t_A&sai=AMfl-YSMTKBH_IiEUVu2zw0eKudvxdpuBFjwt3k5IVTwob-1oRTwgsb9p7i-iaOYu2QiQPFWjAqHolkBUYk5lorUoTeTSqcVLDNIGAkGdA5nbvMn5jq_J5mcf5_No2uLK3xJ7W7b3cDOD6XXjq8RYOI3qqNb-LsSE_7rGdTlYdmEEtsnlyprl-kYvl7NStvHEdYv2bRgj5ThZzIzfZ-TXmDYyui_v-nKpqV-ZTU0w5zoGw&sig=Cg0ArKJSzFGVu7d0xXUwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 09 Jan 2022 01:35:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 75DA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEJq67dUCGOzYhL0BIAEwAQ&v=APEucNUDzzi5-6FfoSA-yGITbBYdqZCKaeFVtXdduMzhalTgfkvt4GwCgHOmf_4H_1sI5K3oPLzL-p8LfjZlMCswzJ-rgZ2z9w
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 75DA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIpued7MOj9QIVWEUbCh0Rdw3xEAAYACDR3pJNQhMIt9va68Oj9QIVieW7CB0aKgAU;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0...
ade.googlesyndication.com/ddm/activity/ Frame 75DA 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpued7MOj9QIVWEUbCh0Rdw3xEAAYACDR3pJNQhMIt9va68Oj9QIVieW7CB0aKgAU;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30293%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D531702911%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1641692152466;ecn1=1;etm1=0;eid1=200101;
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 75DA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCe2LfzjL2JCf2Bbgq_-7wHKm010IA8tJTE937YW4I5HBEoMW1APFk_hutRWomBMZZZvazHtChEWB466Xzid1AHkf2zikCzgW5Z5ZUTnXDrp4HCqX5Cw&sai=AMfl-YTCQeRHion2XFc9Kp1iWxX0L_fx9XmaObEE8_xJMqr45UFTNbtCMQ5m70yTGG2sDoRUEe57I62rYv3ARaLXZ_vMGh6zpxJGZZivnxGMn7Z-8IbePL2k-mN7PB0Ir4tz&sig=Cg0ArKJSzFOMYtG42LbLEAE&cid=CAASPeRoWACH8HlrEaHv_Oel9BuqPsuEHbIvatHQXX7iufHlCZtpcLgEbEekc_mowYtS4J-SDEE_GfuhS5nilDQ&id=lidarv&acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30293%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D531702911%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1641692152466&avm=1
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 75DA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHLtC9jvaYbeIIYnL7_UPmtSAoAGIwsnTZ7uU3_n4DqGvjMiuJxABIMfHnyNgu76cg9AKoAHQtvqqAcgBBagDAcgDmwSqBN8BT9Ad_INpEk7u0V2WD5ry-nlRbNa5nd0YXdtzUo4_BYQf_inJBOof2FKKDLRyj8DO64Ytn1f9rUU2f4Q3tOd5ixJtSMSwG7YErJFBECvJl5RLjRKF_dXNov8Dkp66qLPMRlOSBk-dGoIiV03hgUcmyp-VgppYzSdu6QuRxjgYF7ed2Dsu0LpgibQRyCZnfjiDfJAsBqg20xdpY1bnVa1M4lVGnH_OzBM_WCltM4q1KUNZDKpb9RJ3MAYpDAlV5pVm-tfcXau5quJ8_n-EodW9-r_aEIkgDXxM2NTw9AQkksAErt7xnNwD4AQDkAYBoAZOgAeYyYXVAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YBwEAEYHYAKA5gLAcgLAYAMAbATuZHnDdATANgTA4gUSdgUAdAVAYAXAQ&sigh=XA8VBGFDUBU&label=vast_creativeview&ad_mt=4&acvw=sv%3D20211103%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30293%26vmtime%3D4%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D531702911%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1641692152466
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 75DA 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ky6l4brt&c=1212803427979&slotId=606401713989.5&qqid=CLfb2uvDo_UCFYnluwgdGioAFA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=944&mt=video%2Fmp4&vs=640x360&dm=30000&event_name=first_play&asset_bytes=234316&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=13&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1lf~videopreviewstarted.1lh
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4005:813::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 5C4A 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=SXpES0Cnp0MyBTA3fU2MrPfiZCXb8MXQKkbyTqmUndDnelXMKqSZRD64IYxhuH2zS6aIzm3V9IIFOpRazW9hGuaHeLjYQ7xQtMQRO6IaBtnSoBwIxBxSt97ZYrzCvk5NNOb8SzqWHGnjjcJZC2zqrcrfRnYbDTyWU3sGZSWjXLRQao7nxsHYYz0tmbZi985qHyZBzKsXJ0KKygYeKqwsZvRln7qcJy5wkJIFiQ23bTyZ7UGNHM61RLK1OBcV0OALKlAIwg&sds=2&rev=79985.3&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Jan 2022 01:35:51 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
cookiesyncendpoint
sync.aniview.com/ Frame 442F
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1641692152008-988194208614-007202-009-006442%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1641692152008-988194208614-007202-009-006442&biddername=55&key=2225192029448763184
0
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1641692152008-988194208614-007202-009-006442&biddername=55&key=2225192029448763184
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.213.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-213-70.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
content-length
0

Redirect headers

Server
nginx/1.17.9
Date
Sun, 09 Jan 2022 01:35:52 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1641692152008-988194208614-007202-009-006442&biddername=55&key=2225192029448763184
AN-X-Request-Uuid
b63b1877-fe63-4f69-b728-02b5bef2f699
X-Proxy-Origin
82.199.130.40; 82.199.130.40; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
avpb3.js
player.aniview.com/script/6.1/ Frame B8E1 		314 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0c8de3a334754a312eae4a2e9c981f57d71052818d1e1ae26424df244a1d1a1d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvep-E9usLsKth49Ca9VTy8Uj5Mpx9zWT32Psb9kQ7EKJ5ekHKomuelHchyurcE-DKXv4sxjY8AkPD7CvkOSwim6ceY5w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99493
last-modified
Tue, 04 Jan 2022 12:50:36 GMT
server
UploadServer
etag
"3ee5f7000f64e3442d18317708c163a1"
vary
Accept-Encoding
x-goog-hash
crc32c=kuHJCg==, md5=PuX3AA9k40QtGDF3CMFjoQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1641300636602977
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99493
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 09 Jan 2022 01:40:52 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36046&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.95&cb=35561173564&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1641692152520&asid=617aaee6e722602893160f68%2C60cb5f4d3b6dc13cf26e7244%2C61a61665d92edb0e8d6d3a17%2C60b644b003b35f554016ae95%2C60ec3b2fad82767bad1984b6&ofpr=%2C%2C%2C0.83%2C0.5&fpo=%2C%2C%2C%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 40E0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=495189319852117&bg=!ExClEFTNAAbDtiZlw7Y7ACkAdvg8Wkf7MdiWcJWOFcBeVPuXe4EIZYMHtIPutuSj2c10R8va3Xeu3wIAAAB1UgAAABJoAQcKAMhB8Fs6sBBiqQhnLwln9HxSrrS20meF4V7y2aZygzw38w_N2zpxRGBm-xWRT9bwUVtUuuTrpAgnNB83SHwMaawRi0AxeOsVF_ELKGcQ-0STRJ9EL99dgNc4GWnzw-YmjMAzNw_CMkNzjwpC4KStPdcsvUjbj5NnEo43HPWEbhQlDG325PBs4BNRvVBnx0m1yYz6Izmo4LMbciYupCj7u5cusTSDLp93kAXbdb2E1meRjnrTlpv525nOnEJAAEGP6cgIwOKdn40x55kClpokLeg3b7AgJoeYOcKzWYwhwuS5yqb6h60nlqQV4dwoxrixQ1DBYMLZ2Ye2FlmbZZyepnHHM0VQVPMZ5Jk6b7dmb-CNZtzqPqdwe-E_RtdS-ObRX4ms-emZ5IZyxJD-00A5LJoT87GuinYn_OACoqHXt2jtosxQDVtQoEEfK8gH4Wt9y3qJhCv4OikZQ9MO2Rlla936_ACWwFSko0O3XPCe0zSIsxmjBElFg25JP2-TMzDZHRSM2_c_2_ZafsmXdB3nST_Eg-Nn23fk3R37f1tmppVjPTfpIp21q51Srrp3FKVP12N7iohuJchDiw-EBBNZyaTLZiOUW2xRiUH8N9eNcm9P6XOrE_GdGsi7vjj5-GBQZ854QwB6tUq4NSNbNv_GckcQ3CW9evDeYbYVTXVX1yQ256a0lGkkv4jbEsKoCoYM18Hic2W6hntbfKDfDJHop1d4l2ASNFxI-pNNAxee688ofdJLVBBr85Ivmd-gmTLjt5ioXz6owaqCV2ktMjWbjRok6sZzXFzUToQ3sZrAXMo9LnE4Pl7pKpnjZkFjUzvHgeDeX2nQ6t0ZM1Quuc34sStjZp46SbODDKsc9dfbf3E3M3ttCFaofDXrYho9n8WLzQZxBNzkDqinXXjQ96xDpe9mgNyQ6WK8dLgAozFBumakLD0newP0gK1AAyaXvY-1fF_Xxnnfop3qmlQkcUzwntZQL8XsOdAZEluNNsmdTTazGo6ynkiB65nYPECJa0vrsgH5OS_I415KGpGCZRhUVjhMiDoh2Ywn4Z4djHe3g0TG89jcdii_9mgYGJkNX_Vu4NaSz2_6fqf4SxU-jvKaC9irpVausMZ0ihUJkDLYEH5CxlGSy3dQc1gHu6HSsHOomjHs
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 09 Jan 2022 01:35:52 GMT
X-SpotX-Timing-Transform
0.000231
X-SpotX-Timing-SpotMarket
0.003233
X-SpotX-Timing-Page-Mux
0.000771
X-SpotX-Timing-Page-Require
0.000346
X-fe
114
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000001
X-SpotX-Timing-Page
0.006395
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000293
Last-Modified
Sun, 09 Jan 2022 01:35:52 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003233
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://vnexpress.net
X-SpotX-Timing-Page-Misc
0.001508
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=bid&cb=1641692152722&asid=5f8fa1ee713056439365ef64%2C5f0d606459839f7d1d016397&ofpr=%2C&fpo=%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 7E10 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
27dcee15a9acc3029997d34b74dc1aeff9f9a577eea3ce15f45e2557ee5bc2d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop130.am5.t,1641692153.cds134.am5.shn,1641692153.dop130.am5.t,1641692153.cds152.am5.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116210
vpaid.js
ad.lkqd.net/vpaid/ Frame E78C 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1641692153.cds057.am5.hn,1641692153.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
pagead2.googlesyndication.com/bg/ Frame 14A8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=3222032697&adsafe=medium&client=ca-pub-5722610347565274&format=300x600_as&ip=82.199.130.0&output=html&unviewed_position_start=1&url=https://vnexpress.net&sub_client=bidder-570660&aceid=MFYXtAAlGLQA-VU0AWZaNAEvYzQBZ280AcJvNAHMbzQBUnA0AbZwNAHNcDQB3XA0Ae5wNAFmcTQBbHE0AXhxNAGHcTQBk3E0AdFxNAHccTQB33E0AelxNAHxcTQB_XE0AQFyNAEDcjQBBXI0AQdyNAFLc0EBU3NBAVhzQQEs_dkBOMhcAtf2iAJB94gC3PmIAidCqgIoQqoCK0KqAl9bqgLQYaoCSHKqAv54qgIoiqoCrpaqAoCbqgKBm6oCgpuqAtqeqgJDoqoCpaaqAhanqgKmp6oCA6iqAqKoqgLiqaoCtKuqAiusqgIdrqoCBa-qApWvqgJ2sKoCebCqAoCwqgKCsKoCibCqAh6zqgLFtaoCnLuqAgG9qgLXvqoCZb-qArzBqgISx6oCtcyqAtXMqgJizaoCz82qAjHOqgIC0aoCb9GqAg3VqgJ81aoCedaqAtvWqgII26oCHtuqAprbqgJN3KoC5N2qAjfeqgJV3qoCfN6qArveqgK_4KoCw-CqAsjgqgK04aoC-OGqAmPjqgIk5KoCa-SqAqDlqgKv6KoCWemqArnpqgI-66oCueuqAsrrqgJV7KoCxeyqAlvtqgJk7qoCAO-qAk3vqgKQ76oCq--qArTvqgK876oCzO-qAurvqgLy76oC-e-qAgTwqgKDMtoCqLPFBWqj-xI_sfsSWrH7EmCx-xLUufsSUMb7EgrK-xLO0fsS49H7EpDS-xK21vsSu9z7Eprg-xLv5vsS7-v7EoDs-xKB7fsSbO77EuPu-xJj7_sSw-_7Ejnx-xKWZmQTZ13QExplcRZtFvcX-FZrGn_LtS4rIvpCRxsHagnS626CY2R-&awbid_c=AKAmf-BN70D1bsNc-lhEZbgvHjRcenW2VK1HGLbjMacE9sGnWb-YUENvXmgoR8DdjAEIx7P7JMvSGmbo6nxfmCaUTfZ43rv2XKkmELH-Qj6sVJybVXIRq0lh-HeYrO0nMyiscQ-5hIvkveGsyqgLf6Jxhzj3pRFe-hgl_CDduFtPyw2HJ6Qo_8c&awbid_d=AKAmf-ByTsuUlrc7ii75jtmhi2vw6IQsQLG132aAA2lcfvZq8x1XBcSOx53bmd_GD8aj9UC9BuR_MpwXA1io-Mgmjrp47BLb99LiqQFK2ysiFHdkyXzCsjXnUdCTSEnVVj5t6ipgYJQepXm8-ESkYSlN2It5JhTiFLztVFWyg5IL3J0m4BvZSwh19ziTWZ3WoBmWxJunGn1eNOyFyRFWxVgke8F3dOP4QIWvoRIp19TS5fRaRC27QoWDKtNZFRvJ3iWY27iPAiakI46kQKStCplLR9ogIm_SprJ5RNeGvt_l6v76MBC_JzzrR8Lnpyx3KkUz_dhtbffF9kmR8tew1j12aWErKGxuoTBuapaBirlYc_AfbIuX9YsPCEQqrbzurIR3JgIiXFlpkHbwR27RdVZnfZJvixCAXQpcCT_S_4OSO94Rz018LEnXpn8jHYRkXWCRbCBNDeN76YS7jBAEJiRxb3fzTOjSO-qXocNHKqy7u3m6TsUQbEmEcdiv_0mVoRuXPQatT4AO8dsfIIGnTU6EgHiHCr2qaKge2HsvSQhEl6JWzLRzlQMjfW1eFmzY5SDtBbRFUEbPEf2qwxZTGqiwjHIsSnJ6P_joeLu3iv211Da7MRMZR6v3-cbHh46vW-lnPyQN4ARTgwlMC0gRrERw7VjCsKcpqs9Y-vokzuazQJTB-18nM0XYpq_QsfZ5V2uCyJ3QOXj7aAzj8UI48Ds3UUUTPXeZeyHCK6PalHoOeHSFwdVdrs4&cid=CAASBORoYlw&exk=1595218560&rfl=https%3A%2F%2Fvnexpress.net%2F&a_pr=13:Ydo79gAAAABeaOYj7INP9jHlq_rb02aOHtaOSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 18:05:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
27006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13400
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Jan 2023 18:05:47 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36046&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.95&cb=35561173564&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1641692153012&asid=617aaee6e722602893160f68%2C60cb5f4d3b6dc13cf26e7244%2C61a61665d92edb0e8d6d3a17&ofpr=%2C%2C&fpo=%2C%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B8E1 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c319e78dbad0308e0d0fa9a68c684df9100b7831b8ac456f05a7a31d75a3addc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126524
x-xss-protection
0
expires
Sun, 09 Jan 2022 01:35:53 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame A63F 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1641692153.cds057.am5.hn,1641692153.cds257.am5.c
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F91D 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=129613
expires
Mon, 10 Jan 2022 13:36:06 GMT
date
Sun, 09 Jan 2022 01:35:53 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame CB63 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 07 Jan 2022 02:32:30 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 09 Jan 2022 01:35:53 GMT
Age
83000
X-Served-By
cache-lga21971-LGA, cache-hhn4059-HHN
X-Cache
HIT, HIT
X-Cache-Hits
2, 1124021
X-Timer
S1641692153.374246,VS0,VE0
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 512E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cPJapwk1ur64knaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

x-33x-status
2000208
server
33XP004
date
Sun, 09 Jan 2022 01:35:53 GMT
464986.gif
idsync.rlcdn.com/ Frame A63F
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
  • https://idsync.rlcdn.com/464986.gif?partner_uid=XUaOyOgmZWs
0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/464986.gif?partner_uid=XUaOyOgmZWs
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

date
Sun, 09 Jan 2022 01:35:53 GMT
server
nginx
location
https://idsync.rlcdn.com/464986.gif?partner_uid=XUaOyOgmZWs
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
lkqd
event.clientgear.com/cookie/ Frame A63F
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=EZyDjihrSWA
0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=EZyDjihrSWA
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
content-length
0

Redirect headers

date
Sun, 09 Jan 2022 01:35:53 GMT
server
nginx
location
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=EZyDjihrSWA
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame A63F
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=KxFYDAyjl4g&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=7de7a766-2c60-4e06-bde7-59125d4c36af
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=7de7a766-2c60-4e06-bde7-59125d4c36af
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:54 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=7de7a766-2c60-4e06-bde7-59125d4c36af
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
NXST
c.deployads.com/cs/ Frame A63F
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
  • https://c.deployads.com/cs/NXST?b=7SLg1syEHks
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/NXST?b=7SLg1syEHks
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
52.18.103.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-103-74.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:53 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 09 Jan 2022 01:35:53 GMT
server
nginx
location
https://c.deployads.com/cs/NXST?b=7SLg1syEHks
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame A63F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8107759937123472539
43 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8107759937123472539
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8107759937123472539
pragma
no-cache
date
Sun, 09 Jan 2022 01:35:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ad
v.lkqd.net/ Frame E78C 		21 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692152087&rtv=1&thost=vnexpress.net
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
c36ae13b9fc95a7e72fe046d52c2da404de109f222f50a1bdf6c350987e932c7

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3055
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692152087&rtv=1&thost=vnexpress.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:53 GMT
content-length
0
access-control-allow-origin
https://vnexpress.net
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame DAA7 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Sat, 08 Jan 2022 17:35:07 GMT
expires
Sun, 08 Jan 2023 17:35:07 GMT
last-modified
Tue, 04 Jan 2022 16:08:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
28846
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame B8E1 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jan 2022 01:35:53 GMT
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame 81DF 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Sat, 08 Jan 2022 17:35:07 GMT
expires
Sun, 08 Jan 2023 17:35:07 GMT
last-modified
Tue, 04 Jan 2022 16:08:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
28846
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame 887C 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Sat, 08 Jan 2022 17:35:07 GMT
expires
Sun, 08 Jan 2023 17:35:07 GMT
last-modified
Tue, 04 Jan 2022 16:08:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
28846
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame B8E1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5DBF 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 00:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:56:34 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F01D 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 00:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:56:34 GMT
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 7E10 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1641692153378
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:53 GMT
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop143.am5.t,1641692153.cds233.am5.shn,1641692153.cds233.am5.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
wGbQAlJJ
sync-tm.everesttech.net/upi/pid/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=61ca7663dc3a6aa2704f1c13f2de1ad&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=pc029_7051014107235484574
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjFjYTc2NjNkYzNhNmFhMjcwNGYxYzEzZjJkZTFhZA==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFuM1Fec93WOAtYiBRs7wi0&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=e264eca7-474f-4729-b4ee-b407bfbc0deb
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/61ca7663dc3a6aa2704f1c13f2de1ad?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-BETq7HJE2oNPx_5kqr0gSGYPlUjVpi5PPdHovkY6~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=2225192029448763184
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=e4ed61da-3bf9-4b00-bcfc-6624da7d3ad5&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=7zzDz4mE1N6n7I5&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3034309312447776064
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AB-oM07DtHgAAD_Q9Q76GQ&gdpr=0
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame 7E10 		59 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=12472193&loc=https%3A%2F%2Fvnexpress.net%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:53 GMT
Server
nginx
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
59
x-sticky-vk
1641692153156064-376
Expires
Sun, 09 Jan 2022 01:35:53 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 7E10 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12472193&_fw_gdpr=0&cbb=1692152086&series=575892314681412188&_fw_gdpr_consent=&vav=4140aeda607cd2f15dcf1a415ae0bef8&vaviv=14f4cdfd380b9c51cdad2ec2899fcf34&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.2.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fvnexpress.net%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:53 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692152984090-345
Expires
Sun, 09 Jan 2022 01:35:53 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3C63 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 00:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:56:34 GMT
t
t.lkqd.net/ Frame 23F6 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:54 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:53 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
async_usersync
ib.adnxs.com/ Frame CB63 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:53 GMT
X-Proxy-Origin
82.199.130.40; 82.199.130.40; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2579ff48-1c6d-464d-9d38-c8784377165c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F91D 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89472922&p=158804&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6ee8f418d9f3642bb69278c7809e0d2f93ab51f7d6a38dca56248c59a6d56081

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 050C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159970
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=129613
expires
Mon, 10 Jan 2022 13:36:06 GMT
date
Sun, 09 Jan 2022 01:35:53 GMT
vary
Accept-Encoding
ads
pubads.g.doubleclick.net/gampad/ Frame DAA7 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21683059350%2Fcygobel7047%2Fvast5cygobel&description_url=rushcrunch.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=983577196305673&sdkv=h.3.494.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3016455354&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=B64F5360-094A-46F8-9BB8-B4D81A204C81&nel=1&eid=44750604%2C44754420&url=https%3A%2F%2Fvnexpress.net%2F&dt=1641692153711&cookie=ID%3Dc7019873f4976685%3AT%3D1641692150%3AS%3DALNI_MbCasTC_0F0l5CMagDPAamm_VLlQg&scor=1320202290744681&ged=ve4_td2_tt0_pd2_la2000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 81DF 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2460257781462197&sdkv=h.3.494.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3094699003&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=B64F5360-094A-46F8-9BB8-B4D81A204C81&nel=1&eid=44750604%2C44754420&url=https%3A%2F%2Fvnexpress.net%2F&dt=1641692153713&cookie=ID%3Dc7019873f4976685%3AT%3D1641692150%3AS%3DALNI_MbCasTC_0F0l5CMagDPAamm_VLlQg&scor=801608007371479&ged=ve4_td2_tt0_pd2_la2000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 887C 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21683059350%2Fcygobel8204%2Fvast5cygobel&description_url=missyusa.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4444596814996307&sdkv=h.3.494.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1241381472&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=B64F5360-094A-46F8-9BB8-B4D81A204C81&nel=1&eid=44750604%2C44754420&url=https%3A%2F%2Fvnexpress.net%2F&dt=1641692153718&cookie=ID%3Dc7019873f4976685%3AT%3D1641692150%3AS%3DALNI_MbCasTC_0F0l5CMagDPAamm_VLlQg&scor=2144272140718711&ged=ve4_td2_tt0_pd2_la2000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame E39D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=7DF37F8B-AFF2-40D1-A711-7DBC666DBC80
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7DF37F8B-AFF2-40D1-A711-7DBC666DBC80
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7DF37F8B-AFF2-40D1-A711-7DBC666DBC80
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:53 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sun, 09 Jan 2022 01:35:53 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7DF37F8B-AFF2-40D1-A711-7DBC666DBC80
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame CB22
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8290923107004405806
42 B
365 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8290923107004405806
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 08 Jan 2022 22:24:12 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0027:0:326
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8290923107004405806
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 405B 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Sun, 09 Jan 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
367298
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame 54DB
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7051014107245574290
42 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7051014107245574290
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 08 Jan 2022 22:24:12 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0027:0:429
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sun, 09 Jan 2022 01:35:53 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7051014107245574290
Pug
simage2.pubmatic.com/AdServer/ Frame F8BB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ydo7_QAEL6xxdQAm&gdpr=0&gdpr_consent=&_test=Ydo7_QAEL6xxdQAm
1 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ydo7_QAEL6xxdQAm&gdpr=0&gdpr_consent=&_test=Ydo7_QAEL6xxdQAm
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:53 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug007:0:491
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ydo7_QAEL6xxdQAm&gdpr=0&gdpr_consent=&_test=Ydo7_QAEL6xxdQAm
accept-ranges
bytes
date
Sun, 09 Jan 2022 01:35:54 GMT
via
1.1 varnish
x-served-by
cache-hhn4080-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1641692154.044168,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 891E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ravoHU0BQ6dCwkBdd_h-u1LHgig
42 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ravoHU0BQ6dCwkBdd_h-u1LHgig
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 09 Jan 2022 00:47:38 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0025:0:327
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Sun, 09 Jan 2022 01:35:54 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ravoHU0BQ6dCwkBdd_h-u1LHgig
Content-Length
159
Connection
keep-alive
adx
match.prod.bidr.io/cookie-sync/ Frame C70E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUItb00wN0R0SGdBQURfUTlRNzZHUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Sun, 09 Jan 2022 01:35:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Sun, 09 Jan 2022 01:35:54 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F91D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ffN_i6_yQNGnEX28Zm28gA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=129613
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Mon, 10 Jan 2022 13:36:06 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame F91D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=74bc61da-3bf9-4700-bcff-d347d43c2aea
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=74bc61da-3bf9-4700-bcff-d347d43c2aea
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 09 Jan 2022 01:35:53 GMT
Server
MT3 4133 baa842e master cdg-pixel-x24 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=74bc61da-3bf9-4700-bcff-d347d43c2aea
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 09 Jan 2022 01:35:52 GMT
/
pixel.onaudience.com/ Frame F91D
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=7DF37F8B-AFF2-40D1-A711-7DBC666DBC80
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=62e567d12a34a6a0abb9b379135747e4
35 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=62e567d12a34a6a0abb9b379135747e4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
HTTP/1.1
Server
51.210.112.236 , France, ASN16276 (OVH, FR),
Reverse DNS
pikafka-1.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Sun, 09 Jan 2022 01:35:54 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=62e567d12a34a6a0abb9b379135747e4
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame F91D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0RGMzdGOEItQUZGMi00MEQxLUE3MTEtN0RCQzY2NkRCQzgw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:496
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F91D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKbq4YTNKmQIx2ljB7p1wM0&google_cver=1
42 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKbq4YTNKmQIx2ljB7p1wM0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:52 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:385
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKbq4YTNKmQIx2ljB7p1wM0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame F91D 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 08 Jan 2022 01:35:53 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F91D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e4ed61da-3bf9-4b00-bcfc-6624da7d3ad5&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e4ed61da-3bf9-4b00-bcfc-6624da7d3ad5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:436
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 09 Jan 2022 01:35:53 GMT
Server
MT3 4133 baa842e master cdg-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e4ed61da-3bf9-4b00-bcfc-6624da7d3ad5&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 09 Jan 2022 01:35:52 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F91D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3963778990808868709
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3963778990808868709
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:349
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:53 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3963778990808868709
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame F91D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e264eca7-474f-4729-b4ee-b407bfbc0deb
42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e264eca7-474f-4729-b4ee-b407bfbc0deb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:439
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e264eca7-474f-4729-b4ee-b407bfbc0deb
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame F91D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2225192029448763184&gdpr=0&gdpr_consent=
42 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2225192029448763184&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 00:47:38 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0025:0:301
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:53 GMT
X-Proxy-Origin
82.199.130.40; 82.199.130.40; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d60fa49c-4935-458a-94d3-70891583c890
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2225192029448763184&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame F91D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7DF37F8B-AFF2-40D1-A711-7DBC666DBC80&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7DF37F8B-AFF2-40D1-A711-7DBC666DBC80&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-klDVAV5E2uUZTdGpmqGqljBcey9TFy0-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-klDVAV5E2uUZTdGpmqGqljBcey9TFy0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 23:50:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-klDVAV5E2uUZTdGpmqGqljBcey9TFy0-~A&gdpr=0&gdpr_consent=
date
Sun, 09 Jan 2022 01:35:53 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
7DF37F8B-AFF2-40D1-A711-7DBC666DBC80
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F91D 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7DF37F8B-AFF2-40D1-A711-7DBC666DBC80?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
image2.pubmatic.com/AdServer/ Frame F91D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-WXGEPw2xEniZsdJrGaPQ_Zlw0DiNZdF92fHjRQT
42 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-WXGEPw2xEniZsdJrGaPQ_Zlw0DiNZdF92fHjRQT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:362
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-WXGEPw2xEniZsdJrGaPQ_Zlw0DiNZdF92fHjRQT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F91D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=03515ecb-0b62-45be-ab21-2992b91fc3d6
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk88405a62-5149-48c8-891f-3e818a5e289d&expires=7&user_group=5&ssp=pubmatic&bsw_param=03515ecb-0b62-45be-ab21-2992b91fc3d6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=03515ecb-0b62-45be-ab21-2992b91fc3d6&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=03515ecb-0b62-45be-ab21-2992b91fc3d6&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:418
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=03515ecb-0b62-45be-ab21-2992b91fc3d6&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 09 Jan 2022 01:35:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame F91D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8107759937123472539&gdpr=0&gdpr_consent=&us_privacy=
1 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8107759937123472539&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 22:20:44 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0021:0:298
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8107759937123472539&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 09 Jan 2022 01:35:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame F91D 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7DF37F8B-AFF2-40D1-A711-7DBC666DBC80&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:53 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame F91D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348&gdpr=0&gdpr_consent=
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:53 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:576
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:53 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cookie.php
optimize.urekamedia.com/ Frame 86D1 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://optimize.urekamedia.com/cookie.php?code=1874508&type=media&apnx_segment=&referrer=&site_lang=&gauid=&urk_id=&ck=13164169215156&clickid=&offerid=&ordernumber=&amount=&webs=https%3A%2F%2Fvnexpress.net%2F
Requested by
Host: optimize.urekamedia.com
URL: https://optimize.urekamedia.com/optimizes.js?m=1874508&apnx_segment=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.212.217.26 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
nginx/1.21.5 / PHP/5.6.40
Resource Hash
8629ab4146655f94c127a70bdfd8272cbd06f97c7fc3f8322b9a284eb0362822

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

Server
nginx/1.21.5
Date
Sun, 09 Jan 2022 01:35:54 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
Access-Control-Allow-Origin
*
Cache-control
private
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11959793&_fw_gdpr=1&_fw_gdpr_consent=&schain=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:53 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692153289093-405
Expires
Sun, 09 Jan 2022 01:35:53 GMT
advast
ice.360yield.com/ 		27 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22330991&w=400&h=300&minduration={MINDURATION}&maxduration={MAXDURATION}&player_width=400&player_height=225&referrer=https%3A%2F%2Fvnexpress.net%2F&vast_version={VAST_VERSION}&vpaid_version={VPAID_VERSION}&video_format_type={VIDEO_TYPE}
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.243.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-243-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:53 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo
ads.adaptv.advertising.com/a/h/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo?cb=1215041020&gdpr=1&gdpr_consent=&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=https%3A%2F%2Fvnexpress.net%2F&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.100.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
a859cf8b40f088b325f2ac3b1b86574d3461eab092b1256b98db87e348a8b2a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
927
expires
0
t
t.lkqd.net/ Frame 23F6 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:54 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:54 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:54 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:54 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 23F6 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:54 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 23F6 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:54 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36046&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.95&cb=35561173564&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1641692154122&asid=61a61665d92edb0e8d6d3a17%2C617aaee6e722602893160f68%2C60cb5f4d3b6dc13cf26e7244%2C60b644b003b35f554016ae95%2C60ec3b2fad82767bad1984b6&ofpr=%2C%2C%2C0.83%2C0.5&fpo=%2C%2C%2C%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 09 Jan 2022 01:35:54 GMT
X-SpotX-Timing-Transform
0.000284
X-SpotX-Timing-SpotMarket
0.003981
X-SpotX-Timing-Page-Mux
0.001025
X-SpotX-Timing-Page-Require
0.000400
X-fe
063
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000029
X-SpotX-Timing-Page
0.008613
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000355
Last-Modified
Sun, 09 Jan 2022 01:35:54 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003981
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://vnexpress.net
X-SpotX-Timing-Page-Misc
0.002522
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000016
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:54 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36046&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.95&cb=35561173564&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1641692154264&asid=61a61665d92edb0e8d6d3a17%2C617aaee6e722602893160f68%2C60cb5f4d3b6dc13cf26e7244&ofpr=%2C%2C&fpo=%2C%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame 8C75 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Sat, 08 Jan 2022 17:35:07 GMT
expires
Sun, 08 Jan 2023 17:35:07 GMT
last-modified
Tue, 04 Jan 2022 16:08:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
28847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame B8E1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame 8C85 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Sat, 08 Jan 2022 17:35:07 GMT
expires
Sun, 08 Jan 2023 17:35:07 GMT
last-modified
Tue, 04 Jan 2022 16:08:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
28847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame E14F 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Sat, 08 Jan 2022 17:35:07 GMT
expires
Sun, 08 Jan 2023 17:35:07 GMT
last-modified
Tue, 04 Jan 2022 16:08:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
28847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0A79 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 00:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:56:34 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 01D8 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 00:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:56:34 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C8E9 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 00:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:56:34 GMT
async_usersync
ib.adnxs.com/ Frame CB63 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:54 GMT
X-Proxy-Origin
82.199.130.40; 82.199.130.40; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8829ac2d-92c8-4012-a316-1cac07df122a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 8C75 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21683059350%2Fcygobel7047%2Fvast5cygobel&description_url=rushcrunch.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3069726587998190&sdkv=h.3.494.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2788182303&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=B64F5360-094A-46F8-9BB8-B4D81A204C81&nel=1&eid=44750604%2C44754420&url=https%3A%2F%2Fvnexpress.net%2F&dt=1641692154493&cookie=ID%3Dc7019873f4976685%3AT%3D1641692150%3AS%3DALNI_MbCasTC_0F0l5CMagDPAamm_VLlQg&scor=341498071103479&ged=ve4_td2_tt0_pd2_la2000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
fp.min.js
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/ Frame 86D1 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
Requested by
Host: optimize.urekamedia.com
URL: https://optimize.urekamedia.com/cookie.php?code=1874508&type=media&apnx_segment=&referrer=&site_lang=&gauid=&urk_id=&ck=13164169215156&clickid=&offerid=&ordernumber=&amount=&webs=https%3A%2F%2Fvnexpress.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4846f4c95a0bf63f8651d03f7373ea733512717b57b1660c7f63369d192077c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://optimize.urekamedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
16035
x-jsd-version
3.3.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19124-FRA, cache-lcy19260-LCY
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"7af6-4WCxngefLhA4Z2VMIul7jpj/MDc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6ca9ee7e5bab76bd-LHR
data-apnx
optimize.urekamedia.com/ Frame 86D1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://optimize.urekamedia.com/data-apnx?user_id=$UID&uid=13164169215156&url=https://vnexpress.net/
  • https://optimize.urekamedia.com/data-apnx?user_id=2225192029448763184&uid=13164169215156&url=https://vnexpress.net/
95 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimize.urekamedia.com/data-apnx?user_id=2225192029448763184&uid=13164169215156&url=https://vnexpress.net/
Requested by
Host: optimize.urekamedia.com
URL: https://optimize.urekamedia.com/cookie.php?code=1874508&type=media&apnx_segment=&referrer=&site_lang=&gauid=&urk_id=&ck=13164169215156&clickid=&offerid=&ordernumber=&amount=&webs=https%3A%2F%2Fvnexpress.net%2F
Protocol
HTTP/1.1
Server
125.212.217.26 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
nginx/1.21.5 / PHP/5.6.40
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://optimize.urekamedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:55 GMT
Server
nginx/1.21.5
X-Powered-By
PHP/5.6.40
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-control
private
Connection
close
alt-svc
clear
Content-Length
95

Redirect headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:54 GMT
X-Proxy-Origin
82.199.130.40; 82.199.130.40; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
237434e5-684a-4339-b5f5-9c8271a1832d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://optimize.urekamedia.com/data-apnx?user_id=2225192029448763184&uid=13164169215156&url=https://vnexpress.net/
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ Frame 86D1 		0
1005 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/seg?add=&t=1
Requested by
Host: optimize.urekamedia.com
URL: https://optimize.urekamedia.com/cookie.php?code=1874508&type=media&apnx_segment=&referrer=&site_lang=&gauid=&urk_id=&ck=13164169215156&clickid=&offerid=&ordernumber=&amount=&webs=https%3A%2F%2Fvnexpress.net%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://optimize.urekamedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:54 GMT
X-Proxy-Origin
82.199.130.40; 82.199.130.40; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
269f12fe-d244-435b-abf5-f11e789f2a41
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 8C85 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=72239060256111&sdkv=h.3.494.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1021525369&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=B64F5360-094A-46F8-9BB8-B4D81A204C81&nel=1&eid=44750604%2C44754420&url=https%3A%2F%2Fvnexpress.net%2F&dt=1641692154589&cookie=ID%3Dc7019873f4976685%3AT%3D1641692150%3AS%3DALNI_MbCasTC_0F0l5CMagDPAamm_VLlQg&scor=3206491816169974&ged=ve4_td3_tt1_pd3_la3000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sun, 09 Jan 2022 01:35:54 GMT
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
12472193
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/12472193?series=575892314681412188&_fw_gdpr=0&_fw_gdpr_consent=&cbb=1692154636
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
41ee115ee5b6e9379eee8eff0fda7105db51d211f2508f087a8a14f6c64710b5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:54 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1142
x-sticky-vk
1641692154057090-332
Expires
Sun, 09 Jan 2022 01:35:54 GMT
ad
v.lkqd.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692154636
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
89475e3de1dc8f8dc4047ce08e78decc74ba34e1d1a5976575b11a4c9da19228

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1318
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=request&cb=1641692154636&asid=5f8fa1ee713056439365ef64%2C5fed564af85e674fd7743e89%2C5fb766e909e8a7781132bf27%2C605424ee9b78ee5fe94060a9%2C5f0d606459839f7d1d016397%2C61bb0d65cc98767fac45f024&ofpr=%2C3%2C3%2C1%2C%2C3&fpo=%2C%2C%2C%2C%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
c
prebid.a-mo.net/a/ 		0
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:54 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
65
vary
origin, Accept-Encoding
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cPJapwk1ur64knaKlId8sQ
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
79eee8e782af82c64067b97dec9f8aff98fb2b672d2a40d8b43e2aade3cc6a1e

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
unruly_prebid
targeting.unrulymedia.com/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:35:54 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/211377/0/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:35:54 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
ads
pubads.g.doubleclick.net/gampad/ Frame E14F 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21683059350%2Fcygobel8204%2Fvast5cygobel&description_url=missyusa.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=615237161987566&sdkv=h.3.494.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1243590790&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=B64F5360-094A-46F8-9BB8-B4D81A204C81&nel=1&eid=44750604%2C44754420&url=https%3A%2F%2Fvnexpress.net%2F&dt=1641692154642&cookie=ID%3Dc7019873f4976685%3AT%3D1641692150%3AS%3DALNI_MbCasTC_0F0l5CMagDPAamm_VLlQg&scor=1564174774512085&ged=ve4_td3_tt1_pd3_la3000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
get-data
optimize.urekamedia.com/ Frame 86D1 		11 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimize.urekamedia.com/get-data
Requested by
Host: optimize.urekamedia.com
URL: https://optimize.urekamedia.com/cookie.php?code=1874508&type=media&apnx_segment=&referrer=&site_lang=&gauid=&urk_id=&ck=13164169215156&clickid=&offerid=&ordernumber=&amount=&webs=https%3A%2F%2Fvnexpress.net%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.212.217.26 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software
nginx/1.21.5 / PHP/5.6.40
Resource Hash
d754119bbec82eb1b4a74b38d4e73071fdbaddbaa887121839b92f7d3d636b2f

Request headers

Referer
https://optimize.urekamedia.com/cookie.php?code=1874508&type=media&apnx_segment=&referrer=&site_lang=&gauid=&urk_id=&ck=13164169215156&clickid=&offerid=&ordernumber=&amount=&webs=https%3A%2F%2Fvnexpress.net%2F
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarybqEyK3qPA285jJ2R

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 09 Jan 2022 01:35:55 GMT
Server
nginx/1.21.5
Connection
close
X-Powered-By
PHP/5.6.40
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36046&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.95&cb=35561173564&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Jan 2022 01:35:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
dc_oe=ChMIpued7MOj9QIVWEUbCh0Rdw3xEAAYACDR3pJNQhMIt9va68Oj9QIVieW7CB0aKgAU;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,253,264,709%26tos%3D2027,0,0,0,0%26mtos%3...
ade.googlesyndication.com/ddm/activity/ Frame 75DA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpued7MOj9QIVWEUbCh0Rdw3xEAAYACDR3pJNQhMIt9va68Oj9QIVieW7CB0aKgAU;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,253,264,709%26tos%3D2027,0,0,0,0%26mtos%3D2027,2027,2027,2027,2027%26amtos%3D0,0,0,0,0%26mcvt%3D2027%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2187%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D1%26dur%3D30293%26vmtime%3D2192%26dtos%3D2027%26dtoss%3D1%26dvs%3D2027%26dfvs%3D2027%26dvpt%3D2187%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D531702911%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2027;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1641692152466;ecn1=1;etm1=0;eid1=200000;
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 75DA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCe2LfzjL2JCf2Bbgq_-7wHKm010IA8tJTE937YW4I5HBEoMW1APFk_hutRWomBMZZZvazHtChEWB466Xzid1AHkf2zikCzgW5Z5ZUTnXDrp4HCqX5Cw&sai=AMfl-YTCQeRHion2XFc9Kp1iWxX0L_fx9XmaObEE8_xJMqr45UFTNbtCMQ5m70yTGG2sDoRUEe57I62rYv3ARaLXZ_vMGh6zpxJGZZivnxGMn7Z-8IbePL2k-mN7PB0Ir4tz&sig=Cg0ArKJSzFOMYtG42LbLEAE&cid=CAASPeRoWACH8HlrEaHv_Oel9BuqPsuEHbIvatHQXX7iufHlCZtpcLgEbEekc_mowYtS4J-SDEE_GfuhS5nilDQ&id=lidarv&acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,253,264,709%26tos%3D2027,0,0,0,0%26mtos%3D2027,2027,2027,2027,2027%26amtos%3D0,0,0,0,0%26mcvt%3D2027%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2187%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D1%26dur%3D30293%26vmtime%3D2192%26dtos%3D2027%26dtoss%3D1%26dvs%3D2027%26dfvs%3D2027%26dvpt%3D2187%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D531702911%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2027&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1641692152466
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
tapestry.tapad.com/tapestry/ Frame 86D1 		95 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tapestry.tapad.com/tapestry/1?ta_partner_id=3099&ta_partner_did=13164169215156&ta_format=png
Requested by
Host: optimize.urekamedia.com
URL: https://optimize.urekamedia.com/cookie.php?code=1874508&type=media&apnx_segment=&referrer=&site_lang=&gauid=&urk_id=&ck=13164169215156&clickid=&offerid=&ordernumber=&amount=&webs=https%3A%2F%2Fvnexpress.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://optimize.urekamedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=bid&cb=1641692154824&asid=5f8fa1ee713056439365ef64%2C5f0d606459839f7d1d016397&ofpr=%2C&fpo=%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame B5A7 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
27dcee15a9acc3029997d34b74dc1aeff9f9a577eea3ce15f45e2557ee5bc2d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop130.am5.t,1641692153.cds134.am5.shn,1641692153.dop130.am5.t,1641692154.cds152.am5.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116210
vpaid.js
ad.lkqd.net/vpaid/ Frame 9958 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1641692154.cds057.am5.hn,1641692154.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame 5E49 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1641692154.cds057.am5.hn,1641692154.cds257.am5.c
access-control-allow-origin
*
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame B5A7 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1641692154944
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:55 GMT
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop143.am5.t,1641692155.cds233.am5.shn,1641692155.cds233.am5.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame B5A7 		0
0
dmp
vop.sundaysky.com/sync/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdp...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Ydo7_QAEL6xxdQAm&gdpr=0&gdpr_consent=null
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AB-oM07DtHgAAD_Q9Q76GQ&gdpr=0&gdpr_consent=null
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=8107759937123472539
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=4090273&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=7d73659b-70ec-11ec-a4fc-35d6da22ce9f
  • https://sync.adotmob.com/cookie/stickyads?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=257&userId=072a220403ce1ede416ef737&gdpr=0&gdprConsent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D&gdpr=0
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348&partner_url=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataPr...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348&gdpr=0
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&1501=072a220403ce1ede416ef737&159=CAESEFuM1Fec93WOAtYiBRs7wi0&17...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849
  • https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d
  • https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=pc029_7051014107235484574
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame B5A7 		59 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=12472193&loc=https%3A%2F%2Fvnexpress.net%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:55 GMT
Server
nginx
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
59
x-sticky-vk
1641692154553080-411
Expires
Sun, 09 Jan 2022 01:35:55 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame B5A7 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12472193&_fw_gdpr=0&cbb=1692154636&series=575892314681412188&_fw_gdpr_consent=&vav=6fe8244899d96969eba336addca06df3&vaviv=0882d0ce9f13ac5ef13f3a553960f643&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.2.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fvnexpress.net%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:55 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692154434092-372
Expires
Sun, 09 Jan 2022 01:35:55 GMT
cs
cs.lkqd.net/ Frame 5E49
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ravoHU0BQ6dCwkBdd_h-u1LHgig
43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ravoHU0BQ6dCwkBdd_h-u1LHgig
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ravoHU0BQ6dCwkBdd_h-u1LHgig
Date
Sun, 09 Jan 2022 01:35:55 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame 5E49
Redirect Chain
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_20bcf30a-91d5-45d0-addd-d20aba5e5f50
43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_20bcf30a-91d5-45d0-addd-d20aba5e5f50
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_20bcf30a-91d5-45d0-addd-d20aba5e5f50
date
Sun, 09 Jan 2022 01:35:55 GMT
via
1.1 google
server
WildFly/10
x-powered-by
Undertow/1
alt-svc
clear
content-length
0
cm
p.rfihub.com/ Frame 5E49 		42 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
198.8.71.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:55 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cs
cs.lkqd.net/ Frame 5E49
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%2...
  • https://a.tribalfusion.com/i.match?p=b30&u=KxFYDAyjl4g&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
  • https://s.tribalfusion.com/z/i.match?p=b30&u=KxFYDAyjl4g&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
  • https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662314884195622
0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662314884195622
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:55 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:55 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
1418
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ca9ee839eb988b0-LHR
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662314884195622
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
lkq
match.prod.bidr.io/cookie-sync/ Frame 5E49 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/lkq
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:55 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36046&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.95&cb=35561173564&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1641692155007&asid=60cb5f4d3b6dc13cf26e7244%2C617aaee6e722602893160f68%2C61a61665d92edb0e8d6d3a17%2C60b644b003b35f554016ae95%2C60ec3b2fad82767bad1984b6&ofpr=%2C%2C%2C0.83%2C0.5&fpo=%2C%2C%2C%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 09 Jan 2022 01:35:55 GMT
X-SpotX-Timing-Transform
0.000255
X-SpotX-Timing-SpotMarket
0.005243
X-SpotX-Timing-Page-Mux
0.000774
X-SpotX-Timing-Page-Require
0.000293
X-fe
127
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000020
X-SpotX-Timing-Page
0.009020
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000282
Last-Modified
Sun, 09 Jan 2022 01:35:55 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005243
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://vnexpress.net
X-SpotX-Timing-Page-Misc
0.002143
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Jan 2022 01:35:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36046&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.95&cb=35561173564&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1641692155128&asid=60cb5f4d3b6dc13cf26e7244%2C617aaee6e722602893160f68%2C61a61665d92edb0e8d6d3a17&ofpr=%2C%2C&fpo=%2C%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ad
v.lkqd.net/ Frame 9958 		21 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692154636&rtv=1&thost=vnexpress.net
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
407a8d1dfa5ecb22ae6cd3104c09c2c193d010e0acec947c4d6f4c555c4b5c82

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 09 Jan 2022 01:35:55 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3392
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692154636&rtv=1&thost=vnexpress.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:55 GMT
content-length
0
access-control-allow-origin
https://vnexpress.net
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
t
t.lkqd.net/ Frame 8CA9 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:55 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:55 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame 100C 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Sat, 08 Jan 2022 17:35:07 GMT
expires
Sun, 08 Jan 2023 17:35:07 GMT
last-modified
Tue, 04 Jan 2022 16:08:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
28848
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame B8E1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame EF05 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Sat, 08 Jan 2022 17:35:07 GMT
expires
Sun, 08 Jan 2023 17:35:07 GMT
last-modified
Tue, 04 Jan 2022 16:08:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
28848
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame 89DF 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Sat, 08 Jan 2022 17:35:07 GMT
expires
Sun, 08 Jan 2023 17:35:07 GMT
last-modified
Tue, 04 Jan 2022 16:08:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
28848
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6C09 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 00:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:56:34 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6C7A 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 00:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:56:34 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1E04 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 00:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:56:34 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 100C 		70 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21683059350%2Fcygobel7047%2Fvast5cygobel&description_url=rushcrunch.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1738461230371360&sdkv=h.3.494.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1938140557&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=B64F5360-094A-46F8-9BB8-B4D81A204C81&nel=1&eid=44750604%2C44754420&url=https%3A%2F%2Fvnexpress.net%2F&dt=1641692155362&cookie=ID%3Dc7019873f4976685%3AT%3D1641692150%3AS%3DALNI_MbCasTC_0F0l5CMagDPAamm_VLlQg&scor=3014854227971687&ged=ve4_td3_tt1_pd3_la3000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a47576973ea493cec903b80575fe79a4e108dcecac72dbff08ddce06e09a833c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14901
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame EF05 		156 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4240388748733022&sdkv=h.3.494.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3180777092&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=B64F5360-094A-46F8-9BB8-B4D81A204C81&nel=1&eid=44750604%2C44754420&url=https%3A%2F%2Fvnexpress.net%2F&dt=1641692155432&cookie=ID%3Dc7019873f4976685%3AT%3D1641692150%3AS%3DALNI_MbCasTC_0F0l5CMagDPAamm_VLlQg&scor=3685196764238131&ged=ve4_td3_tt1_pd3_la3000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11959793&_fw_gdpr=1&_fw_gdpr_consent=&schain=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:55 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692155234035-351
Expires
Sun, 09 Jan 2022 01:35:55 GMT
advast
ice.360yield.com/ 		27 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22330991&w=400&h=300&minduration={MINDURATION}&maxduration={MAXDURATION}&player_width=400&player_height=225&referrer=https%3A%2F%2Fvnexpress.net%2F&vast_version={VAST_VERSION}&vpaid_version={VPAID_VERSION}&video_format_type={VIDEO_TYPE}
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.243.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-243-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:55 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo
ads.adaptv.advertising.com/a/h/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo?cb=1625820116&gdpr=1&gdpr_consent=&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=https%3A%2F%2Fvnexpress.net%2F&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.100.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
a3edd55939fb0c18a9d51db07f652e6d5508c90d2d0a862a2091ae2c62759e29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
926
expires
0
ads
pubads.g.doubleclick.net/gampad/ Frame 89DF 		156 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21683059350%2Fcygobel8204%2Fvast5cygobel&description_url=missyusa.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2171358623812697&sdkv=h.3.494.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2480863784&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=B64F5360-094A-46F8-9BB8-B4D81A204C81&nel=1&eid=44750604%2C44754420&url=https%3A%2F%2Fvnexpress.net%2F&dt=1641692155486&cookie=ID%3Dc7019873f4976685%3AT%3D1641692150%3AS%3DALNI_MbCasTC_0F0l5CMagDPAamm_VLlQg&scor=4335386455854837&ged=ve4_td3_tt1_pd3_la3000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
t.lkqd.net/ Frame 8CA9 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:55 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:55 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
truncated
/ 		581 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:55 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:55 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 8CA9 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:55 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 8CA9 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:55 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
csi
csi.gstatic.com/ Frame 100C 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ky6l4e5n&c=788624227306&slotId=394312113653&qqid=CLXJhO7Do_UCFfHuuwgdaWcDew&gqid=-zvaYdmeGIqT7_UPj6egmAQ&fb=ima_html5-lima&sdkv=h.3.494.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44750604%2C44754420&met.4=ghmsh_s.ky6l4eda~ghmsh_s.ky6l4edb&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=eDNaRUvBEmi5IX3g
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4005:813::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 100C 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-4083612996934505
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 00:48:01 GMT
x-content-type-options
nosniff
age
2874
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jan 2022 01:38:01 GMT
AKedOLR23R_gBYaNhcd2u2Ps8l8FvTNDncrC7_4e7-fMtg=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 100C 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLR23R_gBYaNhcd2u2Ps8l8FvTNDncrC7_4e7-fMtg=s48-c-k-c0x00ffffff-no-rj
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3300fe4b85cf0b182d9683fdb25d2e5b17d21e8267079ca35906725cf6310c9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 00:19:20 GMT
x-content-type-options
nosniff
age
4595
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
fife
etag
"v1a1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 13 Nov 2021 05:41:04 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 100C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C1BvD-zvaYfXfGfHd7_UP6c6N2AfZtbXDZ5HsqpmYD7CQHxABIJmLvS9gu76cg9AKoAHMlpLkAsgBBakCLvmiMb7Mtj7gAgCoAwGYBACqBO0BT9DP-e13XLaMXAaJXFrTvTNEG7rKcFFD-rv4O-X6RMhf6x-4_crKPJLR0l2lrjjEjp2Ox70PiRzOjFOgaqNGt9ORCa2M9skACT-1gkEA5e2crKaCTkpQ0ga_Y8fBxVdhF04zVNjn_i4SWth7DT_8SuC_YfXmgdTfZwkbHE3nvO31kXTX6Y6i9bwEy_XuYnnjz7OmzfTnkPjLDEzDHqFwGbv4VBK4-fg14_oujC9xbkDu9KN5h91eINkhopl_g3MekBGujKygA4jjLrES5F5RI8rsnFlkUjbJu3_DUS0i9hjqA6GBe3LwrvLinwqhwASXhorn8wPgBAGgBlSAB5zp7ZsBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMzNjQyMjcxMzA4Nzc0NTWxCX6EnMTf8pWMgAoDmAsByAsB0AsPuAwB2BMC0BUBmBYBgBcB&sigh=6Sz2zk1DCt4&label=show_ad&acvw=&sdkv=h.3.494.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMTg5MTY1NzIzMzIMNTcwNTE3OTc4MjE1QNIBUh0QDyUAACBCKAE6B3Vua25vd25CB3Vua25vd25QABgB
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 100C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CXEVa-zvaYfXfGfHd7_UP6c6N2AfZtbXDZ5HsqpmYD7CQHxABIJmLvS9gu76cg9AKoAHMlpLkAsgBBakCLvmiMb7Mtj7gAgCoAwGYBACqBOoBT9DP-e13XLaMXAaJXFrTvTNEG7rKcFFD-rv4O-X6RMhf6x-4_crKPJLR0l2lrjjEjp2Ox70PiRzOjFOgaqNGt9ORCa2M9skACT-1gkEA5e2crKaCTkpQ0ga_Y8fBxVdhF04zVNjn_i4SWth7DT_8SuC_YfXmgdTfZwkbHE3nvO31kXTX6Y6i9bwEy_XuYnnjz7OmzfTnkPjLDEzDHqFwGbv4VBK4-fg14_oujC9xbkDu9KN5h91eINkhopl_g3NGkdOWh_YSIhpI8iA2Ds8vmSyBLpdGTTx1sVHboobcm6ounbStY9sJJ9YIwASXhorn8wPgBAGgBlSAB5zp7ZsBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRCjlqsEqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0zMzY0MjI3MTMwODc3NDU1gAoDyAsBwhMGGMyWkuQC2BMC0BUBmBYBgBcBshceChwIABIUcHViLTQ5MDM0NTM5NzQ3NDU1MzAY4cBr&sigh=ER0L6mNngz4&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&vt=10&sdkv=h.3.494.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMTg5MTY1NzIzMzIMNTcwNTE3OTc4MjE1QNIBUh0QDyUAACBCKAE6B3Vua25vd25CB3Vua25vd25QABgB
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
truncated
/ Frame 100C 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
csi
csi.gstatic.com/ Frame B8E1 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ky6l4cm1&c=788624227306&slotId=394312113653&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4005:813::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 100C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.494.0&e=44750604%2C44754420&id=ima_html5&c=92599048343321&domain=vnexpress.net
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr3---sn-h0jeenek.googlevideo.com/
Redirect Chain
  • https://rr3---sn-h0jelne7.googlevideo.com/videoplayback?expire=1641720955&ei=-zvaYeGGH-eJ6dsPjYei6As&ip=82.199.130.40&id=92294c809deb1d41&itag=22&source=youtube&requiressl=yes&mh=mT&mm=31&mn=sn-h0j...
  • https://rr3---sn-h0jeenek.googlevideo.com/videoplayback?expire=1641720955&ei=-zvaYeGGH-eJ6dsPjYei6As&ip=82.199.130.40&id=92294c809deb1d41&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&cti...
3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-h0jeenek.googlevideo.com/videoplayback?expire=1641720955&ei=-zvaYeGGH-eJ6dsPjYei6As&ip=82.199.130.40&id=92294c809deb1d41&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=40.077&lmt=1641048891087483&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhANKAjR-_O9hhNs0qdq3hdQzK54ltcnqm3YaY9LGGXK_yAiEAmQmtRdw5eja7t0EGyE8SOch1-iy5V-3bfxO-tfo9gNM=&cpn=eDNaRUvBEmi5IX3g&redirect_counter=1&rm=sn-h0jld7s&req_id=6c5e6ab5936a36e2&cms_redirect=yes&ipbypass=yes&mh=mT&mip=2a01:4a0:2c::5&mm=31&mn=sn-h0jeenek&ms=au&mt=1641691444&mv=u&mvi=3&pl=46&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMGT-r4jUK9c-EXeviuijGvhbGFylm12cpdyCgJy4wDfAiAGKXSOScdUQxLcDFZXeXjizdeoKwGNrC05EXuQZibmJw%3D%3D
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
HTTP/1.1
Server
2a00:1450:4021::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
25a789fe9c2b44e08afa673df8bd2d873ea178e4b40275413d0d0f1ea15603c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:56 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 01 Jan 2022 14:54:51 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-3640421/3640422
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
3640422
Expires
Sun, 09 Jan 2022 01:35:56 GMT

Redirect headers

Date
Sun, 09 Jan 2022 01:35:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://rr3---sn-h0jeenek.googlevideo.com/videoplayback?expire=1641720955&ei=-zvaYeGGH-eJ6dsPjYei6As&ip=82.199.130.40&id=92294c809deb1d41&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=40.077&lmt=1641048891087483&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhANKAjR-_O9hhNs0qdq3hdQzK54ltcnqm3YaY9LGGXK_yAiEAmQmtRdw5eja7t0EGyE8SOch1-iy5V-3bfxO-tfo9gNM=&cpn=eDNaRUvBEmi5IX3g&redirect_counter=1&rm=sn-h0jld7s&req_id=6c5e6ab5936a36e2&cms_redirect=yes&ipbypass=yes&mh=mT&mip=2a01:4a0:2c::5&mm=31&mn=sn-h0jeenek&ms=au&mt=1641691444&mv=u&mvi=3&pl=46&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMGT-r4jUK9c-EXeviuijGvhbGFylm12cpdyCgJy4wDfAiAGKXSOScdUQxLcDFZXeXjizdeoKwGNrC05EXuQZibmJw%3D%3D
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Sun, 09 Jan 2022 01:35:55 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame F91D 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158804&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158804
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sun, 09 Jan 2022 01:35:56 GMT
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
12472193
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/12472193?series=575892314681412188&_fw_gdpr=0&_fw_gdpr_consent=&cbb=1692156100
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
09ef3083413f167d8fba4ce97e6f89301b50b842d15845586fca92c5fae16e6d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:56 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1142
x-sticky-vk
1641692155809050-428
Expires
Sun, 09 Jan 2022 01:35:56 GMT
ad
v.lkqd.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692156101
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
ca95c80d3181860227c4f317654979c64c2ef2e6633bdeeccbf69b2d9719b527

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:56 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1317
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=request&cb=1641692156101&asid=5f8fa1ee713056439365ef64%2C5fb766e909e8a7781132bf27%2C5fed564af85e674fd7743e89%2C5f0d606459839f7d1d016397%2C61bb0d65cc98767fac45f024%2C605424ee9b78ee5fe94060a9&ofpr=%2C3%2C3%2C%2C3%2C1&fpo=%2C%2C%2C%2C%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
c
prebid.a-mo.net/a/ 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:55 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
256
vary
origin, Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:35:56 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cPJapwk1ur64knaKlId8sQ
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
f4f68890a22c361757cc71dc5e24f15977d7552df62a5a9fbe7602de399ac16c

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Jan 2022 01:35:56 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
mvo
tag.1rx.io/rmp/211377/0/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:35:56 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 100C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C1BvD-zvaYfXfGfHd7_UP6c6N2AfZtbXDZ5HsqpmYD7CQHxABIJmLvS9gu76cg9AKoAHMlpLkAsgBBakCLvmiMb7Mtj7gAgCoAwGYBACqBO0BT9DP-e13XLaMXAaJXFrTvTNEG7rKcFFD-rv4O-X6RMhf6x-4_crKPJLR0l2lrjjEjp2Ox70PiRzOjFOgaqNGt9ORCa2M9skACT-1gkEA5e2crKaCTkpQ0ga_Y8fBxVdhF04zVNjn_i4SWth7DT_8SuC_YfXmgdTfZwkbHE3nvO31kXTX6Y6i9bwEy_XuYnnjz7OmzfTnkPjLDEzDHqFwGbv4VBK4-fg14_oujC9xbkDu9KN5h91eINkhopl_g3MekBGujKygA4jjLrES5F5RI8rsnFlkUjbJu3_DUS0i9hjqA6GBe3LwrvLinwqhwASXhorn8wPgBAGgBlSAB5zp7ZsBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMzNjQyMjcxMzA4Nzc0NTWxCX6EnMTf8pWMgAoDmAsByAsB0AsPuAwB2BMC0BUBmBYBgBcB&sigh=6Sz2zk1DCt4&label=video_ad_loaded&acvw=&sdkv=h.3.494.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMTg5MTY1NzIzMzIMNTcwNTE3OTc4MjE1QNIBUh0QDyUAACBCKAE6B3Vua25vd25CB3Vua25vd25QABgB
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 100C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 10:58:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398233
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 04 Jan 2023 10:58:43 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 100C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CXEVa-zvaYfXfGfHd7_UP6c6N2AfZtbXDZ5HsqpmYD7CQHxABIJmLvS9gu76cg9AKoAHMlpLkAsgBBakCLvmiMb7Mtj7gAgCoAwGYBACqBOoBT9DP-e13XLaMXAaJXFrTvTNEG7rKcFFD-rv4O-X6RMhf6x-4_crKPJLR0l2lrjjEjp2Ox70PiRzOjFOgaqNGt9ORCa2M9skACT-1gkEA5e2crKaCTkpQ0ga_Y8fBxVdhF04zVNjn_i4SWth7DT_8SuC_YfXmgdTfZwkbHE3nvO31kXTX6Y6i9bwEy_XuYnnjz7OmzfTnkPjLDEzDHqFwGbv4VBK4-fg14_oujC9xbkDu9KN5h91eINkhopl_g3NGkdOWh_YSIhpI8iA2Ds8vmSyBLpdGTTx1sVHboobcm6ounbStY9sJJ9YIwASXhorn8wPgBAGgBlSAB5zp7ZsBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRCjlqsEqAgB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0zMzY0MjI3MTMwODc3NDU1gAoDyAsBwhMGGMyWkuQC2BMC0BUBmBYBgBcBshceChwIABIUcHViLTQ5MDM0NTM5NzQ3NDU1MzAY4cBr&sigh=ER0L6mNngz4&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&sdkv=h.3.494.0
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 100C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CkMcH-zvaYfXfGfHd7_UP6c6N2AfZtbXDZ5HsqpmYD7CQHxABIJmLvS9gu76cg9AKoAHMlpLkAsgBBakCLvmiMb7Mtj7gAgCoAwGYBACqBOoBT9DP-e13XLaMXAaJXFrTvTNEG7rKcFFD-rv4O-X6RMhf6x-4_crKPJLR0l2lrjjEjp2Ox70PiRzOjFOgaqNGt9ORCa2M9skACT-1gkEA5e2crKaCTkpQ0ga_Y8fBxVdhF04zVNjn_i4SWth7DT_8SuC_YfXmgdTfZwkbHE3nvO31kXTX6Y6i9bwEy_XuYnnjz7OmzfTnkPjLDEzDHqFwGbv4VBK4-fg14_oujC9xbkDu9KN5h91eINkhopl_g3NGkdOWh_YSIhpI8iA2Ds8vmSyBLpdGTTx1sVHboobcm6ounbStY9sJJ9YIwASXhorn8wPgBAGgBlSAB5zp7ZsBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMzNjQyMjcxMzA4Nzc0NTWACgPICwHYEwLQFQGYFgGAFwE&sigh=oFwT394_YfY&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D914%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D40007%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D398%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D976240591%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D3032%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1641692155702&sdkv=h.3.494.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMTg5MTY1NzIzMzIMNTcwNTE3OTc4MjE1QNIBUiAQDyUAACBCKAE6B3Vua25vd25CB3Vua25vd25IlAVQABgB
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 100C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrM6SrJkQQS2UlI6UnpocNMyzaM-wEKHqI4F8UeqOeC4fyqkOxwkfuHi5TGQUmgFc55GxAxwrl1_s0GrKO1Lahqcp8E7Ex7e55Pyy8d6tXuCjOMtK02w&sai=AMfl-YRv-cLLjgBW7Ef6ImGW29quWlxAzwa-3-eTfVJJ2uTN7EUiJ-s1JbA8uKKrlEh7yWCEYTB11OP1fuWIElhYzAROeDrku9aRWeLUPQW0aw4qB3AXxMQarzlB9QDt&sig=Cg0ArKJSzFXdqVJb3AV7EAE&cid=CAASF-Ro_6SsZ-K9SddNwHMyIs3LEsmKfdES&id=lidarv&acvw=sv%3D914%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D40007%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D398%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D976240591%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D3033%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1641692155702&avm=1
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 100C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CkMcH-zvaYfXfGfHd7_UP6c6N2AfZtbXDZ5HsqpmYD7CQHxABIJmLvS9gu76cg9AKoAHMlpLkAsgBBakCLvmiMb7Mtj7gAgCoAwGYBACqBOoBT9DP-e13XLaMXAaJXFrTvTNEG7rKcFFD-rv4O-X6RMhf6x-4_crKPJLR0l2lrjjEjp2Ox70PiRzOjFOgaqNGt9ORCa2M9skACT-1gkEA5e2crKaCTkpQ0ga_Y8fBxVdhF04zVNjn_i4SWth7DT_8SuC_YfXmgdTfZwkbHE3nvO31kXTX6Y6i9bwEy_XuYnnjz7OmzfTnkPjLDEzDHqFwGbv4VBK4-fg14_oujC9xbkDu9KN5h91eINkhopl_g3NGkdOWh_YSIhpI8iA2Ds8vmSyBLpdGTTx1sVHboobcm6ounbStY9sJJ9YIwASXhorn8wPgBAGgBlSAB5zp7ZsBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMzNjQyMjcxMzA4Nzc0NTWACgPICwHYEwLQFQGYFgGAFwE&sigh=oFwT394_YfY&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D914%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D40007%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D398%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D976240591%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D3034%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1641692155702&sdkv=h.3.494.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMTg5MTY1NzIzMzIMNTcwNTE3OTc4MjE1QNIBUiAQDyUAACBCKAE6B3Vua25vd25CB3Vua25vd25IlAVQABgB
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 100C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.494.0&e=44750604%2C44754420&id=ima_html5&c=92599048343321&domain=vnexpress.net
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 100C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CkMcH-zvaYfXfGfHd7_UP6c6N2AfZtbXDZ5HsqpmYD7CQHxABIJmLvS9gu76cg9AKoAHMlpLkAsgBBakCLvmiMb7Mtj7gAgCoAwGYBACqBOoBT9DP-e13XLaMXAaJXFrTvTNEG7rKcFFD-rv4O-X6RMhf6x-4_crKPJLR0l2lrjjEjp2Ox70PiRzOjFOgaqNGt9ORCa2M9skACT-1gkEA5e2crKaCTkpQ0ga_Y8fBxVdhF04zVNjn_i4SWth7DT_8SuC_YfXmgdTfZwkbHE3nvO31kXTX6Y6i9bwEy_XuYnnjz7OmzfTnkPjLDEzDHqFwGbv4VBK4-fg14_oujC9xbkDu9KN5h91eINkhopl_g3NGkdOWh_YSIhpI8iA2Ds8vmSyBLpdGTTx1sVHboobcm6ounbStY9sJJ9YIwASXhorn8wPgBAGgBlSAB5zp7ZsBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMzNjQyMjcxMzA4Nzc0NTWACgPICwHYEwLQFQGYFgGAFwE&sigh=oFwT394_YfY&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&label=admute&ad_mt=0&acvw=sv%3D914%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D11,0,0,0,0%26mtos%3D11,11,11,11,11%26amtos%3D0,0,0,0,0%26mcvt%3D11%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D40007%26vmtime%3D-1%26dvs%3D11%26dfvs%3D11%26dvpt%3D11%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D398%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D976240591%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D3039%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1641692155702&sdkv=h.3.494.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMTg5MTY1NzIzMzIMNTcwNTE3OTc4MjE1QNIBUiAQDyUAACBCKAE6B3Vua25vd25CB3Vua25vd25IlAVQABgB
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36046&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.95&cb=35561173564&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5d81ecbe28a0617fd145654a%7C617aaee6e722602893160f68&pid=5d81ec9228a0610a0033fe67%7C59918a0e073ef4782e4e347f&cid=5d81ed7928a06164620898f0%7C5d81ec9a28a061267a37a9bf&h=875f9e23eec7c35ecd495e0cae2905778c116a23&d9=1000&ad=40&vi=100&ofpr=5&imid=1c94aa83371e1b416d7a1cda7e0a292e_1723151148_3388869&e=impression&cb=1641692155006&ad=40&vi=100&d4=3&d5=4&d1=vpaid&fv=3&stk=1&cb=1641692155007
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36046&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.95&cb=35561173564&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5d81ecbe28a0617fd145654a%7C617aaee6e722602893160f68&pid=5d81ec9228a0610a0033fe67%7C59918a0e073ef4782e4e347f&cid=5d81ed7928a06164620898f0%7C5d81ec9a28a061267a37a9bf&h=875f9e23eec7c35ecd495e0cae2905778c116a23&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=5&imid=1c94aa83371e1b416d7a1cda7e0a292e_1723151148_3388869&e=start&d1=vpaid&fv=3&cb=1641692155007
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 16F4 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
date
Fri, 07 Jan 2022 09:07:41 GMT
expires
Sat, 07 Jan 2023 09:07:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
145695
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
csi
csi.gstatic.com/ Frame 100C 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ky6l4efl&c=788624227306&slotId=394312113653&qqid=CLXJhO7Do_UCFfHuuwgdaWcDew&gqid=-zvaYdmeGIqT7_UPj6egmAQ&fb=ima_html5-lima&sdkv=h.3.494.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.ky6l4efm~vss_tr.e4~ff.ky6l4eyc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4005:813::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		492 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=bid&cb=1641692156505&asid=5f8fa1ee713056439365ef64%2C5f0d606459839f7d1d016397&ofpr=%2C&fpo=%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame FCCA 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
27dcee15a9acc3029997d34b74dc1aeff9f9a577eea3ce15f45e2557ee5bc2d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop130.am5.t,1641692153.cds134.am5.shn,1641692153.dop130.am5.t,1641692156.cds152.am5.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116210
vpaid.js
ad.lkqd.net/vpaid/ Frame ED85 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:56 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1641692156.cds057.am5.hn,1641692156.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
pagead2.googlesyndication.com/bg/ Frame 16F4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 18:05:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
27009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13400
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Jan 2023 18:05:47 GMT
playback
s.youtube.com/api/stats/ Frame 100C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=44750604%2C44754420&el=adunit&cpn=eDNaRUvBEmi5IX3g&docid=kilMgJ3rHUE&ver=2&cmt=0.193&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fvnexpress.net%2F&len=40.008&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=97.0.4692.71&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::64 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
usync.html
ad.lkqd.net/cookie-sync/ Frame 2100 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

date
Sun, 09 Jan 2022 01:35:56 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1641692156.cds057.am5.hn,1641692156.cds257.am5.c
access-control-allow-origin
*
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame FCCA 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1641692156678
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:56 GMT
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop143.am5.t,1641692156.cds233.am5.shn,1641692156.cds233.am5.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame FCCA 		0
0
17724
tags.bluekai.com/site/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D&gdpr=0&gdpr_consent=null
  • https://tags.bluekai.com/site/17724?id=7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D7b27dcfb-058c-4c35-8768-db351bb...
62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/17724?id=7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D721%2526userId%253D7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348%2526gdpr%253D0%2526gdpr_consent%253Dnull
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
HTTP/1.1
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:57 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:56 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://tags.bluekai.com/site/17724?id=7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D721%2526userId%253D7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348%2526gdpr%253D0%2526gdpr_consent%253Dnull
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame FCCA 		59 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=12472193&loc=https%3A%2F%2Fvnexpress.net%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:56 GMT
Server
nginx
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
59
x-sticky-vk
1641692156715002-340
Expires
Sun, 09 Jan 2022 01:35:56 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame FCCA 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12472193&_fw_gdpr=0&cbb=1692156100&series=575892314681412188&_fw_gdpr_consent=&vav=374cd21b44f95f52f42924bed9de7898&vaviv=0b92780ca05e3c15b6fcd67ecc487964&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.2.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fvnexpress.net%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:56 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692156687008-380
Expires
Sun, 09 Jan 2022 01:35:56 GMT
cm
p.rfihub.com/ Frame 2100 		42 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
198.8.71.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:56 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
lkq
match.prod.bidr.io/cookie-sync/ Frame 2100 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/lkq
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:56 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame 2100 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:56 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
cs
cs.lkqd.net/ Frame 2100
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=S3hGWURBeWpsNGc
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEJkzSJSkyr5QDJZcsUdcyRA&google_cver=1
43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEJkzSJSkyr5QDJZcsUdcyRA&google_cver=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:57 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEJkzSJSkyr5QDJZcsUdcyRA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CookieSyncLKQD
rtb.adentifi.com/ Frame 2100 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.119.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-119-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
gen_204
pagead2.googlesyndication.com/pagead/ Frame 16F4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.494.0&bgai=BiUJN-zvaYfXfGfHd7_UP6c6N2AcAAAAAOAG6BRMImYiD7sOj9QIVism7CB2PEwhD&bg=!gYKlgsbNAAbDtiZlw7Y7ACkAdvg8Wm3YA4Xi59RuEtOwA-zFbncmLP65WfRjHdsk5BtQvQBOFLMGFgIAAACFUgAAAAtoAQcKAOhvA-Qxs01TMhItJN7XtyCYHb_xXJ29u7rZM2ywpbglUSHHCAkSOQ01jyfOXuQ01r9Cx77vxnwm-2a189bfl4i0DPI2Io8eJW9jM3Dlpiq9JGivrV6yiMQ73K2qHgkGzd0MBYlM2CJ-fmBdDsCpU9aWFhPMWpSYmYniAGlMMCL9YYoXDIuhZ90LX31tOI8ekPFJJBh0hAFrq5R9CLMne0kanW-lsYRZoeRkir3QeTi5MOSK7dOSpJQ3aBok7tmpdw6N_e-2T6be0epusIwa-wm8ZpYTYnbZtWXZTQA4rB_U3-Dh3Ndvvq49mQJPvSWDZsCg4ryjkTooZXMqWhpVoeoIcERo6rt5wkF2f0Uueppyp7PTk9CM-GWAkPLWqbfIsOVrYTmcEV_PYPnpbnhdFfKlu_K6EQ1GbW8up1ZOBAdyMwOzMnmVBpasdpaYTZAPVFsUQOSK-wZmEclrAURt_jnfnabNw8ATbdn3a6pangM9HktGtstYkRdoz4pptfUIH4TpADZW9xH_c5MiWvRZ0qtTei9zLfV9ZAsJKua56VaQ1pc2bav88Tw9m57jWnWw44YwIRyLw0Alyljw1fHZMDn_6i85MoAr9aipAO4_9kl8qtDNY72ygz8-qURRASCn2UJ6VyF8OiWadKw5XQpajEA5e0SsHj9CY9W8RslZlMLieO7W3vBxr_ZxPQaJaazeB-BcMvsZ5pHtcQfEy0RVoC-5DZ90oLkE7Wf1UHUS2IyO8gKhtI0PeT_RX3HpJ9UxR4NKnOyqKuoyLH4yzw4akAYbNQRSeuZs482RxWNGQrAnT8l6ZJ9khNVcZ0B4G3gl7p4X6uSVE4HNktVzMr316_HBRQl5TRF7Ww5hpbWw7JjjnLkoSGq0K266z1jMwHanTia9YS8xjbAms_iMvgO2fgqcEdDr5dISHDOV5_YTLBRbvPaU8h-SvdPNosfZCcoZK1WTluUkesMdiIIIc8aGfvZa0Q27lhYw9-daS8d-mXACv3Je38_KpkVge7qJu5Ys2OxIJsNQVSH18xAXjRBpIwdDdC_X5HRNNaeJib0eaZBcLmr4BHGjErpS_87MUfMwBSItnXT0Mjl_dU7c
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692156101&rtv=1&thost=vnexpress.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:56 GMT
content-length
0
access-control-allow-origin
https://vnexpress.net
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame ED85 		21 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692156101&rtv=1&thost=vnexpress.net
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e17b9620cde808b7964c624833347c92fe4b7d7f0a190b404eacecd2ea74996f

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 09 Jan 2022 01:35:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3054
t
t.lkqd.net/ Frame E369 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:57 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:56 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11959793&_fw_gdpr=1&_fw_gdpr_consent=&schain=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:57 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692156706062-381
Expires
Sun, 09 Jan 2022 01:35:57 GMT
advast
ice.360yield.com/ 		27 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22330991&w=400&h=300&minduration={MINDURATION}&maxduration={MAXDURATION}&player_width=400&player_height=225&referrer=https%3A%2F%2Fvnexpress.net%2F&vast_version={VAST_VERSION}&vpaid_version={VPAID_VERSION}&video_format_type={VIDEO_TYPE}
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.243.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-243-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:57 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo
ads.adaptv.advertising.com/a/h/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo?cb=530916935&gdpr=1&gdpr_consent=&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=https%3A%2F%2Fvnexpress.net%2F&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.100.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
75546c88a0cde582d4c8b27382c4c5c705f3ed0138cfe9b49a417debd3fce8c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
927
expires
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:57 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:57 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame E369 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:57 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame E369 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:57 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sun, 09 Jan 2022 01:35:57 GMT
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
12472193
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/12472193?series=575892314681412188&_fw_gdpr=0&_fw_gdpr_consent=&cbb=1692157781
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
de9e3bc61dca03d2d599fb9fab709332895f885d7bc16adb63995364a215d163

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:57 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1142
x-sticky-vk
1641692157776006-407
Expires
Sun, 09 Jan 2022 01:35:57 GMT
ad
v.lkqd.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692157782
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
8bbde2c9b3b023e4d095ff889b5f757e402f9d3c81dff40c001d39233efaf578

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:57 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1316
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=request&cb=1641692157782&asid=5fed564af85e674fd7743e89%2C5fb766e909e8a7781132bf27%2C5f8fa1ee713056439365ef64%2C605424ee9b78ee5fe94060a9%2C5f0d606459839f7d1d016397%2C61bb0d65cc98767fac45f024&ofpr=3%2C3%2C%2C1%2C%2C3&fpo=%2C%2C%2C%2C%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cPJapwk1ur64knaKlId8sQ
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
01c25c3793ced5938a692c60ab7e3b13ad6e6d1ca02cac87e7db4bf7ba2fe3e3

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Jan 2022 01:35:57 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
c
prebid.a-mo.net/a/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:57 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
65
vary
origin, Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:35:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
mvo
tag.1rx.io/rmp/211377/0/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:35:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=bid&cb=1641692157973&asid=5f8fa1ee713056439365ef64%2C5f0d606459839f7d1d016397&ofpr=%2C&fpo=%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame E0AC 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
27dcee15a9acc3029997d34b74dc1aeff9f9a577eea3ce15f45e2557ee5bc2d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop130.am5.t,1641692153.cds134.am5.shn,1641692153.dop130.am5.t,1641692158.cds152.am5.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116210
vpaid.js
ad.lkqd.net/vpaid/ Frame B981 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:58 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1641692158.cds057.am5.hn,1641692158.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame 4718 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

date
Sun, 09 Jan 2022 01:35:58 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1641692158.cds057.am5.hn,1641692158.cds257.am5.c
access-control-allow-origin
*
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame E0AC 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1641692158098
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:58 GMT
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop143.am5.t,1641692158.cds233.am5.shn,1641692158.cds233.am5.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame E0AC 		0
0
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&gdpr=0&gdpr_consent=null
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&gdpr=0&gdpr_consent=null&_cvt=t
  • https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.87e6baabca9c4eb98c08bac186fd6c9f
  • https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=stickyads&bsw_custom_parameter=03515ecb-0b62-45be-ab21-2992b91fc3d6
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=stickyads&bsw_custom_parameter=03515ecb-0b62-45be-ab21-2992b91fc3d6
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=633c3dad-923f-4c0b-8216-954ea67f8f2a&ssp=stickyads&expires=30&user_group=5&bsw_param=03515ecb-0b62-45be-ab21-2992b91fc3d6
  • https://ads.stickyadstv.com/user-registering?dataProviderId=204&userId=03515ecb-0b62-45be-ab21-2992b91fc3d6
  • https://a.tribalfusion.com/i.match?p=b25&u=61ca7663dc3a6aa2704f1c13f2de1ad&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D977%26userId%3D%24TF...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=977&userId=18072662314884195622
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156429&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156429%26mpc%3D4%26fp%3D1%26pmc%3DPM_PMC%26pr%3Dhttps%253A%25...
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:04c11832-0234-4b06-b0e1-0860d37a83d9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:04c11832-0234-4b06-b0e1-0860d37a83d9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:00 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:500
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:04c11832-0234-4b06-b0e1-0860d37a83d9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 09 Jan 2022 01:36:01 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Jan 2022 01:35:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
ads.stickyadstv.com/additional-scripts/ Frame E0AC 		59 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=12472193&loc=https%3A%2F%2Fvnexpress.net%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:58 GMT
Server
nginx
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
59
x-sticky-vk
1641692157977035-425
Expires
Sun, 09 Jan 2022 01:35:58 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame E0AC 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12472193&_fw_gdpr=0&cbb=1692157781&series=575892314681412188&_fw_gdpr_consent=&vav=b2503177b2f21bda75c64dbe2b92ee21&vaviv=6edeceee61e2d6572ddc20eaacf3555a&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.2.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fvnexpress.net%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:58 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692158151002-388
Expires
Sun, 09 Jan 2022 01:35:58 GMT
cm
p.rfihub.com/ Frame 4718 		42 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
198.8.71.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:58 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
lkq
match.prod.bidr.io/cookie-sync/ Frame 4718 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/lkq
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:58 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame 4718 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:58 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieSyncLKQD
rtb.adentifi.com/ Frame 4718 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.119.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-119-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
cs
cs.lkqd.net/ Frame 4718
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=934e8c51-3fdc-4778-a224-12fc61739d12
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=934e8c51-3fdc-4778-a224-12fc61739d12
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:58 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=934e8c51-3fdc-4778-a224-12fc61739d12
date
Sun, 09 Jan 2022 01:35:58 GMT
server
_
content-length
0
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692157782&rtv=1&thost=vnexpress.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:58 GMT
content-length
0
access-control-allow-origin
https://vnexpress.net
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame B981 		21 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692157782&rtv=1&thost=vnexpress.net
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
5a1fb0681e3e66e20cf988a0283c8edc76ef9a6c4383e70c5ae9f013262985a5

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 09 Jan 2022 01:35:58 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3054
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:58 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame B9BF 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:58 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 100C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrM6SrJkQQS2UlI6UnpocNMyzaM-wEKHqI4F8UeqOeC4fyqkOxwkfuHi5TGQUmgFc55GxAxwrl1_s0GrKO1Lahqcp8E7Ex7e55Pyy8d6tXuCjOMtK02w&sai=AMfl-YRv-cLLjgBW7Ef6ImGW29quWlxAzwa-3-eTfVJJ2uTN7EUiJ-s1JbA8uKKrlEh7yWCEYTB11OP1fuWIElhYzAROeDrku9aRWeLUPQW0aw4qB3AXxMQarzlB9QDt&sig=Cg0ArKJSzFXdqVJb3AV7EAE&cid=CAASF-Ro_6SsZ-K9SddNwHMyIs3LEsmKfdES&id=lidarv&acvw=sv%3D914%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D2020,0,0,0,0%26mtos%3D2020,2020,2020,2020,2020%26amtos%3D0,0,0,0,0%26mcvt%3D2020%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2020%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D423%26pst%3D414%26dur%3D40007%26vmtime%3D1956%26dtos%3D2020%26dtoss%3D1%26dvs%3D2009%26dfvs%3D2009%26dvpt%3D2009%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D398%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D14,0,0,0,0%26avms%3Dexc%26qi%3D976240591%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D5049%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2020&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1641692155702
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11959793&_fw_gdpr=1&_fw_gdpr_consent=&schain=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:58 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692158151065-388
Expires
Sun, 09 Jan 2022 01:35:58 GMT
advast
ice.360yield.com/ 		27 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22330991&w=400&h=300&minduration={MINDURATION}&maxduration={MAXDURATION}&player_width=400&player_height=225&referrer=https%3A%2F%2Fvnexpress.net%2F&vast_version={VAST_VERSION}&vpaid_version={VPAID_VERSION}&video_format_type={VIDEO_TYPE}
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.243.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-243-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:58 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo
ads.adaptv.advertising.com/a/h/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo?cb=1056366752&gdpr=1&gdpr_consent=&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=https%3A%2F%2Fvnexpress.net%2F&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.100.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
1c0b7c950c201ce6261cd9169ab464fa1c8ebdfb6c9881fefa0cfe2fbeeb7d1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
928
expires
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36046&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.95&cb=35561173564&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5d81ecbe28a0617fd145654a%7C617aaee6e722602893160f68&pid=5d81ec9228a0610a0033fe67%7C59918a0e073ef4782e4e347f&cid=5d81ed7928a06164620898f0%7C5d81ec9a28a061267a37a9bf&h=875f9e23eec7c35ecd495e0cae2905778c116a23&d9=1000&ad=40&vi=100&ofpr=5&imid=1c94aa83371e1b416d7a1cda7e0a292e_1723151148_3388869&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=3&cb=1641692155007
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:58 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:58 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame B9BF 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:58 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame B9BF 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:58 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
all
csm.eu.criteo.net/ Frame 5C4A 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=SXpES0Cnp0MyBTA3fU2MrPfiZCXb8MXQKkbyTqmUndDnelXMKqSZRD64IYxhuH2zS6aIzm3V9IIFOpRazW9hGuaHeLjYQ7xQtMQRO6IaBtnSoBwIxBxSt97ZYrzCvk5NNOb8SzqWHGnjjcJZC2zqrcrfRnYbDTyWU3sGZSWjXLRQao7nxsHYYz0tmbZi985qHyZBzKsXJ0KKygYeKqwsZvRln7qcJy5wkJIFiQ23bTyZ7UGNHM61RLK1OBcV0OALKlAIwg&sds=2&rev=79985.3&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ydo79gAIRDgIu-WJAAAqGkYswC3UEfBaRoZM1Q&u=%7CkHOWYYLup3FeAjh62E9su2kqXL5RIYU2y8EiV9KIE3c%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phphRGrjKTP5gPwAHTAkWxYC9ZMrxDgu2Eeh2k_E76NSBQbsmbqZXFg7sU5qgpgiWrPXPhfjvxNvjpJYi5uLtpHyGBJZ6XK4FtTErlaAsX4hHHVzARoHpN8ZwGaJmntzzmYGljqSVdEzjSHiyhaIxiS46Oqstss_xbQtEH0S9mOpiw2nIPIBJuC6-srRIvos7NTbruSUZNHLpWEsUQHj3_Plnf8HdubyRVjxPk--LWdlroUPH9K5oAauejjoXQaIF32HUFq4EMwjCTZoNRw8y77cRH-kwBF1ECXi8ADOV_wXso4IdZiyOcEx9rE5w0PLV-dMMeF7-46tZvXOU5AKmQJn6Kx-MWf35isI_XoG3PZ7YhlcaS-zmuqIL2jp-mSk7AFnTTZ99ihJG42eT3uq9GKg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDO_49jvaYbiIIYnL7_UPmtSAoAHkj9KxXI-K6IiIAcCNtwEQASAAYLu-nIPQCoIBF2NhLXB1Yi0xNDgxMDE5NzU0MTg0OTU1oAG91IjrA8gBCakCLvmiMb7Mtj7gAgCoAwGqBOcBT9DOQTjEUNSSKTGwUrbiH58U7CLiVRLj0qfkXq4V4xgFxcSKVTmbyQrQWxmQGfnSl7khTmGsW2hFcPmryPkBT3lkd35oqyrUA5gES67Yi3dfTDCQP3IYpkqDQ7Kr3HBhZigT6z7VfYuYe_WBvEvzuEduxNY_xLk3OlQAaT3YZKnG63qwsrDIPh5HHwyhonS7lWUC8WvTjF_xI65fhTzhIJzVNuXJ5VoodFhmHT0yFTIiHGnUBBSogsvLSyJ69lvmwNeiHpJoVoxRV1qGnxxNuvOwrOZpyuDWv2pENWWq-HPiSUlB6fAA4AQBgAb144ujwYL2i4MBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07mr9rY20Nx_WNqh7zYbUf7AnARg%26client%3Dca-pub-1481019754184955%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Jan 2022 01:35:57 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sun, 09 Jan 2022 01:35:59 GMT
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
12472193
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/12472193?series=575892314681412188&_fw_gdpr=0&_fw_gdpr_consent=&cbb=1692159178
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
82c75f40eae18bcba65263b5576c697ba6e63a8ab24f69b0ba5703d507970f6e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:59 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1142
x-sticky-vk
1641692159042030-341
Expires
Sun, 09 Jan 2022 01:35:59 GMT
ad
v.lkqd.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692159178
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
5231df573b6180c6bda33b20b3f58fdaed9fc3ddde42b68fbea502813924311e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:59 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1315
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=request&cb=1641692159178&asid=5fed564af85e674fd7743e89%2C5fb766e909e8a7781132bf27%2C5f8fa1ee713056439365ef64%2C5f0d606459839f7d1d016397%2C605424ee9b78ee5fe94060a9%2C61bb0d65cc98767fac45f024&ofpr=3%2C3%2C%2C%2C1%2C3&fpo=%2C%2C%2C%2C%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:59 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
c
prebid.a-mo.net/a/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:58 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
65
vary
origin, Accept-Encoding
mvo
tag.1rx.io/rmp/211377/0/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:35:59 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cPJapwk1ur64knaKlId8sQ
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
7ae8954123d9fb8b10fff939ab42d89f6cfcfa4d91d5278d2f2c0a4cc21c7ebe

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Jan 2022 01:35:59 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
unruly_prebid
targeting.unrulymedia.com/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:35:59 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36046&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.95&cb=35561173564&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5d81ecbe28a0617fd145654a%7C617aaee6e722602893160f68&pid=5d81ec9228a0610a0033fe67%7C59918a0e073ef4782e4e347f&cid=5d81ed7928a06164620898f0%7C5d81ec9a28a061267a37a9bf&h=875f9e23eec7c35ecd495e0cae2905778c116a23&d9=1000&ad=40&vi=100&ofpr=5&imid=1c94aa83371e1b416d7a1cda7e0a292e_1723151148_3388869&e=sec3&vi=100&d1=vpaid&fv=3&cb=1641692155007
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:59 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=bid&cb=1641692159369&asid=5f8fa1ee713056439365ef64%2C5f0d606459839f7d1d016397&ofpr=%2C&fpo=%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:59 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 3F47 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
27dcee15a9acc3029997d34b74dc1aeff9f9a577eea3ce15f45e2557ee5bc2d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop130.am5.t,1641692153.cds134.am5.shn,1641692153.dop130.am5.t,1641692159.cds152.am5.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116210
vpaid.js
ad.lkqd.net/vpaid/ Frame 5348 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:35:59 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1641692159.cds057.am5.hn,1641692159.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 3F47 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1641692159470
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:59 GMT
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop143.am5.t,1641692159.cds233.am5.shn,1641692159.cds233.am5.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame 3F47 		0
0
freewheel
um.simpli.fi/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://freewheel.adhaven.com/bid-engine/cs/b714c175b3fe12d9388dfc1431d76197/v1?rd=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1217%26userId%3D%24UID&gdpr=0&gdpr_consent...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1217&userId=4c_20bcf30a-91d5-45d0-addd-d20aba5e5f50
  • https://umfw.adscience.nl/sync/freewheel&gdpr=0&gdpr_consent=?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1265&userId=E2lXbXSF9Y5tLx7bXzXVTQ--
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156429&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156429%26mpc%3D4%26fp%3D1%26pmc%3DPM_PMC%26pr%3Dhttps%253A%25...
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2225192029448763184
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156429&mpc=4&fp=1&pmc=1&pr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D642%26userId%3D7DF37F8B-AFF2-40D1-A711-7DBC666DBC80
  • https://ads.stickyadstv.com/user-registering?dataProviderId=642&userId=7DF37F8B-AFF2-40D1-A711-7DBC666DBC80
  • https://um.simpli.fi/freewheel?
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel?
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 08 Jan 2022 01:36:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:00 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://um.simpli.fi/freewheel?
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1641692160201073-417
Expires
Sun, 09 Jan 2022 01:36:00 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 3F47 		59 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=12472193&loc=https%3A%2F%2Fvnexpress.net%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:59 GMT
Server
nginx
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
59
x-sticky-vk
1641692159361029-366
Expires
Sun, 09 Jan 2022 01:35:59 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 3F47 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12472193&_fw_gdpr=0&cbb=1692159178&series=575892314681412188&_fw_gdpr_consent=&vav=61c9406badfc628393dec49c40891716&vaviv=c30170a69641f32de17b74df4d2f3220&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.2.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fvnexpress.net%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:59 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692159264035-414
Expires
Sun, 09 Jan 2022 01:35:59 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame C5E2 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

date
Sun, 09 Jan 2022 01:35:59 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1641692159.cds057.am5.hn,1641692159.cds257.am5.c
access-control-allow-origin
*
cm
p.rfihub.com/ Frame C5E2 		42 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
198.8.71.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:35:59 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
lkq
match.prod.bidr.io/cookie-sync/ Frame C5E2 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/lkq
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 09 Jan 2022 01:35:59 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame C5E2 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:35:59 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieSyncLKQD
rtb.adentifi.com/ Frame C5E2 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.119.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-119-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
cs
cs.lkqd.net/ Frame C5E2
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=ZLwamts6fBZc&ev=1&pid=561322
43 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=ZLwamts6fBZc&ev=1&pid=561322
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:00 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-GB
location
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=ZLwamts6fBZc&ev=1&pid=561322
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6cff57fdbc-5bbwp
expires
-1
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692159178&rtv=1&thost=vnexpress.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:59 GMT
content-length
0
access-control-allow-origin
https://vnexpress.net
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame 5348 		21 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692159178&rtv=1&thost=vnexpress.net
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
bfb12cb73b76780859e79f58371b0d3d4a7c9c353c0436441d10654a9487c325

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 09 Jan 2022 01:35:59 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3052
t
t.lkqd.net/ Frame 8932 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:59 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:59 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36046&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.95&cb=35561173564&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Jan 2022 01:35:59 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
t
t.lkqd.net/ Frame 8932 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:00 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:35:59 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11959793&_fw_gdpr=1&_fw_gdpr_consent=&schain=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:00 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692159891015-365
Expires
Sun, 09 Jan 2022 01:36:00 GMT
advast
ice.360yield.com/ 		27 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22330991&w=400&h=300&minduration={MINDURATION}&maxduration={MAXDURATION}&player_width=400&player_height=225&referrer=https%3A%2F%2Fvnexpress.net%2F&vast_version={VAST_VERSION}&vpaid_version={VPAID_VERSION}&video_format_type={VIDEO_TYPE}
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.243.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-243-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:59 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo
ads.adaptv.advertising.com/a/h/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo?cb=1018068254&gdpr=1&gdpr_consent=&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=https%3A%2F%2Fvnexpress.net%2F&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.100.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
88b1de7483b7fba6d3cc34dbc55a4ba7a3ea55455a084d6d3fe58d9a278fc1ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
928
expires
0
dc_oe=ChMIpued7MOj9QIVWEUbCh0Rdw3xEAAYACDR3pJNQhMIt9va68Oj9QIVieW7CB0aKgAU;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,253,264,709%26tos%3D7369,0,0,0,0%26mtos%3...
ade.googlesyndication.com/ddm/activity/ Frame 75DA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpued7MOj9QIVWEUbCh0Rdw3xEAAYACDR3pJNQhMIt9va68Oj9QIVieW7CB0aKgAU;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,253,264,709%26tos%3D7369,0,0,0,0%26mtos%3D7369,7369,7369,7369,7369%26amtos%3D0,0,0,0,0%26mcvt%3D7369%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7529%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D45%26pst%3D1%26dur%3D30293%26vmtime%3D7536%26dtos%3D5342%26dtoss%3D2%26dvs%3D5342%26dfvs%3D5342%26dvpt%3D5342%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D7369,7369,7369,7369,7369%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D531702911%26psm%3D255%26psv%3D254%26psfv%3D254%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,7369;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1641692152466;ecn1=1;etm1=0;eid1=960584;
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 75DA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHLtC9jvaYbeIIYnL7_UPmtSAoAGIwsnTZ7uU3_n4DqGvjMiuJxABIMfHnyNgu76cg9AKoAHQtvqqAcgBBagDAcgDmwSqBN8BT9Ad_INpEk7u0V2WD5ry-nlRbNa5nd0YXdtzUo4_BYQf_inJBOof2FKKDLRyj8DO64Ytn1f9rUU2f4Q3tOd5ixJtSMSwG7YErJFBECvJl5RLjRKF_dXNov8Dkp66qLPMRlOSBk-dGoIiV03hgUcmyp-VgppYzSdu6QuRxjgYF7ed2Dsu0LpgibQRyCZnfjiDfJAsBqg20xdpY1bnVa1M4lVGnH_OzBM_WCltM4q1KUNZDKpb9RJ3MAYpDAlV5pVm-tfcXau5quJ8_n-EodW9-r_aEIkgDXxM2NTw9AQkksAErt7xnNwD4AQDkAYBoAZOgAeYyYXVAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YBwEAEYHYAKA5gLAcgLAYAMAbATuZHnDdATANgTA4gUSdgUAdAVAYAXAQ&sigh=XA8VBGFDUBU&label=videoplaytime25&ad_mt=7536&acvw=sv%3D20211103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,253,264,709%26tos%3D7369,0,0,0,0%26mtos%3D7369,7369,7369,7369,7369%26amtos%3D0,0,0,0,0%26mcvt%3D7369%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7529%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D45%26pst%3D1%26dur%3D30293%26vmtime%3D7536%26dtos%3D5342%26dtoss%3D2%26dvs%3D5342%26dfvs%3D5342%26dvpt%3D5342%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D7369,7369,7369,7369,7369%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D531702911%26psm%3D255%26psv%3D254%26psfv%3D254%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,7369&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1641692152466
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:00 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:00 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 8932 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:00 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 8932 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:00 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Jan 2022 01:36:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sun, 09 Jan 2022 01:36:00 GMT
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
12472193
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/12472193?series=575892314681412188&_fw_gdpr=0&_fw_gdpr_consent=&cbb=1692160607
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3074e909866cebf1d993a0bef11d8bf46af2d5fca8bec5884a8e5701e8a61e8e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:00 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1142
x-sticky-vk
1641692160481029-392
Expires
Sun, 09 Jan 2022 01:36:00 GMT
ad
v.lkqd.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692160607
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
466c1205ae1844ff70df5b0464f4211b3822ac1801de8c8b6bfa78acc1f651c1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:00 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1318
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=request&cb=1641692160607&asid=5fb766e909e8a7781132bf27%2C5fed564af85e674fd7743e89%2C5f8fa1ee713056439365ef64%2C5f0d606459839f7d1d016397%2C605424ee9b78ee5fe94060a9%2C61bb0d65cc98767fac45f024&ofpr=3%2C3%2C%2C%2C1%2C3&fpo=%2C%2C%2C%2C%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cPJapwk1ur64knaKlId8sQ
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
c025074bddc666be823515d4a8b2c506dc7141583475bda961294bad93e61188

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Jan 2022 01:36:00 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
c
prebid.a-mo.net/a/ 		0
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:35:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
71
vary
origin, Accept-Encoding
mvo
tag.1rx.io/rmp/211377/0/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:36:00 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
unruly_prebid
targeting.unrulymedia.com/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:36:00 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=bid&cb=1641692160804&asid=5f8fa1ee713056439365ef64%2C5f0d606459839f7d1d016397&ofpr=%2C&fpo=%2C
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame EC73 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
27dcee15a9acc3029997d34b74dc1aeff9f9a577eea3ce15f45e2557ee5bc2d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop130.am5.t,1641692153.cds134.am5.shn,1641692153.dop130.am5.t,1641692160.cds152.am5.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116210
vpaid.js
ad.lkqd.net/vpaid/ Frame 8961 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:00 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1641692160.cds057.am5.hn,1641692160.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame 88ED 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

date
Sun, 09 Jan 2022 01:36:00 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1641692160.cds057.am5.hn,1641692160.cds257.am5.c
access-control-allow-origin
*
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame EC73 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1641692160921
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:00 GMT
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop143.am5.t,1641692160.cds233.am5.shn,1641692160.cds233.am5.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame EC73 		0
0
freewheel
um.simpli.fi/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Requested by
Host: vnexpress.net
URL: https://vnexpress.net/
Protocol
H2
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 08 Jan 2022 01:36:01 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:00 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1641692160714038-352
Expires
Sun, 09 Jan 2022 01:36:00 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame EC73 		59 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=12472193&loc=https%3A%2F%2Fvnexpress.net%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:00 GMT
Server
nginx
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
59
x-sticky-vk
1641692160699048-427
Expires
Sun, 09 Jan 2022 01:36:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame EC73 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12472193&_fw_gdpr=0&cbb=1692160607&series=575892314681412188&_fw_gdpr_consent=&vav=26eb6b6b44ff808f8fc3c98c7c39b0af&vaviv=6e8f6e06b15d70c7a85b6e693e88ebaa&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.2.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fvnexpress.net%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:01 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692160494083-410
Expires
Sun, 09 Jan 2022 01:36:01 GMT
cm
p.rfihub.com/ Frame 88ED 		42 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
198.8.71.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:01 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
lkq
match.prod.bidr.io/cookie-sync/ Frame 88ED 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/lkq
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:01 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame 88ED 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:01 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieSyncLKQD
rtb.adentifi.com/ Frame 88ED 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.119.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-119-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
cs
cs.lkqd.net/ Frame 88ED
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=Ydo7_QAEL6xxdQAm
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=Ydo7_QAEL6xxdQAm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:01 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641692161.015849,VS0,VE0
x-served-by
cache-hhn4080-HHN
x-cache
HIT
location
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=Ydo7_QAEL6xxdQAm
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ad
v.lkqd.net/ Frame 8961 		21 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692160607&rtv=1&thost=vnexpress.net
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
03f6337a092d2c6b8b1ce8bbbcb01feafac5b68d7f3a563c46ee491f301a0f37

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 09 Jan 2022 01:36:01 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3053
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692160607&rtv=1&thost=vnexpress.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:01 GMT
content-length
0
access-control-allow-origin
https://vnexpress.net
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:01 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 2C0C 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:01 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
status
accounts.google.com/gsi/ 		40 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=63695605483-uh3lvelqpb59s1tn5qh59ovbcuhfa54v.apps.googleusercontent.com&as=No%2BrFe6KfdDxZnmGPUZR2g
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.fxvjQx0JT_k.O/am=4iI/d=1/rs=AF0KOtUCngnykR-SPm5-NrWeb-JZpa_olA/m=gis_client_library
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf781a882f3348667f8fe59cc360e3860f30d0a601499936251c416dcbbef1bc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HFlvkcVuCEXb3SdJR3kj6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/cspreport
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-HFlvkcVuCEXb3SdJR3kj6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA-PCuo6IIBZUvejh9Mb6PO8pMMQAxMlQyr76JGMw7rTAT0yYhwBZ6MiyezOIw"
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022010405&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e0b586a1e0d50a2e85c7e2940785f302ec685e266b3d341ea9c1c54b8a120b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 01:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8677
x-xss-protection
0
syncframe
gum.criteo.com/ Frame A3D3 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=vnexpress.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.116.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
133be2ab152b1c9f408e9a597430361539cf3b8255a0a92f8a8a8a885e079702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2150
date
Sun, 09 Jan 2022 01:36:01 GMT
content-length
4161
strict-transport-security
max-age=31536000; preload;
jquery.3.2.1.min.js
s.vnecdn.net/vnexpress/restruct/j/v575/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.vnecdn.net/vnexpress/restruct/j/v575/jquery.3.2.1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.65.251.2 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
mx1.gatemail.vn
Software
/
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
2377casthcfpdd10bf7c7468e873e79ba2ad249
date
Sun, 09 Jan 2022 01:36:01 GMT
content-encoding
gzip
last-modified
Tue, 26 Nov 2019 07:22:26 GMT
etag
W/"5ddcd2b2-15283"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31622400
access-control-allow-credentials
true
expires
Tue, 10 Jan 2023 01:36:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010405.js?31063978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Jan 2022 01:36:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7CB9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Sat, 08 Jan 2022 23:05:15 GMT
expires
Sun, 08 Jan 2023 23:05:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9046
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame ADD2 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3723cec52f31b28d21f8576054b9ba4c2b2428a32276eefc57037a980a96bd72
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jYoZlxSG73lHH5JZ/fq71A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 09 Jan 2022 01:36:01 GMT
date
Sun, 09 Jan 2022 01:36:01 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-jYoZlxSG73lHH5JZ/fq71A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sid
mug.criteo.com/ Frame A3D3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=vnexpress.net&sn=ChromeSyncframe&so=0&topUrl=vnexpress.net&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=ETVEhXxnR2ZOMnZzZ3VFOWpYOEVZMnpDdmhPTTgzdGxtc0lYQXd4TnJuWkMyNXhZRWZ3a1dBTGFvM0hmZHFEcy9xRGgvN1VyRkJCK05ZdmMzMGphOTREUFMzN0VyNThKWG1kSmNRL2ZJVi9QU3Z3bjVETWR2L3pjWkVCd2...
430 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ETVEhXxnR2ZOMnZzZ3VFOWpYOEVZMnpDdmhPTTgzdGxtc0lYQXd4TnJuWkMyNXhZRWZ3a1dBTGFvM0hmZHFEcy9xRGgvN1VyRkJCK05ZdmMzMGphOTREUFMzN0VyNThKWG1kSmNRL2ZJVi9QU3Z3bjVETWR2L3pjWkVCd2drYk1nRjRyQUVuQWVEclRoWi9UdlplU2c5Zytac2RCNlJ3NjQybVdrN0h5ZVBQVk1SSzFqY1EwWUt5RkxpZHNZN0x4RVBoWHdPTEQrd0J6L253Z1c2QWZzV21LS1RXQWs2NTNtNUp1Zk81ZERZQktRdUJJaVJyby9GMTFFNXUrWFByclJSbjVRbnpYYWhDTzNrSmlqMVVJbXZNYks1dz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
379e934eb46b13d5a436e987c13c580a8d98197df846519277372c0d3d4a864f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:00 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3134
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:00 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=ETVEhXxnR2ZOMnZzZ3VFOWpYOEVZMnpDdmhPTTgzdGxtc0lYQXd4TnJuWkMyNXhZRWZ3a1dBTGFvM0hmZHFEcy9xRGgvN1VyRkJCK05ZdmMzMGphOTREUFMzN0VyNThKWG1kSmNRL2ZJVi9QU3Z3bjVETWR2L3pjWkVCd2drYk1nRjRyQUVuQWVEclRoWi9UdlplU2c5Zytac2RCNlJ3NjQybVdrN0h5ZVBQVk1SSzFqY1EwWUt5RkxpZHNZN0x4RVBoWHdPTEQrd0J6L253Z1c2QWZzV21LS1RXQWs2NTNtNUp1Zk81ZERZQktRdUJJaVJyby9GMTFFNXUrWFByclJSbjVRbnpYYWhDTzNrSmlqMVVJbXZNYks1dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1956
content-length
541
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame ADD2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022010405&jk=1481193655214018&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 100C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CkMcH-zvaYfXfGfHd7_UP6c6N2AfZtbXDZ5HsqpmYD7CQHxABIJmLvS9gu76cg9AKoAHMlpLkAsgBBakCLvmiMb7Mtj7gAgCoAwGYBACqBOoBT9DP-e13XLaMXAaJXFrTvTNEG7rKcFFD-rv4O-X6RMhf6x-4_crKPJLR0l2lrjjEjp2Ox70PiRzOjFOgaqNGt9ORCa2M9skACT-1gkEA5e2crKaCTkpQ0ga_Y8fBxVdhF04zVNjn_i4SWth7DT_8SuC_YfXmgdTfZwkbHE3nvO31kXTX6Y6i9bwEy_XuYnnjz7OmzfTnkPjLDEzDHqFwGbv4VBK4-fg14_oujC9xbkDu9KN5h91eINkhopl_g3NGkdOWh_YSIhpI8iA2Ds8vmSyBLpdGTTx1sVHboobcm6ounbStY9sJJ9YIwASXhorn8wPgBAGgBlSAB5zp7ZsBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMzNjQyMjcxMzA4Nzc0NTWACgPICwHYEwLQFQGYFgGAFwE&sigh=oFwT394_YfY&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&label=video_skip_shown&ad_mt=5213&acvw=sv%3D914%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D975,1200,1200,1600%26tos%3D5268,0,0,0,0%26mtos%3D5268,5268,5268,5268,5268%26amtos%3D0,0,0,0,0%26mcvt%3D5268%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5268%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1229%26pst%3D414%26dur%3D40007%26vmtime%3D5213%26is%3D275%26i0%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D5268,5268,5268,5268,5268%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D398%26femvt%3D0%26emc%3D30%26emuc%3D0%26emb%3D30,0,0,0,0%26avms%3Dexc%26qi%3D976240591%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26ptlt%3D8296%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5268%26ss0%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1641692155702&sdkv=h.3.494.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMTg5MTY1NzIzMzIMNTcwNTE3OTc4MjE1QNIBUiAQDyUAACBCKAE6B3Vua25vd25CB3Vua25vd25IlAVQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
pagead2.googlesyndication.com/bg/ Frame 7CB9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 18:05:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
27014
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13400
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Jan 2023 18:05:47 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11959793&_fw_gdpr=1&_fw_gdpr_consent=&schain=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:01 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692161140089-421
Expires
Sun, 09 Jan 2022 01:36:01 GMT
advast
ice.360yield.com/ 		27 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22330991&w=400&h=300&minduration={MINDURATION}&maxduration={MAXDURATION}&player_width=400&player_height=225&referrer=https%3A%2F%2Fvnexpress.net%2F&vast_version={VAST_VERSION}&vpaid_version={VPAID_VERSION}&video_format_type={VIDEO_TYPE}
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.243.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-243-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:01 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo
ads.adaptv.advertising.com/a/h/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo?cb=242878938&gdpr=1&gdpr_consent=&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=https%3A%2F%2Fvnexpress.net%2F&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.100.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
0c2a8b1d54a7f735594e13c87f20792f8c66ae341ac5c110c5448ddee5d1b6d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
926
expires
0
t
t.lkqd.net/ Frame 2C0C 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:01 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:01 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
generate_204
tpc.googlesyndication.com/ Frame 7CB9 		0
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:01 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:01 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 2C0C 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:01 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 2C0C 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:01 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022010405&jk=1481193655214018&bg=!dnWldTHNAAbDtiZlw7Y7ACkAdvg8Wpt4Z3RtlYUs5bLU11yCRPnQgS7WCmtdU56l0Alvk3CBpMKTdwIAAABiUgAAAApoAQcKAAYSbukMMsGZAnJPGCt3tZ4IReC8IjeooWujr8JQJG0jsaZvsvv-l9rRjyXTAqB49b-Gbwc8FtYKkoJUeMGd-oUI58JTUn5l-04qMJ96hWKr6cfAchoCe2gUl2Dc_IiQSHEvAx8RpCMpGe97sGSvdLHNy9EF2LsGh_FMfaNE4tR2RACxOXzQBvN9rnsTQkh1X6amIdkHZtbpt4cl1nMekqJb1HDOGnbHfZkaCdj9zVSthnMQQG1EMh5lp-9ni1HERSvtGoaP-hTp3mN6t3XTB45zdLux56o3-Vd3hJhSaAUGADMu4mLZDRNao1vDIkr88zbVMz-06PJSJ89aJlqg93Py7u-433NQ7FUQrIAfQ16xP1b1NDUNOX438-lVBFtCUDH938zQxBN8QvQkF1jFrYIQo7tAREuPApleCmQxTsvzbdcrdHIFejx2jbELRLMOI7jR09MHaRpOzWmkL61GCsz2XKzjFUg-z8fhiKJUjObbg6vHVxndjaIuX1wZdz8JFlO8OICJ0ft3vIOlk3MU4kvipaZue4ZxcBfMCTI1jZqi1bKq-2scKOmJW-C1BxzQQd0zFIwPXXuEksgHPAqfTc2lRWhPYcLxpwhvDCrFGG7HVMgvPL8bvVNd2GaO9rQ2bMyuZ4Lz1uo_0NezP98D-iTr-31o19r7sCBlPZ9zTZBU3NKcq_MGZLRR5vXVTIoonHcdZvGg0dgOu9I3RW0M-jmtQIUmXyLlLcDberB-LG_-94eWjGvGnPb9dbs6aCf1K-4O8Lhz_WOWY0Juu-lxXmJNW_Vcmte95o43As1rdto2U2rbuoVsCumyIs_IpPF-mvFq_MNoZ4l2eJG9tA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bad.js
core.polyad.net/ 		272 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://core.polyad.net/bad.js
Requested by
Host: s.vnecdn.net
URL: https://s.vnecdn.net/vnexpress/restruct/j/v575/jquery.3.2.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.248.229 Ho Chi Minh City, Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
cache_polyad_hcm_249_10 /
Resource Hash
edbb94901d3cec29434d8f6437a16a07a545c54c27cbb2e90a4f8c9dfff946db

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-proxy
1377casthnfpdd10bf7c7468e873e79ba2ad242
date
Sun, 09 Jan 2022 01:36:03 GMT
content-encoding
gzip
last-modified
Thu, 14 Nov 2019 09:38:26 GMT
server
cache_polyad_hcm_249_10
etag
W/"72c42544cf9ad51:b5e"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
x-status
HIT
expires
Mon, 10 Jan 2022 01:36:03 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Jan 2022 01:36:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36046&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.95&cb=35561173564&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5d81ecbe28a0617fd145654a%7C617aaee6e722602893160f68&pid=5d81ec9228a0610a0033fe67%7C59918a0e073ef4782e4e347f&cid=5d81ed7928a06164620898f0%7C5d81ec9a28a061267a37a9bf&h=875f9e23eec7c35ecd495e0cae2905778c116a23&d9=1000&ad=40&vi=100&ofpr=5&imid=1c94aa83371e1b416d7a1cda7e0a292e_1723151148_3388869&e=sec10&vi=100&d1=vpaid&fv=3&cb=1641692155007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 100C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CkMcH-zvaYfXfGfHd7_UP6c6N2AfZtbXDZ5HsqpmYD7CQHxABIJmLvS9gu76cg9AKoAHMlpLkAsgBBakCLvmiMb7Mtj7gAgCoAwGYBACqBOoBT9DP-e13XLaMXAaJXFrTvTNEG7rKcFFD-rv4O-X6RMhf6x-4_crKPJLR0l2lrjjEjp2Ox70PiRzOjFOgaqNGt9ORCa2M9skACT-1gkEA5e2crKaCTkpQ0ga_Y8fBxVdhF04zVNjn_i4SWth7DT_8SuC_YfXmgdTfZwkbHE3nvO31kXTX6Y6i9bwEy_XuYnnjz7OmzfTnkPjLDEzDHqFwGbv4VBK4-fg14_oujC9xbkDu9KN5h91eINkhopl_g3NGkdOWh_YSIhpI8iA2Ds8vmSyBLpdGTTx1sVHboobcm6ounbStY9sJJ9YIwASXhorn8wPgBAGgBlSAB5zp7ZsBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMzNjQyMjcxMzA4Nzc0NTWACgPICwHYEwLQFQGYFgGAFwE&sigh=oFwT394_YfY&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&label=videoplaytime25&ad_mt=10214&acvw=sv%3D914%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D10268,0,0,0,0%26mtos%3D10268,10268,10268,10268,10268%26amtos%3D0,0,0,0,0%26mcvt%3D10268%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D10268%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2231%26pst%3D414%26dur%3D40007%26vmtime%3D10213%26dtos%3D8248%26dtoss%3D2%26dvs%3D8248%26dfvs%3D8248%26dvpt%3D8248%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D10268,10268,10268,10268,10268%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D398%26femvt%3D0%26emc%3D54%26emuc%3D0%26emb%3D54,0,0,0,0%26avms%3Dexc%26qi%3D976240591%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D13297%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10268&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1641692155702&sdkv=h.3.494.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUyMTg5MTY1NzIzMzIMNTcwNTE3OTc4MjE1QNIBUiAQDyUAACBCKAE6B3Vua25vd25CB3Vua25vd25IlAVQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aclk
www.googleadservices.com/pagead/ Frame 100C
Redirect Chain
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=C1BvD-zvaYfXfGfHd7_UP6c6N2AfZtbXDZ5HsqpmYD7CQHxABIJmLvS9gu76cg9AKoAHMlpLkAsgBBakCLvmiMb7Mtj7gAgCoAwGYBACqBO0BT9DP-e13XLaMXAaJXFrTvTNEG7rKcFFD-rv4O-X...
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=C53bY-zvaYfXfGfHd7_UP6c6N2AfZtbXDZ5HsqpmYD7CQHxABIJmLvS9gu76cg9AKoAHMlpLkAsgBBakCLvmiMb7Mtj7gAgCoAwGYBACqBO0BT9DP-e13XLaMXAaJXFrTvTNEG7rKcFFD-rv...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/aclk?sa=L&ai=C53bY-zvaYfXfGfHd7_UP6c6N2AfZtbXDZ5HsqpmYD7CQHxABIJmLvS9gu76cg9AKoAHMlpLkAsgBBakCLvmiMb7Mtj7gAgCoAwGYBACqBO0BT9DP-e13XLaMXAaJXFrTvTNEG7rKcFFD-rv4O-X6RMhf6x-4_crKPJLR0l2lrjjEjp2Ox70PiRzOjFOgaqNGt9ORCa2M9skACT-1gkEA5e2crKaCTkpQ0ga_Y8fBxVdhF04zVNjn_i4SWth7DT_8SuC_YfXmgdTfZwkbHE3nvO31kXTX6Y6i9bwEy_XuYnnjz7OmzfTnkPjLDEzDHqFwGbv4VBK4-fg14_oujC9xbkDu9KN5h91eINkhopl_g3MekBGujKygA4jjLrES5F5RI8rsnFlkUjbJu3_DUS0i9hjqA6GBe3LwrvLinwqhwASXhorn8wPgBAHABW6gBlSAB5zp7ZsBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMzNjQyMjcxMzA4Nzc0NTWaCRlodHRwczovL3Zpb2xpZmVmb29kcy5jb20vsQl-hJzE3_KVjIAKA5gLAcgLAdALD7gMAdgTAtAVAZgWAYAXAQ&num=1&client=ca-pub-4083612996934505&ctype=110&label=video_10s_engaged_view&ad_mt=10214&acvw=sv%3D914%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D975,1200,1200,1600%26p1%3D975,1200,1200,1600%26tos%3D10270,0,0,0,0%26mtos%3D10270,10270,10270,10270,10270%26amtos%3D0,0,0,0,0%26mtos1%3D10268,0,0%26mcvt%3D10270%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10270%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2233%26pst%3D414%26dur%3D40007%26vmtime%3D10213%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D2,2,2,2,2%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D398%26femvt%3D0%26emc%3D54%26emuc%3D0%26emb%3D54,0,0,0,0%26avms%3Dexc%26qi%3D976240591%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D13299%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10270%26ss0%3D0.04%26ss1%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1641692155702&cid=CAQSKQCNIrLMuDPT6x42Ah5o0B_oj0fXJnD26m5aGkASXJx-BkIG9-BtflGG&dblrd=1&val=ChAyMmFiYzRlODE4Y2QwMGRkEPb36I4GGgiJQ4aiEbaRNCABKAE&sig=AOD64_3BiH-QObbJOxrfVq9EumpYVtj3bQ&adurl=https://violifefoods.com/%3Futm_source%3Dyoutube%26utm_medium%3Dpaid%26utm_campaign%3Dcyc-40secvideo
Protocol
H2
Server
172.217.16.130 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:06 GMT
x-content-type-options
nosniff
server
adclick_server
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.googleadservices.com/pagead/aclk?sa=L&ai=C53bY-zvaYfXfGfHd7_UP6c6N2AfZtbXDZ5HsqpmYD7CQHxABIJmLvS9gu76cg9AKoAHMlpLkAsgBBakCLvmiMb7Mtj7gAgCoAwGYBACqBO0BT9DP-e13XLaMXAaJXFrTvTNEG7rKcFFD-rv4O-X6RMhf6x-4_crKPJLR0l2lrjjEjp2Ox70PiRzOjFOgaqNGt9ORCa2M9skACT-1gkEA5e2crKaCTkpQ0ga_Y8fBxVdhF04zVNjn_i4SWth7DT_8SuC_YfXmgdTfZwkbHE3nvO31kXTX6Y6i9bwEy_XuYnnjz7OmzfTnkPjLDEzDHqFwGbv4VBK4-fg14_oujC9xbkDu9KN5h91eINkhopl_g3MekBGujKygA4jjLrES5F5RI8rsnFlkUjbJu3_DUS0i9hjqA6GBe3LwrvLinwqhwASXhorn8wPgBAHABW6gBlSAB5zp7ZsBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMzNjQyMjcxMzA4Nzc0NTWaCRlodHRwczovL3Zpb2xpZmVmb29kcy5jb20vsQl-hJzE3_KVjIAKA5gLAcgLAdALD7gMAdgTAtAVAZgWAYAXAQ&num=1&client=ca-pub-4083612996934505&ctype=110&label=video_10s_engaged_view&ad_mt=10214&acvw=sv%3D914%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D975,1200,1200,1600%26p1%3D975,1200,1200,1600%26tos%3D10270,0,0,0,0%26mtos%3D10270,10270,10270,10270,10270%26amtos%3D0,0,0,0,0%26mtos1%3D10268,0,0%26mcvt%3D10270%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10270%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2233%26pst%3D414%26dur%3D40007%26vmtime%3D10213%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D2,2,2,2,2%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D398%26femvt%3D0%26emc%3D54%26emuc%3D0%26emb%3D54,0,0,0,0%26avms%3Dexc%26qi%3D976240591%26psm%3D-2147481601%26psv%3D-2147481601%26psfv%3D-2147481601%26psa%3D0%26ptlt%3D13299%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10270%26ss0%3D0.04%26ss1%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1641692155702&cid=CAQSKQCNIrLMuDPT6x42Ah5o0B_oj0fXJnD26m5aGkASXJx-BkIG9-BtflGG&dblrd=1&val=ChAyMmFiYzRlODE4Y2QwMGRkEPb36I4GGgiJQ4aiEbaRNCABKAE&sig=AOD64_3BiH-QObbJOxrfVq9EumpYVtj3bQ&adurl=https://violifefoods.com/%3Futm_source%3Dyoutube%26utm_medium%3Dpaid%26utm_campaign%3Dcyc-40secvideo
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
watchtime
s.youtube.com/api/stats/ Frame 100C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.214&rtn=20.000&ns=yt&fexp=44750604%2C44754420&el=adunit&cpn=eDNaRUvBEmi5IX3g&docid=kilMgJ3rHUE&ver=2&cmt=10.214&fmt=18&rt=10.000&adformat=2_2_1&euri=https%3A%2F%2Fvnexpress.net%2F&len=40.008&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=97.0.4692.71&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::64 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=36046&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.95&cb=35561173564&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5d81ecbe28a0617fd145654a%7C617aaee6e722602893160f68&pid=5d81ec9228a0610a0033fe67%7C59918a0e073ef4782e4e347f&cid=5d81ed7928a06164620898f0%7C5d81ec9a28a061267a37a9bf&h=875f9e23eec7c35ecd495e0cae2905778c116a23&d9=1000&ad=40&vi=100&ofpr=5&imid=1c94aa83371e1b416d7a1cda7e0a292e_1723151148_3388869&e=firstQuartile&ad=40&vi=100&d1=vpaid&fv=3&stk=1&cb=1641692155007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
12472193
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/12472193?series=575892314681412188&_fw_gdpr=0&_fw_gdpr_consent=&cbb=1692167281
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0ba149f219cf9ff7e18d3b325711ff531179683e7d27604de4da294f1a8cf5c7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:07 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1142
x-sticky-vk
1641692167198015-344
Expires
Sun, 09 Jan 2022 01:36:07 GMT
ad
v.lkqd.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692167281
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
6d784f9717f65a94d63447a1e7274df10dc0e3e31563355c2a65b202527232e6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:07 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1316
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=request&cb=1641692167281&asid=5f8fa1ee713056439365ef64%2C5fb766e909e8a7781132bf27%2C5fed564af85e674fd7743e89%2C61bb0d65cc98767fac45f024%2C605424ee9b78ee5fe94060a9%2C5f0d606459839f7d1d016397&ofpr=%2C3%2C3%2C3%2C1%2C&fpo=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
mvo
tag.1rx.io/rmp/211377/0/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:36:07 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cPJapwk1ur64knaKlId8sQ
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
642c8ffa9bf64300db57a5174b2af2cf9a61a43a8240e775b4964437ca445e50

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Jan 2022 01:36:07 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
c
prebid.a-mo.net/a/ 		0
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:06 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
93
vary
origin, Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sun, 09 Jan 2022 01:36:07 GMT
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
unruly_prebid
targeting.unrulymedia.com/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:36:07 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
dc_oe=ChMIpued7MOj9QIVWEUbCh0Rdw3xEAAYACDR3pJNQhMIt9va68Oj9QIVieW7CB0aKgAU;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,253,264,709%26tos%3D14902,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame 75DA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpued7MOj9QIVWEUbCh0Rdw3xEAAYACDR3pJNQhMIt9va68Oj9QIVieW7CB0aKgAU;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,253,264,709%26tos%3D14902,0,0,0,0%26mtos%3D14902,14902,14902,14902,14902%26amtos%3D0,0,0,0,0%26mcvt%3D14902%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15062%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D51%26pst%3D1%26dur%3D30293%26vmtime%3D15073%26dtos%3D7533%26dtoss%3D3%26dvs%3D7533%26dfvs%3D7533%26dvpt%3D7533%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D7533,7533,7533,7533,7533%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D531702911%26psm%3D65535%26psv%3D65534%26psfv%3D65534%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,14902;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1641692152466;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 75DA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHLtC9jvaYbeIIYnL7_UPmtSAoAGIwsnTZ7uU3_n4DqGvjMiuJxABIMfHnyNgu76cg9AKoAHQtvqqAcgBBagDAcgDmwSqBN8BT9Ad_INpEk7u0V2WD5ry-nlRbNa5nd0YXdtzUo4_BYQf_inJBOof2FKKDLRyj8DO64Ytn1f9rUU2f4Q3tOd5ixJtSMSwG7YErJFBECvJl5RLjRKF_dXNov8Dkp66qLPMRlOSBk-dGoIiV03hgUcmyp-VgppYzSdu6QuRxjgYF7ed2Dsu0LpgibQRyCZnfjiDfJAsBqg20xdpY1bnVa1M4lVGnH_OzBM_WCltM4q1KUNZDKpb9RJ3MAYpDAlV5pVm-tfcXau5quJ8_n-EodW9-r_aEIkgDXxM2NTw9AQkksAErt7xnNwD4AQDkAYBoAZOgAeYyYXVAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YBwEAEYHYAKA5gLAcgLAYAMAbATuZHnDdATANgTA4gUSdgUAdAVAYAXAQ&sigh=XA8VBGFDUBU&label=videoplaytime50&ad_mt=15074&acvw=sv%3D20211103%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,253,264,709%26tos%3D14902,0,0,0,0%26mtos%3D14902,14902,14902,14902,14902%26amtos%3D0,0,0,0,0%26mcvt%3D14902%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15062%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D51%26pst%3D1%26dur%3D30293%26vmtime%3D15073%26dtos%3D7533%26dtoss%3D3%26dvs%3D7533%26dfvs%3D7533%26dvpt%3D7533%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D7533,7533,7533,7533,7533%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D531702911%26psm%3D65535%26psv%3D65534%26psfv%3D65534%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,14902&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1641692152466
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=bid&cb=1641692167653&asid=5f8fa1ee713056439365ef64%2C5f0d606459839f7d1d016397&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame EC30 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
27dcee15a9acc3029997d34b74dc1aeff9f9a577eea3ce15f45e2557ee5bc2d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop130.am5.t,1641692153.cds134.am5.shn,1641692153.dop130.am5.t,1641692167.cds152.am5.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116210
vpaid.js
ad.lkqd.net/vpaid/ Frame 1FA8 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:07 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1641692167.cds057.am5.hn,1641692167.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame EC30 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1641692167754
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:07 GMT
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop143.am5.t,1641692167.cds233.am5.shn,1641692167.cds233.am5.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
auto-user-sync
ads.stickyadstv.com/ Frame EC30 		0
0
freewheel
um.simpli.fi/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Protocol
H2
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:07 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 08 Jan 2022 01:36:07 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:07 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1641692167673033-341
Expires
Sun, 09 Jan 2022 01:36:07 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame EC30 		59 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=12472193&loc=https%3A%2F%2Fvnexpress.net%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:07 GMT
Server
nginx
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
59
x-sticky-vk
1641692167354085-348
Expires
Sun, 09 Jan 2022 01:36:07 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame EC30 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12472193&_fw_gdpr=0&cbb=1692167281&series=575892314681412188&_fw_gdpr_consent=&vav=acfe7580a2514b9b510d1772257ed921&vaviv=a2e1fb0f98f009e4e4b050ed5550b63b&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.2.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fvnexpress.net%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:07 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692167733023-363
Expires
Sun, 09 Jan 2022 01:36:07 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame DB16 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

date
Sun, 09 Jan 2022 01:36:07 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1641692167.cds057.am5.hn,1641692167.cds257.am5.c
access-control-allow-origin
*
cm
p.rfihub.com/ Frame DB16 		42 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
198.8.71.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:08 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
lkq
match.prod.bidr.io/cookie-sync/ Frame DB16 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/lkq
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:08 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame DB16 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:07 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieSyncLKQD
rtb.adentifi.com/ Frame DB16 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.119.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-119-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
/
loadm.exelator.com/load/ Frame DB16
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
  • https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&g...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
  • https://tags.bluekai.com/site/5379?id=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
  • https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
0
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:09 GMT
server
Apache-Coyote/1.1
location
https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
ad
v.lkqd.net/ Frame 1FA8 		21 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692167281&rtv=1&thost=vnexpress.net
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
6d8c41224ea4b28da2a3ef57a06babc47399499da909fd3e4836438daba03938

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 09 Jan 2022 01:36:08 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3052
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692167281&rtv=1&thost=vnexpress.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:08 GMT
content-length
0
access-control-allow-origin
https://vnexpress.net
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
t
t.lkqd.net/ Frame 68B9 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:08 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:08 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11959793&_fw_gdpr=1&_fw_gdpr_consent=&schain=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:08 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692168208035-371
Expires
Sun, 09 Jan 2022 01:36:08 GMT
advast
ice.360yield.com/ 		27 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22330991&w=400&h=300&minduration={MINDURATION}&maxduration={MAXDURATION}&player_width=400&player_height=225&referrer=https%3A%2F%2Fvnexpress.net%2F&vast_version={VAST_VERSION}&vpaid_version={VPAID_VERSION}&video_format_type={VIDEO_TYPE}
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.243.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-243-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:08 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo
ads.adaptv.advertising.com/a/h/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo?cb=914490388&gdpr=1&gdpr_consent=&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=https%3A%2F%2Fvnexpress.net%2F&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.100.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
c36e119978f2d615ab449c7d16381c76f7236738d1a091408ec3e4f87617dada
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
927
expires
0
t
t.lkqd.net/ Frame 68B9 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:08 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:08 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:08 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:08 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 68B9 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:08 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 68B9 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:08 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sun, 09 Jan 2022 01:36:09 GMT
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
12472193
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/12472193?series=575892314681412188&_fw_gdpr=0&_fw_gdpr_consent=&cbb=1692169038
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
422bbb63dc62f98cb3c5592b4d68391751eb886296bff80bd279400db421c2a6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:09 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1142
x-sticky-vk
1641692168675080-408
Expires
Sun, 09 Jan 2022 01:36:09 GMT
ad
v.lkqd.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692169038
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
013166993ddc7f823b1d76aac410c99dd2595d87308053dd23cd934910dd19f4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:09 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1319
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=request&cb=1641692169038&asid=5f8fa1ee713056439365ef64%2C5fed564af85e674fd7743e89%2C5fb766e909e8a7781132bf27%2C605424ee9b78ee5fe94060a9%2C61bb0d65cc98767fac45f024%2C5f0d606459839f7d1d016397&ofpr=%2C3%2C3%2C1%2C3%2C&fpo=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cPJapwk1ur64knaKlId8sQ
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
5eed32e4eeeeca25b2ab80e769cb305b92c48082015aafc0f15fbdbfaea1ce14

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Jan 2022 01:36:09 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
mvo
tag.1rx.io/rmp/211377/0/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:36:09 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
c
prebid.a-mo.net/a/ 		0
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:08 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
81
vary
origin, Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:36:09 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=bid&cb=1641692169247&asid=5f8fa1ee713056439365ef64%2C5f0d606459839f7d1d016397&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 2BB0 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
27dcee15a9acc3029997d34b74dc1aeff9f9a577eea3ce15f45e2557ee5bc2d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop130.am5.t,1641692153.cds134.am5.shn,1641692153.dop130.am5.t,1641692169.cds152.am5.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116210
vpaid.js
ad.lkqd.net/vpaid/ Frame 6856 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:09 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1641692169.cds057.am5.hn,1641692169.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 2BB0 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1641692169349
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:09 GMT
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop143.am5.t,1641692169.cds233.am5.shn,1641692169.cds233.am5.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
freewheel
um.simpli.fi/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Protocol
H2
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 08 Jan 2022 01:36:09 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:09 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1641692168883091-398
Expires
Sun, 09 Jan 2022 01:36:09 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 2BB0 		59 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=12472193&loc=https%3A%2F%2Fvnexpress.net%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:09 GMT
Server
nginx
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
59
x-sticky-vk
1641692169037061-366
Expires
Sun, 09 Jan 2022 01:36:09 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 2BB0 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12472193&_fw_gdpr=0&cbb=1692169038&series=575892314681412188&_fw_gdpr_consent=&vav=df6cfa4e50dd348f8d73cc13ca2c53fb&vaviv=0821a5d8e3c2f09c764931587fb40a63&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.2.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fvnexpress.net%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:09 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692168911091-392
Expires
Sun, 09 Jan 2022 01:36:09 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 5310 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

date
Sun, 09 Jan 2022 01:36:09 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1641692169.cds057.am5.hn,1641692169.cds257.am5.c
access-control-allow-origin
*
cm
p.rfihub.com/ Frame 5310 		42 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
198.8.71.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:09 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
lkq
match.prod.bidr.io/cookie-sync/ Frame 5310 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/lkq
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:09 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame 5310 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:09 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieSyncLKQD
rtb.adentifi.com/ Frame 5310 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.119.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-119-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
/
loadm.exelator.com/load/ Frame 5310
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
  • https://tags.bluekai.com/site/5379?id=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
  • https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
0
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:10 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:10 GMT
server
Apache-Coyote/1.1
location
https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Jan 2022 01:36:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ad
v.lkqd.net/ Frame 6856 		21 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692169038&rtv=1&thost=vnexpress.net
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
7c321a9139179e98a8545127582864cfd8828d402fc0ed51aeb743f024ad64f0

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 09 Jan 2022 01:36:09 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3054
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692169038&rtv=1&thost=vnexpress.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:09 GMT
content-length
0
access-control-allow-origin
https://vnexpress.net
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
t
t.lkqd.net/ Frame AA3B 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:09 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:09 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11959793&_fw_gdpr=1&_fw_gdpr_consent=&schain=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:09 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692169885011-361
Expires
Sun, 09 Jan 2022 01:36:09 GMT
advast
ice.360yield.com/ 		27 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22330991&w=400&h=300&minduration={MINDURATION}&maxduration={MAXDURATION}&player_width=400&player_height=225&referrer=https%3A%2F%2Fvnexpress.net%2F&vast_version={VAST_VERSION}&vpaid_version={VPAID_VERSION}&video_format_type={VIDEO_TYPE}
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.243.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-243-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:09 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo
ads.adaptv.advertising.com/a/h/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo?cb=990432396&gdpr=1&gdpr_consent=&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=https%3A%2F%2Fvnexpress.net%2F&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.100.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
5e81b17c55c9cfb05b562d73431f0832b2d96a4845ecfee7099a5236c63c2a49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
925
expires
0
t
t.lkqd.net/ Frame AA3B 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:10 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:10 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:10 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:10 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame AA3B 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:10 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame AA3B 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:10 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sun, 09 Jan 2022 01:36:10 GMT
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
12472193
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/12472193?series=575892314681412188&_fw_gdpr=0&_fw_gdpr_consent=&cbb=1692170533
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0ff7df407f729aee92fa7e834d8bc6506a925f72bbc9879427c76c90ed085b70

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:10 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1142
x-sticky-vk
1641692170665047-416
Expires
Sun, 09 Jan 2022 01:36:10 GMT
ad
v.lkqd.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692170533
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
be7a22cea78af05f06b9b9533e397f23a0853c15d74591df9c53a88171bfabab

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:10 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1316
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=request&cb=1641692170534&asid=5f8fa1ee713056439365ef64%2C5fed564af85e674fd7743e89%2C5fb766e909e8a7781132bf27%2C605424ee9b78ee5fe94060a9%2C5f0d606459839f7d1d016397%2C61bb0d65cc98767fac45f024&ofpr=%2C3%2C3%2C1%2C%2C3&fpo=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:10 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
c
prebid.a-mo.net/a/ 		0
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:10 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
277
vary
origin, Accept-Encoding
mvo
tag.1rx.io/rmp/211377/0/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:36:10 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
unruly_prebid
targeting.unrulymedia.com/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:36:10 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cPJapwk1ur64knaKlId8sQ
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
92e3bca3ca1e9e013c6a192d139664dc2536ccd22600cc99e42632c8726854d8

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Jan 2022 01:36:10 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=bid&cb=1641692170946&asid=5f0d606459839f7d1d016397%2C5f8fa1ee713056439365ef64&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:11 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 33DA 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
27dcee15a9acc3029997d34b74dc1aeff9f9a577eea3ce15f45e2557ee5bc2d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop130.am5.t,1641692153.cds134.am5.shn,1641692153.dop130.am5.t,1641692170.cds152.am5.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116210
vpaid.js
ad.lkqd.net/vpaid/ Frame 2A9A 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:10 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1641692170.cds057.am5.hn,1641692170.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 33DA 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1641692171045
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:11 GMT
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop143.am5.t,1641692171.cds233.am5.shn,1641692171.cds233.am5.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
freewheel
um.simpli.fi/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Protocol
H2
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 08 Jan 2022 01:36:11 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:11 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1641692170884044-363
Expires
Sun, 09 Jan 2022 01:36:11 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 33DA 		59 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=12472193&loc=https%3A%2F%2Fvnexpress.net%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:11 GMT
Server
nginx
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
59
x-sticky-vk
1641692170678082-370
Expires
Sun, 09 Jan 2022 01:36:11 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 33DA 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12472193&_fw_gdpr=0&cbb=1692170533&series=575892314681412188&_fw_gdpr_consent=&vav=84311bd49f90d5e39f7e0ce377b77208&vaviv=b85c8c266c3dc81fbb00017c6b0f8ddc&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.2.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fvnexpress.net%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:11 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692170910040-378
Expires
Sun, 09 Jan 2022 01:36:11 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame B64D 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

date
Sun, 09 Jan 2022 01:36:11 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1641692171.cds057.am5.hn,1641692171.cds257.am5.c
access-control-allow-origin
*
cm
p.rfihub.com/ Frame B64D 		42 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
198.8.71.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:11 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
lkq
match.prod.bidr.io/cookie-sync/ Frame B64D 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/lkq
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:11 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame B64D 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:11 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieSyncLKQD
rtb.adentifi.com/ Frame B64D 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.119.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-119-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
/
loadm.exelator.com/load/ Frame B64D
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
  • https://tags.bluekai.com/site/5379?id=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
  • https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
0
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:11 GMT
server
Apache-Coyote/1.1
location
https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
ad
v.lkqd.net/ Frame 2A9A 		21 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692170533&rtv=1&thost=vnexpress.net
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
9a0c928280cd64d6142a774255558cce48908f6b1ff7ddd6cd856ab5ee5453c9

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 09 Jan 2022 01:36:11 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3049
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692170533&rtv=1&thost=vnexpress.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:11 GMT
content-length
0
access-control-allow-origin
https://vnexpress.net
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
t
t.lkqd.net/ Frame A743 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:11 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:11 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11959793&_fw_gdpr=1&_fw_gdpr_consent=&schain=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:11 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692171010099-365
Expires
Sun, 09 Jan 2022 01:36:11 GMT
advast
ice.360yield.com/ 		27 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22330991&w=400&h=300&minduration={MINDURATION}&maxduration={MAXDURATION}&player_width=400&player_height=225&referrer=https%3A%2F%2Fvnexpress.net%2F&vast_version={VAST_VERSION}&vpaid_version={VPAID_VERSION}&video_format_type={VIDEO_TYPE}
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.243.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-243-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:11 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo
ads.adaptv.advertising.com/a/h/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo?cb=76041967&gdpr=1&gdpr_consent=&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=https%3A%2F%2Fvnexpress.net%2F&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.100.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
33b5594ae14a65751a8c4775e98e7b2a72896cff5b7782f55aa2e56152a780fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
925
expires
0
t
t.lkqd.net/ Frame A743 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:11 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:11 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:11 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:11 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame A743 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:11 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame A743 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:11 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sun, 09 Jan 2022 01:36:12 GMT
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
12472193
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/12472193?series=575892314681412188&_fw_gdpr=0&_fw_gdpr_consent=&cbb=1692172128
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f2fc95534dd01bed2f9f6e50f804809a996b4a2da23d253bcdf0a812f50afbf3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:12 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1142
x-sticky-vk
1641692172123010-373
Expires
Sun, 09 Jan 2022 01:36:12 GMT
ad
v.lkqd.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692172129
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
d341b5440a49bc56d6cf5539553b52c40348fc0a6604080d5d542f8ecdfcc020

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:12 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1319
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=request&cb=1641692172129&asid=5f8fa1ee713056439365ef64%2C5fed564af85e674fd7743e89%2C5fb766e909e8a7781132bf27%2C5f0d606459839f7d1d016397%2C605424ee9b78ee5fe94060a9%2C61bb0d65cc98767fac45f024&ofpr=%2C3%2C3%2C%2C1%2C3&fpo=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hb
ssc.33across.com/api/v1/ 		65 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cPJapwk1ur64knaKlId8sQ
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0484b45a990c2dbfacd2cea8256a4fc48f0193c41d1889badeee7a98f3f5d34c

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Jan 2022 01:36:12 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
mvo
tag.1rx.io/rmp/211377/0/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:36:12 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
unruly_prebid
targeting.unrulymedia.com/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:36:12 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
c
prebid.a-mo.net/a/ 		0
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:11 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
181
vary
origin, Accept-Encoding
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=bid&cb=1641692172436&asid=5f8fa1ee713056439365ef64%2C5f0d606459839f7d1d016397&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame A7BE 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
27dcee15a9acc3029997d34b74dc1aeff9f9a577eea3ce15f45e2557ee5bc2d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop130.am5.t,1641692153.cds134.am5.shn,1641692153.dop130.am5.t,1641692172.cds152.am5.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116210
vpaid.js
ad.lkqd.net/vpaid/ Frame A203 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:12 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1641692172.cds057.am5.hn,1641692172.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame A7BE 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1641692172549
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:12 GMT
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop143.am5.t,1641692172.cds233.am5.shn,1641692172.cds233.am5.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
freewheel
um.simpli.fi/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Protocol
H2
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 08 Jan 2022 01:36:12 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:12 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1641692172555014-409
Expires
Sun, 09 Jan 2022 01:36:12 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame A7BE 		59 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=12472193&loc=https%3A%2F%2Fvnexpress.net%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:12 GMT
Server
nginx
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
59
x-sticky-vk
1641692172469027-359
Expires
Sun, 09 Jan 2022 01:36:12 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame A7BE 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12472193&_fw_gdpr=0&cbb=1692172128&series=575892314681412188&_fw_gdpr_consent=&vav=7dd2032a7b5162c2becf094ae793714d&vaviv=af4d9ae0ccdb6e07fb07784ad45617be&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.2.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fvnexpress.net%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:12 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692172479027-376
Expires
Sun, 09 Jan 2022 01:36:12 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 05ED 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

date
Sun, 09 Jan 2022 01:36:12 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1641692172.cds057.am5.hn,1641692172.cds257.am5.c
access-control-allow-origin
*
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Jan 2022 01:36:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cm
p.rfihub.com/ Frame 05ED 		42 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
198.8.71.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:12 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
lkq
match.prod.bidr.io/cookie-sync/ Frame 05ED 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/lkq
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:12 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame 05ED 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:12 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieSyncLKQD
rtb.adentifi.com/ Frame 05ED 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.119.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-119-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
/
loadm.exelator.com/load/ Frame 05ED
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
  • https://tags.bluekai.com/site/5379?id=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
  • https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
0
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:13 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:13 GMT
server
Apache-Coyote/1.1
location
https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
ad
v.lkqd.net/ Frame A203 		21 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692172129&rtv=1&thost=vnexpress.net
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a4d3bc308e21c549703742e61546501ded1f57e3de7ef8a23314bc2d2cfc5f2f

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 09 Jan 2022 01:36:13 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3357
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692172129&rtv=1&thost=vnexpress.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:12 GMT
content-length
0
access-control-allow-origin
https://vnexpress.net
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
t
t.lkqd.net/ Frame 1F9E 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:12 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:12 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11959793&_fw_gdpr=1&_fw_gdpr_consent=&schain=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:13 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692173184012-537
Expires
Sun, 09 Jan 2022 01:36:13 GMT
advast
ice.360yield.com/ 		27 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22330991&w=400&h=300&minduration={MINDURATION}&maxduration={MAXDURATION}&player_width=400&player_height=225&referrer=https%3A%2F%2Fvnexpress.net%2F&vast_version={VAST_VERSION}&vpaid_version={VPAID_VERSION}&video_format_type={VIDEO_TYPE}
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.243.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-243-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:13 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo
ads.adaptv.advertising.com/a/h/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo?cb=272552303&gdpr=1&gdpr_consent=&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=https%3A%2F%2Fvnexpress.net%2F&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.100.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
888215dc0ea744795a8fc73cbbd26e044e85f9728197473632948df95d73077d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
926
expires
0
t
t.lkqd.net/ Frame 1F9E 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:13 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:13 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:13 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:13 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 1F9E 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:13 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 1F9E 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:13 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sun, 09 Jan 2022 01:36:13 GMT
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
12472193
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/12472193?series=575892314681412188&_fw_gdpr=0&_fw_gdpr_consent=&cbb=1692173899
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
381e09f0842b2d487bd60cb27e50a68a9aac51a21892cd66b0d960302c6b7a07

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:13 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1142
x-sticky-vk
1641692173505080-357
Expires
Sun, 09 Jan 2022 01:36:13 GMT
ad
v.lkqd.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692173899
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
14abf807c0638a3ad9d1940fd44c2fcbd4545f37bfefa85656b90a1d4b020054

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:13 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1319
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=request&cb=1641692173900&asid=5f8fa1ee713056439365ef64%2C5fb766e909e8a7781132bf27%2C5fed564af85e674fd7743e89%2C61bb0d65cc98767fac45f024%2C5f0d606459839f7d1d016397%2C605424ee9b78ee5fe94060a9&ofpr=%2C3%2C3%2C3%2C%2C1&fpo=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:13 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
unruly_prebid
targeting.unrulymedia.com/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:36:13 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
c
prebid.a-mo.net/a/ 		0
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:13 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
80
vary
origin, Accept-Encoding
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cPJapwk1ur64knaKlId8sQ
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
ad06ecbf1abdfe2b431660fddaa5bd00d25e61dd4bbac2e002a5fc361dec2e57

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Jan 2022 01:36:13 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
mvo
tag.1rx.io/rmp/211377/0/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:36:13 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=bid&cb=1641692174105&asid=5f8fa1ee713056439365ef64%2C5f0d606459839f7d1d016397&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 759D 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
27dcee15a9acc3029997d34b74dc1aeff9f9a577eea3ce15f45e2557ee5bc2d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop130.am5.t,1641692153.cds134.am5.shn,1641692153.dop130.am5.t,1641692174.cds152.am5.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116210
vpaid.js
ad.lkqd.net/vpaid/ Frame 24EB 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:14 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1641692174.cds057.am5.hn,1641692174.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 759D 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1641692174210
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:14 GMT
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop143.am5.t,1641692174.cds233.am5.shn,1641692174.cds233.am5.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
freewheel
um.simpli.fi/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Protocol
H2
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 08 Jan 2022 01:36:14 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:14 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://um.simpli.fi/freewheel?gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1641692174239006-567
Expires
Sun, 09 Jan 2022 01:36:14 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 759D 		59 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=12472193&loc=https%3A%2F%2Fvnexpress.net%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:14 GMT
Server
nginx
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
59
x-sticky-vk
1641692173868082-425
Expires
Sun, 09 Jan 2022 01:36:14 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 759D 		67 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12472193&_fw_gdpr=0&cbb=1692173899&series=575892314681412188&_fw_gdpr_consent=&vav=baf0c21e7c9d693e76b105064f1eef89&vaviv=7ba1fbe8596273e218f6094bbbdf6548&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.2.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fvnexpress.net%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:14 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692173842086-424
Expires
Sun, 09 Jan 2022 01:36:14 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 55CF 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/

Response headers

date
Sun, 09 Jan 2022 01:36:14 GMT
content-encoding
gzip
content-length
1909
content-type
text/html
last-modified
Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges
bytes
etag
"10c6626c1705141142b0302e29b3bd0e"
cache-control
public, max-age=1209600
x-hw
1641692174.cds057.am5.hn,1641692174.cds257.am5.c
access-control-allow-origin
*
cm
p.rfihub.com/ Frame 55CF 		42 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
198.8.71.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:14 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
lkq
match.prod.bidr.io/cookie-sync/ Frame 55CF 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/lkq
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:14 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame 55CF 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:14 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieSyncLKQD
rtb.adentifi.com/ Frame 55CF 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.119.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-119-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
/
loadm.exelator.com/load/ Frame 55CF
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
  • https://tags.bluekai.com/site/5379?id=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
  • https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
0
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:15 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:14 GMT
server
Apache-Coyote/1.1
location
https://loadm.exelator.com/load/?p=204&g=281&buid=7f9d6ada-3b39-4cdc-a8eb-8c85118c6b61&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
ad
v.lkqd.net/ Frame 24EB 		21 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692173899&rtv=1&thost=vnexpress.net
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
b1fe65eda5dc748c910b2e6a3d369fd145dc8e7d0595a694010167d2fb8cfb4a

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 09 Jan 2022 01:36:14 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3054
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692173899&rtv=1&thost=vnexpress.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:14 GMT
content-length
0
access-control-allow-origin
https://vnexpress.net
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
t
t.lkqd.net/ Frame 0AD7 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:14 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:14 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11959793&_fw_gdpr=1&_fw_gdpr_consent=&schain=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:14 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1641692174272080-344
Expires
Sun, 09 Jan 2022 01:36:14 GMT
advast
ice.360yield.com/ 		27 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22330991&w=400&h=300&minduration={MINDURATION}&maxduration={MAXDURATION}&player_width=400&player_height=225&referrer=https%3A%2F%2Fvnexpress.net%2F&vast_version={VAST_VERSION}&vpaid_version={VPAID_VERSION}&video_format_type={VIDEO_TYPE}
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.243.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-243-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:14 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo
ads.adaptv.advertising.com/a/h/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/a/h/Zs6+3FbyyXAoHdY5SLNQKtekMCtNsXOo?cb=1381829527&gdpr=1&gdpr_consent=&us_privacy=[US_PRIVACY]&pet=preroll&pageUrl=https%3A%2F%2Fvnexpress.net%2F&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.100.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-100-237.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
4c8947dc95e28db09c5f5d750b61a108eb970c66ac251d9e46cd5760a16f22a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://vnexpress.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
927
expires
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:14 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 0AD7 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:14 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:14 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 09 Jan 2022 01:36:14 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://vnexpress.net
t
t.lkqd.net/ Frame 0AD7 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:14 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 0AD7 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.52 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:14 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
dc_oe=ChMIpued7MOj9QIVWEUbCh0Rdw3xEAAYACDR3pJNQhMIt9va68Oj9QIVieW7CB0aKgAU;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,253,264,709%26tos%3D22423,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame 75DA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpued7MOj9QIVWEUbCh0Rdw3xEAAYACDR3pJNQhMIt9va68Oj9QIVieW7CB0aKgAU;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,253,264,709%26tos%3D22423,0,0,0,0%26mtos%3D22423,22423,22423,22423,22423%26amtos%3D0,0,0,0,0%26mcvt%3D22423%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D22583%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D54%26pst%3D1%26dur%3D30293%26vmtime%3D22599%26dtos%3D7521%26dtoss%3D4%26dvs%3D7521%26dfvs%3D7521%26dvpt%3D7521%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D7521,7521,7521,7521,7521%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D531702911%26psm%3D8388607%26psv%3D8388606%26psfv%3D8388606%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,22423;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1641692152466;ecn1=1;etm1=0;eid1=960585;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 75DA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHLtC9jvaYbeIIYnL7_UPmtSAoAGIwsnTZ7uU3_n4DqGvjMiuJxABIMfHnyNgu76cg9AKoAHQtvqqAcgBBagDAcgDmwSqBN8BT9Ad_INpEk7u0V2WD5ry-nlRbNa5nd0YXdtzUo4_BYQf_inJBOof2FKKDLRyj8DO64Ytn1f9rUU2f4Q3tOd5ixJtSMSwG7YErJFBECvJl5RLjRKF_dXNov8Dkp66qLPMRlOSBk-dGoIiV03hgUcmyp-VgppYzSdu6QuRxjgYF7ed2Dsu0LpgibQRyCZnfjiDfJAsBqg20xdpY1bnVa1M4lVGnH_OzBM_WCltM4q1KUNZDKpb9RJ3MAYpDAlV5pVm-tfcXau5quJ8_n-EodW9-r_aEIkgDXxM2NTw9AQkksAErt7xnNwD4AQDkAYBoAZOgAeYyYXVAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YBwEAEYHYAKA5gLAcgLAYAMAbATuZHnDdATANgTA4gUSdgUAdAVAYAXAQ&sigh=XA8VBGFDUBU&label=videoplaytime75&ad_mt=22599&acvw=sv%3D20211103%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,253,264,709%26tos%3D22423,0,0,0,0%26mtos%3D22423,22423,22423,22423,22423%26amtos%3D0,0,0,0,0%26mcvt%3D22423%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D22583%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D54%26pst%3D1%26dur%3D30293%26vmtime%3D22599%26dtos%3D7521%26dtoss%3D4%26dvs%3D7521%26dfvs%3D7521%26dvpt%3D7521%26is%3D275%26i0%3D18%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D7521,7521,7521,7521,7521%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D531702911%26psm%3D8388607%26psv%3D8388606%26psfv%3D8388606%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,22423&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1641692152466
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:800::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Jan 2022 01:36:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Jan 2022 01:36:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://vnexpress.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Sun, 09 Jan 2022 01:36:15 GMT
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
content-length
0
12472193
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/12472193?series=575892314681412188&_fw_gdpr=0&_fw_gdpr_consent=&cbb=1692175319
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5918b6de06fe4ee2ba12ce924249ccbad37afcdb471b8a0515e1b344c52e3f1a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Jan 2022 01:36:15 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://vnexpress.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1142
x-sticky-vk
1641692175273009-578
Expires
Sun, 09 Jan 2022 01:36:15 GMT
ad
v.lkqd.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=377&sid=1123724&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=100&width=400&height=225&dnt=0&gdpr=1&gdprcs=&us_privacy=[US_PRIVACY]&pageurl=https%3A%2F%2Fvnexpress.net%2F&contentid=&contenttitle=&contentlength=&contenturl=&rnd=575892314681412189&cbb=1692175319
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
fa745905743145fa9d894e05f9054deaa5c092d8d339bcc1f91dc5f729935438

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:15 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://vnexpress.net
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1322
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=request&cb=1641692175319&asid=5fb766e909e8a7781132bf27%2C5f8fa1ee713056439365ef64%2C5fed564af85e674fd7743e89%2C5f0d606459839f7d1d016397%2C61bb0d65cc98767fac45f024%2C605424ee9b78ee5fe94060a9&ofpr=3%2C%2C3%2C%2C3%2C1&fpo=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cPJapwk1ur64knaKlId8sQ
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
9719f43ea6ec9dadb759ad3366f87b6530b21babe4701d1ff8287866d9ba95c7

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Jan 2022 01:36:15 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vnexpress.net
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
c
prebid.a-mo.net/a/ 		0
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
date
Sun, 09 Jan 2022 01:36:14 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
61
vary
origin, Accept-Encoding
mvo
tag.1rx.io/rmp/211377/0/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:36:15 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
unruly_prebid
targeting.unrulymedia.com/ 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vnexpress.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://vnexpress.net
pragma
no-cache
date
Sun, 09 Jan 2022 01:36:15 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
track
track1.aniview.com/ 		0
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 3F4B 		278 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 01:36:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 15:35:13 GMT
ETag
"1641396913"
X-HW
1641692153.dop130.am5.t,1641692153.cds134.am5.shn,1641692153.dop130.am5.t,1641692175.cds152.am5.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116210
vpaid.js
ad.lkqd.net/vpaid/ Frame AAFC 		177 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://vnexpress.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 01:36:15 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1641692175.cds057.am5.hn,1641692175.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s1.vnecdn.net
URL
https://s1.vnecdn.net/vnexpress/restruct/j/v1274/eclick/ea3.js
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
s.eclick.vn
URL
https://s.eclick.vn/delivery/eclick.js
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/tag/js/gpt.js
Domain
s.eclick.vn
URL
https://s.eclick.vn/delivery/dfp/dfpbrand.js
Domain
s.eclick.vn
URL
https://s.eclick.vn/delivery/dfp/prebid.js
Domain
s.eclick.vn
URL
https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js
Domain
s1cdn.vnecdn.net
URL
https://s1cdn.vnecdn.net/vnexpress/restruct/j/v2778/v3/production/blocks/site/1000000.js
Domain
logperf.vnexpress.net
URL
https://logperf.vnexpress.net/perf?lt=0&dclt=0&sr=0&url=vne_reload&iscache=0&device_env=4&domain=vnexpress.net&timeserver=1641692100000&timecookie=&timeclient=1641717347000
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
vop.sundaysky.com
URL
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?YgZqbQ
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
track1.aniview.com
URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=26395&t=1641692152&cip=82.199.130.40&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1641692152008-988194208614-007202-009-006442&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.95&cb=57589231468&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=61b84e5ed1591577585f0169&ncid=61b84a10800d7c569640ec55&pasid=61b84a5513e05a37ed3fd484&e=bid&cb=1641692175504&asid=5f8fa1ee713056439365ef64%2C5f0d606459839f7d1d016397&ofpr=%2C&fpo=%2C

Verdicts & Comments Add Verdict or Comment

283 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| onsecuritypolicyviolation object| onslotchange boolean| supportLS object| tsFolderApply number| tsFolder function| swapZone function| swapGetStorage function| swapSetStorage function| swapGetRead object| tsID object| tsIDCommerce object| tsIDCommerceID object| ts object| tsClone boolean| swapAction object| readed boolean| editorPositionChange object| editorPositionPrev boolean| readedInTS undefined| r function| shuffleZone undefined| h undefined| tsReaded undefined| tsNew undefined| k undefined| postionReaded string| c number| p object| v object| articleData number| stt string| articePicture number| sttSelector object| apiWorker object| apiWorkerCached undefined| _itmSource undefined| o function| appendTracking function| trackingLogoHome number| site_id number| SITE_ID number| PAGE_FOLDER number| PAGE_DETAIL number| parser_autoplay number| PageHot number| topic_id_selected object| DATA_FOOTBALL object| d_gat string| _siteId number| blockAdsTop string| uservar_token string| uservar_fosp_aid boolean| _noGTM object| dataLayer string| GoogleAnalyticsObject function| ga function| addScripts string| cacheTimeUpdate boolean| isValidateCachePage string| cookieName function| getCookie function| setCookie function| unixTimeWithTimeZone function| validateCachePage function| runScripts function| insertScript object| cacheData string| myvne_js boolean| dontSupportES string| lazyPrefix string| lazyKey object| registryArea number| inter_version string| ZONE_BRANDSAFE string| interactions_url string| base_url string| css_url string| js_url string| flash_url string| img_url string| js_url_vne string| css_url_vne string| img_url_vne string| flash_url_vne number| device_env string| eid_authen_url number| ZONE_ADS boolean| isResizedPhoto number| site_id_ads string| list_folder_show_pvtt number| cacheVersion string| revisionJS function| fetchCat object| googletag object| pbjs object| Criteo object| googTagCode string| fallback string| ua boolean| isBot string| revisionCSS number| ES6 function| loadFontsFromStorage function| loadFontsAsynchronously function| fetchSVG function| loadCSS function| guFont object| list_box_gt object| google_tag_manager object| google_tag_data object| _eaq object| cdpFpt object| gaplugins object| gaGlobal object| gaData function| goToSurveyBanIV object| scriptFooterArr function| scriptFooterIS boolean| lazyReady object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady object| google_optimize boolean| isScriptLoaded object| catConfig object| categoryCustom object| menuCustom object| lazyLoadCondition object| lazyLoadInstance string| log_url boolean| isHome number| cycle object| Video function| videoSuggestionProcess function| videoVODLog2 function| videoVODLog function| errorVODLog function| getCurrentMode function| getBrowser function| pDate function| createDiv function| addPreloadLink function| preloadNexFragment function| checkBuffer function| preloadNexFragmentCallBack function| fadeInVolume function| fbAsyncInit object| isMobile object| enDic object| viDic object| selectDic function| AdObject function| parseAdsParameters function| convertTimeFormat function| moAdSlot function| getStorage function| setStorage function| validateXML function| Hls object| retryFetch function| SimpleScrollbar object| $jscomp object| CmtWidget function| Zepto function| $ function| Html5HlsJS object| hlsTypeRE object| hlsExtRE object| HlsSourceHandler function| videojs function| html5Tech function| fadeVolume object| vttjs function| WebVTT function| $jscomp$lookupPolyfilledValue object| sparkline object| data function| covid function| byDay function| getTimeCovidByArticle function| getNews function| shuffle_array function| formatNumber function| getMobileOperatingSystem function| csvToArray function| importScript function| importStyle object| el string| defaultDomain object| myDate number| cookieValue undefined| _script boolean| isMyVne boolean| isIone object| myvne_users function| MyvneCallback function| closeMess undefined| google_measure_js_timing object| b object| a string| la_pageview_id object| JSON2 number| adblock object| cookieMatch object| _paq object| _logAdp object| PiwikNew function| piwik_log function| callback_ea object| FospAnalyticsNew object| _logEgg function| ufo8 object| foptTarget object| optTarget function| Swiper object| timerPageview string| fosp_location_zone object| adsbyeclick function| pbjsChunk object| _pbjsGlobals object| prebidConfig string| f string| tagCode string| pb object| f_opt number| page_folder function| googleDisplay function| mobilecheck object| default_gsi object| google object| __G_ID_CLIENT__ object| closure_lm_23306 object| JSON3 function| setImmediate function| clearImmediate function| normalize object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| criteo_pubtag object| criteo_pubtag_prebid_116 object| Criteo_prebid_116 object| ampInaboxIframes object| ampInaboxPendingMessages object| aniplayerPos function| avPlayer object| storageAni string| code object| iframe object| innerDoc object| THREE string| __THREE__ function| UAParser function| DeviceModelParser object| lkqd object| mobile_blocked_mfs function| lkqd_http_response number| google_global_correlator object| closure_lm_496355 object| GoogleGcLKhOms object| google_image_requests undefined| jQuery function| $321 number| browser_not_block_ads

162 Cookies

Domain/Path Name / Value
.vnexpress.net/ Name: device_env
Value: 4
.vnexpress.net/ Name: sw_version
Value: 1
vnexpress.net/ Name: _efr
Value: 1641692100000
.vnexpress.net/ Name: _gid
Value: GA1.2.1499767020.1641692148
.vnexpress.net/ Name: _ga_DQJ7NF9DN2
Value: GS1.1.1641692147.1.0.1641692147.60
.vnexpress.net/ Name: _ga_57577CKS2C
Value: GS1.1.1641692147.1.0.1641692147.60
.vnexpress.net/ Name: _ga
Value: GA1.2.1608223899.1641692148
.vnexpress.net/ Name: _dc_gtm_UA-50285069-28
Value: 1
.vnexpress.net/ Name: login_system
Value: 1
.vnexpress.net/ Name: fosp_aid
Value: 0c4k3lhxtzag0cpl.1641692148.des
.vnexpress.net/ Name: orig_aid
Value: 0c4k3lhxtzag0cpl.1641692148.des
.vnexpress.net/ Name: _pk_cvar
Value: %7B%224%22%3A%5B%22fosp_aid%22%2C%22null%22%5D%2C%225%22%3A%5B%22CPMS_LOG%22%2C%22null%22%5D%2C%227%22%3A%5B%22fosp_aid_bk%22%2C%220c4k3lhxtzag0cpl.1641692148.des%22%5D%7D
.vnexpress.net/ Name: _pk_id
Value: f86e4c8d78d892fd.1641692149.1.1641692149.1641692149.
.vnexpress.net/ Name: _pk_ses
Value: *
.vnexpress.net/ Name: display_cpd
Value: 7
.adnxs.com/ Name: icu
Value: ChgIpu9fEAoYASABKAEw9ffojgY4AUABSAEQ9ffojgYYAA..
.adnxs.com/ Name: uuid2
Value: 2225192029448763184
.adp.vnecdn.net/ Name: fosp_aid
Value: 0c4k3lhxtzag0cpl.1641692148.des
.adp.vnecdn.net/ Name: orig_aid
Value: 0c4k3lhxtzag0cpl.1641692148.des
.spotxchange.com/ Name: audience
Value: 79b8897c-70ec-11ec-a818-1a7cb9e30406
.vnexpress.net/ Name: fosp_loc
Value: 32126-0-GB
.vnexpress.net/ Name: fpt_uuid
Value: %226d2ec573-3fdc-44d6-9a22-e69d85ff7d5f%22
.vnexpress.net/ Name: ajs_group_id
Value: null
.octopus-stream01-cads.fpt.vn/ Name: cdp_uuid
Value: 6d2ec573-3fdc-44d6-9a22-e69d85ff7d5f
usi-saas.vnexpress.net/ Name: usi.saas
Value: s%3Ar19JXVn4SPEI_JwQHgqz6kaJsm_OpTZ-.4Cm5V8dhBEm1%2BC1p%2BREvuWF8nKXNWtJtEqnI%2B%2Br8afs
la2.vnecdn.net/ Name: fosp_aid
Value: 0c4k3lhxtzag0cpl.1641692148.des
la2.vnecdn.net/ Name: orig_aid
Value: 0c4k3lhxtzag0cpl.1641692148.des
.vnexpress.net/ Name: _gat
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmEMAPXNwZqAH6TZd4CusCuSB7QIbxJQxumLAcCLtVOwbuhstDBUDSnwW6Nn8s
.vnexpress.net/ Name: __gads
Value: ID=c7019873f4976685:T=1641692150:S=ALNI_MbCasTC_0F0l5CMagDPAamm_VLlQg
.urekamedia.com/ Name: OptUID
Value: 13164169215156
.casalemedia.com/ Name: CMID
Value: Ydo797Dx1-GXImrEnafbeQAA
.casalemedia.com/ Name: CMPS
Value: 1836
.casalemedia.com/ Name: CMPRO
Value: 1863
.aniview.com/ Name: aniC
Value: 1641692152008-988194208614-007202-009-006442
.quantserve.com/ Name: mc
Value: 61da3bf8-2e8c2-291a1-a5483
.casalemedia.com/ Name: CMST
Value: Ydo792HaO-gA
ads.stickyadstv.com/ Name: UID
Value: 61ca7663dc3a6aa2704f1c13f2de1ad
ads.stickyadstv.com/ Name: sessionId
Value: ad1ff023e0ae609c2d3b7ff7932c530
.casalemedia.com/ Name: CMRUM3
Value: f161da3bf705a0&2761da3bf70b40&5161da3bf82760GWFJahwySzMCYkgzTGIAORZhTDoCMRg_F2OIsiUr&2d61da3bf705a0&c361da3bf82760av-e9561d67-7ec5-46d5-9885-b70ca8d64246&9c61da3bf705a00&be61da3bf705a0&e661da3bf72760
.doubleclick.net/ Name: DSID
Value: NO_DATA
.aniview.com/ Name: 2_C_55
Value: 2225192029448763184
sync.aniview.com/ Name: 2_C_55
Value: 2225192029448763184
.turn.com/ Name: uid
Value: 8107759937123472539
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7DF37F8B-AFF2-40D1-A711-7DBC666DBC80
.pubmatic.com/ Name: DPSync3
Value: 1641772800%3A174%7C1642896000%3A201_197_219
.fwmrm.net/ Name: _uid
Value: "pc029_7051014107235484574"
.lkqd.net/ Name: sr55
Value: 1||1641692153
.lkqd.net/ Name: lkqdidts
Value: 1641692153
.lkqd.net/ Name: sr103
Value: 1||1641692153
.lkqd.net/ Name: sr94
Value: 1|8107759937123472539|1641692153
.lkqd.net/ Name: sr99
Value: 1||1641692153
.lkqd.net/ Name: lkqdid
Value: KxFYDAyjl4g
ads.stickyadstv.com/ Name: uid-bp-36033
Value: pc029_7051014107235484574
ads.stickyadstv.com/ Name: MRM_UID
Value: pc029_7051014107235484574
.adsrvr.org/ Name: TDID
Value: e264eca7-474f-4729-b4ee-b407bfbc0deb
.quantserve.com/ Name: d
Value: EMMBEgGUJfijC_vLEA
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEFuM1Fec93WOAtYiBRs7wi0
.simpli.fi/ Name: suid
Value: 77A94120BA4C4337AA97436241578F55
.mathtag.com/ Name: uuid
Value: e4ed61da-3bf9-4b00-bcfc-6624da7d3ad5
.adfarm1.adition.com/ Name: UserID1
Value: 7051014107245574290
c.deployads.com/ Name: d7s_dc
Value: 44NXSTC7SLg1syEHksu
.yahoo.com/ Name: A3
Value: d=AQABBPk72mECEF_bDzZ-7u028qABgHRKEPwFEgEBAQGN22HkYQAAAAAA_eMAAA&S=AQAAAhKASwZHDD0jkbWFw9EgCgU
.de17a.com/ Name: guid2
Value: 1.8290923107004405806
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwj-oa-JzcapOhAFGAEgASgCMgsInt23t-PGqToQBTgBWglzdGlja3lhZHNgAg..
.adform.net/ Name: C
Value: 1
.bidswitch.net/ Name: tuuid
Value: 03515ecb-0b62-45be-ab21-2992b91fc3d6
.bidswitch.net/ Name: c
Value: 1641692153
.onaudience.com/ Name: cookie
Value: 082b7913a3f00cfc
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923--WXGEPw2xEniZsdJrGaPQ_Zlw0DiNZdF92fHjRQT&KRTB&19420--WXGEPw2xEniZsdJrGaPQ_Zlw0DiNZdF92fHjRQT&KRTB&22979--WXGEPw2xEniZsdJrGaPQ_Zlw0DiNZdF92fHjRQT
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2225192029448763184&KRTB&23339-2225192029448763184
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEKbq4YTNKmQIx2ljB7p1wM0&KRTB&16514-CAESEKbq4YTNKmQIx2ljB7p1wM0&KRTB&23025-CAESEKbq4YTNKmQIx2ljB7p1wM0
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~22k1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Ydo7_QAEL6xxdQAm
.bidr.io/ Name: bito
Value: AB-oM07DtHgAAD_Q9Q76GQ
.bidr.io/ Name: bitoIsSecure
Value: ok
ads.stickyadstv.com/ Name: uid-bp-892
Value: e264eca7-474f-4729-b4ee-b407bfbc0deb
.adform.net/ Name: uid
Value: 3034309312447776064
.bidswitch.net/ Name: tuuid_lu
Value: 1641692154
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7051014107245574290
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8107759937123472539
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-e264eca7-474f-4729-b4ee-b407bfbc0deb&KRTB&22918-e264eca7-474f-4729-b4ee-b407bfbc0deb&KRTB&23031-e264eca7-474f-4729-b4ee-b407bfbc0deb
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:e4ed61da-3bf9-4b00-bcfc-6624da7d3ad5&KRTB&16736-uid:e4ed61da-3bf9-4b00-bcfc-6624da7d3ad5&KRTB&23019-uid:e4ed61da-3bf9-4b00-bcfc-6624da7d3ad5&KRTB&23208-uid:e4ed61da-3bf9-4b00-bcfc-6624da7d3ad5
.sitescout.com/ Name: ssi
Value: 7b27dcfb-058c-4c35-8768-db351bb5962a#1641692154044
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8290923107004405806
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3963778990808868709&KRTB&23263-3963778990808868709
vnexpress.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Ydo7_QAEL6xxdQAm&KRTB&22978-Ydo7_QAEL6xxdQAm&KRTB&23194-Ydo7_QAEL6xxdQAm&KRTB&23209-Ydo7_QAEL6xxdQAm
event.clientgear.com/ Name: mkuuid
Value: mk88405a62-5149-48c8-891f-3e818a5e289d
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-BETq7HJE2oNPx_5kqr0gSGYPlUjVpi5PPdHovkY6~A
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348
.exelator.com/ Name: EE
Value: "62e567d12a34a6a0abb9b379135747e4"
.krushmedia.com/ Name: krm_usr
Value: 7de7a766-2c60-4e06-bde7-59125d4c36af
.krushmedia.com/ Name: krm_r
Value: 57
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHMKNXUzDzF0CjR2CTRLNEgMSnJMsnY3NLQ2NTcxDzVZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ8SX5RZvoiF9fFRSlpDItKik8F75ezBQBdICkj"
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-03515ecb-0b62-45be-ab21-2992b91fc3d6
ads.stickyadstv.com/ Name: uid-bp-951
Value: 2225192029448763184
.lkqd.net/ Name: sr102
Value: 1|7de7a766-2c60-4e06-bde7-59125d4c36af|1641692154
ads.stickyadstv.com/ Name: uid-bp-529
Value: e4ed61da-3bf9-4b00-bcfc-6624da7d3ad5
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-adabe81d-4d01-43a7-42c2-405d77f87ebb.%2BU7NAmliSd2pJYzlNIKNdaz4VCi7OC9Qk4m6f3EVHE4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-adabe81d-4d01-43a7-42c2-405d77f87ebb%24ip%2482.199.130.40.vSk0GXrSSuILyu3rvkWsCedkfeVlPZWm59GxLmSUGvc
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-ravoHU0BQ6dCwkBdd_h-u1LHgig
.pubmatic.com/ Name: PugT
Value: 1641689258
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2In6wTh@3!]tbP6j2F-XstGt!@E)W%$3KC
.w55c.net/ Name: wfivefivec
Value: 7zzDz4mE1N6n7I5
.w55c.net/ Name: matchfreewheel
Value: 5
ads.stickyadstv.com/ Name: uid-bp-23329
Value: 7zzDz4mE1N6n7I5
.tapad.com/ Name: TapAd_TS
Value: 1641692154922
.tapad.com/ Name: TapAd_DID
Value: 473cdf79-833a-4c12-a48f-00095d38a10f
ads.stickyadstv.com/ Name: uid-bp-617
Value: 3034309312447776064
.lkqd.net/ Name: sr85
Value: 1||1641692155
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AB-oM07DtHgAAD_Q9Q76GQ
ads.stickyadstv.com/ Name: uid-bp-45
Value: Ydo7_QAEL6xxdQAm
.adhaven.com/ Name: uid
Value: 4c_20bcf30a-91d5-45d0-addd-d20aba5e5f50
.lkqd.net/ Name: sr93
Value: 1|ravoHU0BQ6dCwkBdd_h-u1LHgig|1641692155
.lkqd.net/ Name: sr90
Value: 1|4c_20bcf30a-91d5-45d0-addd-d20aba5e5f50|1641692155
ads.stickyadstv.com/ Name: uid-bp-171
Value: 8107759937123472539
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjIwtLAwsLA0sLQ0tzA1NTI3NxTiM9SNinCpyPBwTUwvdjUGAEYIuPolAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjIwtLAwsLA0sLQ0tzA1NTI3NxTiM9SNinCpyPBwTUwvdjWW4jU0MzE0szQyNDU1N7cEAJs-roI0AAAA
.ipredictive.com/ Name: cu
Value: 7d73659b-70ec-11ec-a4fc-35d6da22ce9f|1641692156095
ads.stickyadstv.com/ Name: uid-bp-25746
Value: 7d73659b-70ec-11ec-a4fc-35d6da22ce9f
.adotmob.com/ Name: uid
Value: 072a220403ce1ede416ef737
.adotmob.com/ Name: uuid
Value: 072a220403ce1ede416ef737
.adotmob.com/ Name: partners
Value: STI%3A1641692156451
ads.stickyadstv.com/ Name: uid-bp-1501
Value: 072a220403ce1ede416ef737
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY0MTY5MjE1NDA5MiwiMyI6MTY0MTY5MjE1NjgxNywiNCI6MTY0MTY5MjE1NjYxMywiNTkiOjE2NDE2OTIxNTY4MTcsIjM5IjoxNjQxNjkyMTU2NjEzLCI3IjoxNjQxNjkyMTU2ODE3fQ
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
ads.stickyadstv.com/ Name: uid-bp-25522
Value: 7b27dcfb-058c-4c35-8768-db351bb5962a-61da3bfa-4348
ads.stickyadstv.com/ Name: uid-bp-27649
Value: 6db289a0e58423eeae52318b086eeccc
.lkqd.net/ Name: sr59
Value: 1|CAESEJkzSJSkyr5QDJZcsUdcyRA|1641692157
ads.stickyadstv.com/ Name: uid-bp-33281
Value: pc029_7051014107235484574
.sundaysky.com/ Name: sskyCreationTime
Value: 1641692158272
.sundaysky.com/ Name: sskyu
Value: d6.87e6baabca9c4eb98c08bac186fd6c9f
.sundaysky.com/ Name: sskya
Value: "e2Z3Ont0czoiMzU2NzN5Iix0OiJuaSJ9fQ=="
.lkqd.net/ Name: sr54
Value: 1|934e8c51-3fdc-4778-a224-12fc61739d12|1641692158
ads.stickyadstv.com/ Name: uid-bp-23521
Value: d6.87e6baabca9c4eb98c08bac186fd6c9f
.creative-serving.com/ Name: tuuid
Value: 633c3dad-923f-4c0b-8216-954ea67f8f2a
.creative-serving.com/ Name: c
Value: 1641692158
.creative-serving.com/ Name: tuuid_lu
Value: 1641692158
ads.stickyadstv.com/ Name: uid-bp-838
Value: 03515ecb-0b62-45be-ab21-2992b91fc3d6
.tribalfusion.com/ Name: ANON_ID
Value: aFnufrrZcAQ8BqEr73uduo5BtihKuyZc7ZaABpVZceiUkZaxy5B0OuqhWhUPdGVbPOjHLK1OhIOZdb3N223MOZdTSmYD0JGMXPsZcGnHgCmdUp6e
ads.stickyadstv.com/ Name: uid-bp-31665
Value: 18072662314884195622
.pubmatic.com/ Name: pi
Value: 156429:3
ads.stickyadstv.com/ Name: uid-bp-36433
Value: 4c_20bcf30a-91d5-45d0-addd-d20aba5e5f50
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 92370508e11c6f58
.adscience.nl/ Name: viewer
Value: 1641692160-36867002
.adscience.nl/ Name: fw_ts
Value: 1641692160
.lkqd.net/ Name: sr53
Value: 1|ZLwamts6fBZc|1641692160
ads.stickyadstv.com/ Name: uid-bp-37825
Value: E2lXbXSF9Y5tLx7bXzXVTQ--
.pubmatic.com/ Name: SyncRTB3
Value: 1642896000%3A220_7_8_166_233_81_161_56_55_22_204_71_21_3_13_54%7C1642291200%3A223_15_2%7C1642550400%3A63%7C1644278400%3A203%7C1642982400%3A35
ads.playground.xyz/ Name: connect.sid
Value: s%3ASPxbUEWbN9ktuyMB0wfpmvKDf497k0Zw.d91PUIp0I%2F870fNl8meB2nZjwx0cQnN%2BHzzqpu3muCE
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: SPugT
Value: 1641692159
ads.stickyadstv.com/ Name: uid-bp-24418
Value: 7DF37F8B-AFF2-40D1-A711-7DBC666DBC80
prebid.a-mo.net/ Name: __amc
Value: 6_1641692152_1641692160
.lkqd.net/ Name: sr52
Value: 1|Ydo7_QAEL6xxdQAm|1641692161
.adsby.bidtheatre.com/ Name: __kuid
Value: 04c11832-0234-4b06-b0e1-0860d37a83d9.410906161
.criteo.com/ Name: uid
Value: 81e9d4e8-1d3b-44e6-a48a-3712edde5b48
ads.stickyadstv.com/ Name: pxId
Value: 1753
.vnexpress.net/ Name: cto_bundle
Value: aiFIwV9zZXVUQTVKQUpPaFBmTyUyQkRxc0swcHZEbDAyNDlnRDBlMSUyQkhBeFJNRXBtNzRBZzZmNldjWm1iZjBjekY5WnNZb3BURHRybGxCTzlCbjFDR1clMkZLZTJBd001YjhlNko4UG5zU1BSckNPckZCZWtXODRKRXp0SjlyalVib3Vwc1pPJTJGeWpRZFhzajFUJTJCUFdCemJkUHpmWGpnJTNEJTNE

8 Console Messages

Source Level URL
Text
other warning URL: https://vnexpress.net/
Message:
Failed to decode downloaded font: data:application/font-woff2,
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://idsync.rlcdn.com/464986.gif?partner_uid=XUaOyOgmZWs
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662314884195622
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

163bfa7d4d36d5bce1dd8681ddfe867d.safeframe.googlesyndication.com
24f368ee55be02fd0a6e9b86a36b4619.safeframe.googlesyndication.com
5wify31.gaku23.info
970bb371e797f506c00881496b4bb0e1.safeframe.googlesyndication.com
a.tribalfusion.com
a5270.casalemedia.com
accounts.google.com
acdn.adnxs.com
ad.lkqd.net
ad.turn.com
ade.googlesyndication.com
adp.vnecdn.net
ads.adaptv.advertising.com
ads.creative-serving.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.co.uk
adservice.google.com
adservice.google.de
analytics.google.com
bd.urekamedia.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
bttrack.com
c.deployads.com
c1.adform.net
cat.nl.eu.criteo.com
cdn.jsdelivr.net
cdn.stickyadstv.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
core.polyad.net
cpm.unibots.in
cs.krushmedia.com
cs.lkqd.net
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
d.turn.com
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
freewheel.adhaven.com
g.eclick.vn
gcdn.2mdn.net
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
gw.vnexpress.net
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
is.vnecdn.net
js-sec.indexww.com
la.vnecdn.net
la2.vnecdn.net
loada.exelator.com
loadm.exelator.com
logperf.vnexpress.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
nep.advangelists.com
nxd.adhaven.com
octopus-stream01-cads.fpt.vn
optimize.urekamedia.com
p.rfihub.com
pagead2.googlesyndication.com
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
player.aniview.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.a-mo.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
r4---sn-h0jeln7l.c.2mdn.net
rr3---sn-h0jeenek.googlevideo.com
rr3---sn-h0jelne7.googlevideo.com
rtb.adentifi.com
rtb.nl.eu.criteo.com
s.amazon-adsystem.com
s.eclick.vn
s.tribalfusion.com
s.vnecdn.net
s.youtube.com
s0.2mdn.net
s1.vnecdn.net
s1cdn.vnecdn.net
sb.scorecardresearch.com
scdn.eclick.vn
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
solution.urekamedia.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.criteo.net
static.eclick.vn
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.aniview.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.tidaltv.com
t.lkqd.net
tag.1rx.io
tags.bluekai.com
tapestry.tapad.com
targeting.unrulymedia.com
tpc.googlesyndication.com
track1.aniview.com
um.simpli.fi
umfw.adscience.nl
ups.analytics.yahoo.com
usi-saas.vnexpress.net
v.lkqd.net
vcdn1-giadinh.vnecdn.net
vcdn1-giaitri.vnecdn.net
vcdn1-kinhdoanh.vnecdn.net
vcdn1-suckhoe.vnecdn.net
vcdn1-thethao.vnecdn.net
vcdn1-vnexpress.vnecdn.net
vnexpress.net
vop.sundaysky.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
yt3.ggpht.com
ads.stickyadstv.com
logperf.vnexpress.net
s.eclick.vn
s1.vnecdn.net
s1cdn.vnecdn.net
sync-tm.everesttech.net
tpc.googlesyndication.com
track1.aniview.com
vop.sundaysky.com
www.google-analytics.com
www.googletagservices.com
1.55.119.42
103.132.192.30
104.111.215.191
111.65.248.197
111.65.248.229
111.65.249.130
111.65.249.131
111.65.249.224
111.65.249.225
111.65.250.2
111.65.251.2
111.65.251.70
125.212.217.26
13.32.99.105
142.250.184.194
142.250.185.162
142.250.186.34
142.250.74.194
146.20.128.152
146.20.128.52
146.20.132.159
147.75.61.140
151.101.1.108
151.101.130.49
151.139.128.11
169.50.137.184
172.217.16.130
178.250.0.163
178.250.0.165
178.250.2.135
178.250.2.146
178.250.2.148
178.250.2.150
178.62.202.251
18.157.100.237
18.198.172.5
180.148.129.21
180.148.132.197
180.148.132.75
180.148.141.233
185.170.61.211
185.29.134.244
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.81
185.94.180.124
185.94.180.126
192.132.33.46
198.148.27.140
198.47.127.18
198.47.127.20
198.8.71.129
2.18.233.180
2.18.234.21
2.18.234.233
2001:4de0:ac19::1:b:1b
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
213.155.156.166
213.19.147.43
23.88.75.187
2606:4700:3034::6815:6036
2606:4700::6810:125e
2606:4700::6810:5514
2606:4700::6812:d05
2607:f8b0:4005:813::2003
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:802::200a
2a00:1450:4001:810::2003
2a00:1450:4001:810::2006
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200d
2a00:1450:4001:830::2001
2a00:1450:4001:830::2004
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9b
2a00:1450:400c:c1b::64
2a00:1450:4016:1::9
2a00:1450:4016:5::8
2a00:1450:4019:800::2002
2a00:1450:4021::8
2a02:2638:1::11
2a02:2638:1::2
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00:2ab::2c79
2a02:fa8:8806:16::1370
2a05:d018:24:b002:6973:f435:affb:5901
2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d
2a0b:4d07:101::1
3.120.18.167
3.126.56.137
3.217.20.60
3.33.220.150
34.102.253.54
34.107.184.81
34.149.20.76
34.195.16.202
34.205.232.45
34.205.3.24
34.248.159.172
34.254.143.3
35.227.248.159
35.244.174.68
35.244.210.213
37.157.2.236
37.252.172.37
37.252.172.45
47.250.41.162
47.252.78.131
50.16.141.46
51.210.112.236
52.18.103.74
52.31.13.93
52.46.130.91
52.72.119.123
54.174.213.70
54.37.36.178
54.77.243.210
66.155.71.150
67.202.105.22
74.125.71.156
77.245.57.72
8.2.110.134
85.114.159.93
013166993ddc7f823b1d76aac410c99dd2595d87308053dd23cd934910dd19f4
01c25c3793ced5938a692c60ab7e3b13ad6e6d1ca02cac87e7db4bf7ba2fe3e3
03f6337a092d2c6b8b1ce8bbbcb01feafac5b68d7f3a563c46ee491f301a0f37
0451d35fb7064408e50d3d922d9a9429e0eef70eea7af65463c444991438837f
0484b45a990c2dbfacd2cea8256a4fc48f0193c41d1889badeee7a98f3f5d34c
0498a92fe380cd854e3186f0fbf5d85938ce21e1adff5b037de30c3392166ca7
0866b3367e187eb86aa7f9579b0857e51217a7918c2c692178e24ae8e029cddc
090f6609ab46ca56313d8ddf62ef2185fed4846b2271b77f5f5f95af5cda24dc
094b9f3481dd02472092ab67546ce7e02314256e3965ba5b488ce7c449f0d7f4
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09ef3083413f167d8fba4ce97e6f89301b50b842d15845586fca92c5fae16e6d
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b0e0e740896849589bc2dee5dcd6bf235afc5df25ce9b69fa4a4c439a6f871e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba149f219cf9ff7e18d3b325711ff531179683e7d27604de4da294f1a8cf5c7
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c2a8b1d54a7f735594e13c87f20792f8c66ae341ac5c110c5448ddee5d1b6d7
0c8de3a334754a312eae4a2e9c981f57d71052818d1e1ae26424df244a1d1a1d
0ea78a94de81217c3c4f86792f9c034fe55d990abd80b6bde4705175ba01d16f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ff7df407f729aee92fa7e834d8bc6506a925f72bbc9879427c76c90ed085b70
119ec1d9a42611e9ff521ffd50a5a8b85df6006c9c19ce856ebcef1ea373f506
11b69c31a47917f90c4fd2be44fd96dbcc1ccc8c6235da63773bc18cba3557a6
12d1593f964495e00918aecf80797b71bf873d4586ee9701fe947840e52b980e
12e06f1d23fe8f22ded1744d57ad7bac5fa202359cfc6a641474adfb1e304634
12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768
131ce7ab02169dfcd1692aa7e0e966a287efb21a0cf69e6bfafb991b5f3c0c84
133be2ab152b1c9f408e9a597430361539cf3b8255a0a92f8a8a8a885e079702
14abf807c0638a3ad9d1940fd44c2fcbd4545f37bfefa85656b90a1d4b020054
15f20ce5969bfbd5092053b0226a2fbd8bfaaa7fad468338dec0197ef4e73f31
1601c1cfc82d718d46138f6a4205cae60449697b94e6abf7586735ec2e05c3d0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19d5e28429abd18e9ff50cc8094752148e0792d8d6d61a0ef636af5a43c27296
1b9f893929f5adbb0657b06c0bbc838c5a9bf8e12cc5bb1cbef388e05d18a5bf
1c0b7c950c201ce6261cd9169ab464fa1c8ebdfb6c9881fefa0cfe2fbeeb7d1c
1dbe05d27c8fb73029fdc1159739af3abda61b58bc6af35e080cc69fb6a94917
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f4ee3ed255e8b3a7fe57f83d12f14107b8d6f83011c776d77a8b6fae3912391
1f66620f7dae42af4a6a3d1217e1e15a05090cac7bba5828b69e6d3321e5f924
1fdc5ef5534a96b551757afdc0246822673bd0edbc30005605a069209623e39f
22425393095a61f02cf64debbd429a4ec0be67a471cc1e1d3a118e9e5d8c5813
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23134547cfb0d6e1825ed86a6c9c6efc0385369fafe1e17bc296ef3b7017e971
2388ba32cb405e19a6e6f04a6642db3b5339efcce8dab464a8fe5c0ba951d2bf
23d8d2b1e410c2c805de36cd3970bdf3c91718a71ae3e5ca29a017365274b367
25a789fe9c2b44e08afa673df8bd2d873ea178e4b40275413d0d0f1ea15603c9
26347690a42de76f183305c56c8d2544d67a6a70defc5a86164953528e306fb4
265922c97de2cd81f57e8771dbebe35d934423afe090f960132cd0483d8d12a8
272f3d0f2cce62e707f9c0686695e2adbac257d88fff6eecf1bf96f43048f935
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818
27dcee15a9acc3029997d34b74dc1aeff9f9a577eea3ce15f45e2557ee5bc2d6
28c34d137ec2cc383f7177e97e1d0d1855ec48e45536b9ae395b6ac1f26ee3f5
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2a0c48a90cafb94c2ae3394ffaf5da88121c51944bfe6effc35c65f5821d66f8
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2db1b8ffef6478aa074dd1b800f8ea28a0f0f844c40bea8813dcd093730baf6c
2ef09436a70ad1da1505303ad491cbf28a5edf68629fe84d782b269af413b64c
3074e909866cebf1d993a0bef11d8bf46af2d5fca8bec5884a8e5701e8a61e8e
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
3300fe4b85cf0b182d9683fdb25d2e5b17d21e8267079ca35906725cf6310c9e
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
336f06ff19606c731a1d88adb3a68c1dae89ba483e6d3c7bd51404a0f1aed52f
33b5594ae14a65751a8c4775e98e7b2a72896cff5b7782f55aa2e56152a780fa
351252424bb8f27e1b4e1a758af27368401ee65f334c81922f2cb7eebf950b39
352f527606896b074d27bade73ab90f352c835345384728abf5207ef5f376a4b
354c7ad368a99b59e813f43035079c19138b4792f0bfff31b08f8271bd198da0
362dd4ca63f7b924a45eebb4fb81dcbec959485f92a97e6436e5a19698e048f5
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c
36e0da38b4885b0249cd30778554ee901769ed1b7469bd3f6d35b40a17219fd0
370b1bf6c5c75ea567b07b8e57f54bc5c91e2c316c3e69cee33dd9c51087fb66
3723cec52f31b28d21f8576054b9ba4c2b2428a32276eefc57037a980a96bd72
37458c2992906d104f88bcc474e76d63344401de0748ba0e7dca1e6946a9cb2e
374b50037edd1f5a47a17d77ee3eac2797e508a3e7e1dc4ee0f37822d9edb97e
379e934eb46b13d5a436e987c13c580a8d98197df846519277372c0d3d4a864f
381e09f0842b2d487bd60cb27e50a68a9aac51a21892cd66b0d960302c6b7a07
393a5dde977b3c33c177d2fb8fccaed06d77ae88547d13974ac5e75cc63c5c11
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
3ab48b117422b65760591d1b3bd926e10bd638cdf291f1f5090efd9f0bfe9d10
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db5e1dcb72170045dda5facfd0bd30c250e8fe5a8af24d7b9d0857c2bb28ec0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
407a8d1dfa5ecb22ae6cd3104c09c2c193d010e0acec947c4d6f4c555c4b5c82
40dd8e0e88155c995a0a27986e1da0ba577287699720f139d0f49e821b78c50f
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
41ee115ee5b6e9379eee8eff0fda7105db51d211f2508f087a8a14f6c64710b5
422bbb63dc62f98cb3c5592b4d68391751eb886296bff80bd279400db421c2a6
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
45b83f6b6a8fc5a941655b074f10b26bc4dfca4035c372326e1dba7307c82c43
4645ab9bfd6df40b764a38442029b1b8a1b2177aa42a26ed47889c85bb191036
464afcd8128470af2c00e32101a2df60a792586747321dd5afa9a21816a385ba
466c1205ae1844ff70df5b0464f4211b3822ac1801de8c8b6bfa78acc1f651c1
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4846f4c95a0bf63f8651d03f7373ea733512717b57b1660c7f63369d192077c5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
48cae4cee758cced25c68bb6d0c4b1907b7a34034eafce848dba45e025f7cd3f
4b88e322ae9dfbfed22b3257299b7a21008901af1cca8f39b15e50543389301c
4c8947dc95e28db09c5f5d750b61a108eb970c66ac251d9e46cd5760a16f22a3
4cbcd1cd725c844cb4a385a19ae33c45aa99af24013039ca0e86503056eb23e9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0b586a1e0d50a2e85c7e2940785f302ec685e266b3d341ea9c1c54b8a120b9
4f38ea14d699d962c55ee1ce85eeac459f2f4756218770110383c293179e8d27
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5068333f48c5c362b06d11ef205aeb375dd381374508a886ef91a4fb782beea4
510c8629d39437b562e1f5a3903a50ef69c04d2a6cd19df492df4055144b9653
511b6ac8a9f1f7f97844af8e91b27e683efdc643cbeca89f83b2a7bc18f3ff8e
51bb1a19448d513f7f07b91ab838e23ecdd09018d522b863ce59842e722a5814
5231df573b6180c6bda33b20b3f58fdaed9fc3ddde42b68fbea502813924311e
5429c9d50e6222c5a8082411c59146871a585b8eadc84a9d7843ec0953274ef3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58c1655edec242ddc2a55d055b02bb32f38b9d1b5bf139d3c050443a05213533
5918b6de06fe4ee2ba12ce924249ccbad37afcdb471b8a0515e1b344c52e3f1a
5a1fb0681e3e66e20cf988a0283c8edc76ef9a6c4383e70c5ae9f013262985a5
5a7360ce5db7ebcecb6a673d3a64c46fd55d474486ce305119c9a126bfb26ed7
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059
5e81b17c55c9cfb05b562d73431f0832b2d96a4845ecfee7099a5236c63c2a49
5e93dd31ec4880cad2911b0980e3b1a6e98dedc059f32351df363569f7b6c057
5e95f1ba25ae50547139ef3c6fbd333228aa22581699cd62de2b7c35a13009c2
5eed32e4eeeeca25b2ab80e769cb305b92c48082015aafc0f15fbdbfaea1ce14
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
642c8ffa9bf64300db57a5174b2af2cf9a61a43a8240e775b4964437ca445e50
6462a807dd3e11bf62c983e71fd2b43b51881825a60180ec80266bd5ddb3b4ce
6482df5f749cc35409387540414aee5648252400f60321df11b211be3a1dfdd8
66cb0f00518d0b6623c75fdd6493c8e9af42fcff888064ca70c1b2172cb782b4
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
6acd6dac0a641eb4f928fc909199694c26593cb36f37d3271a7928faf8a92749
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6adee1eb7f9c1d8f269073423a59b4164fa0cb078a41206ba6a8b7dd6c3e4083
6c806ff0c2c266919331226af5f7f8817a55db94135e4d9c6eb5233b5479c0fb
6d784f9717f65a94d63447a1e7274df10dc0e3e31563355c2a65b202527232e6
6d8c41224ea4b28da2a3ef57a06babc47399499da909fd3e4836438daba03938
6ee8f418d9f3642bb69278c7809e0d2f93ab51f7d6a38dca56248c59a6d56081
712968975168b8cbc7ac9f09957bb09151e3342766b19a6f0eeb64c12261aa84
713aa0cabaa57ebe333b3069a6975bd48987b8f3d1fe7da9f5fd52b5b626b017
728e5ff5171dc4de2704cb4d7288ee83533f2d0ee13407059bbae9b3b8a57403
72c24d7d5607ba05f79991c4b2da9e2f46e89cef8ab2f5bc868d64e3f0edefbb
73aadd2c014d9748e4ef42aad4b2ad4c89b249d56dda7a6e2a8fc3ccf2b932f8
74eae7469f8e473db0ac9facc0ae2d5d9ae5d58b2a5d37fc9174014db52b3e9a
75546c88a0cde582d4c8b27382c4c5c705f3ed0138cfe9b49a417debd3fce8c1
75768a8bb8162c55400d7595eba3314d9ce100c750e6acdf58f6f99505b66388
765afd4fecb7007452c0ca77ea09b9c06da6b5ca5717025d7fd3ade66affb18d
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
79eee8e782af82c64067b97dec9f8aff98fb2b672d2a40d8b43e2aade3cc6a1e
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7ae8954123d9fb8b10fff939ab42d89f6cfcfa4d91d5278d2f2c0a4cc21c7ebe
7b0b0433364b5f72cea206aad660a4e5014e32d9a76b02de94a5eca9f1f7077e
7b5392e14515cf694f44ed05644602c7b86ce163caab004f2a40918cbac6053c
7c321a9139179e98a8545127582864cfd8828d402fc0ed51aeb743f024ad64f0
7c3f0d6cfe9f8fde34bf9653db1b256bd0601b91b14e6336dde2187396a16efe
8026dd5fe3b88ee31310e5eb914953539a250d6d7b4333426cf0c9b68230d1fb
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
82c75f40eae18bcba65263b5576c697ba6e63a8ab24f69b0ba5703d507970f6e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b2db06e4e840f5c818b986001e24ed7added38a25e036e6e12607025d14f0e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850168f47b570c597b2f81cdb44d42bdbd3be1ea0de432a66c4279d773fdeb75
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
8629ab4146655f94c127a70bdfd8272cbd06f97c7fc3f8322b9a284eb0362822
863016606095ee80bec9802da48ef003599574c8b1472e9030f6792bad4f2fc2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
888215dc0ea744795a8fc73cbbd26e044e85f9728197473632948df95d73077d
88b1de7483b7fba6d3cc34dbc55a4ba7a3ea55455a084d6d3fe58d9a278fc1ee
891522ce75d989b789bf28488295a58d5c0b41c58f2fea9b02529e824a2ad51f
89475e3de1dc8f8dc4047ce08e78decc74ba34e1d1a5976575b11a4c9da19228
899cd623ab4c8906b087aa56a6c1a6ff0621d96fa60f060c413be862281d93cb
8bbde2c9b3b023e4d095ff889b5f757e402f9d3c81dff40c001d39233efaf578
8bf939288fcaaa94ec7287da90f5a3032eb7ffb483ff7539260bcd05e9d89a58
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e96eb9ef662beb2cf75392ac7a99dd0d7e678a5cdc9aa7c97c81e65181804b3
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f1310c655588faf022662db268ce663d4e320266162b2f8bc84a687a91232f1
8f74d59a2aa95f605cfd9c544fab5756d37dbc3dd77facf19aada9111ad8c31d
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
921329187f251f77c4eeaf04ff2f3189cff526837179ccad6b898304fe14e52e
92482f69cf8b488f4e0364ce1ead48d89a0bac67ae2d147e7028fd14afb42aae
92e3bca3ca1e9e013c6a192d139664dc2536ccd22600cc99e42632c8726854d8
95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4
9695a8916319f74956c93bfaa8ec9b47bb92c65db44cd2058c6ef412e81bebe5
9719f43ea6ec9dadb759ad3366f87b6530b21babe4701d1ff8287866d9ba95c7
9742ad08db82dedf33acd2fe9bea9390d6197e672ccc2a6d3f40d87ed964824c
974b5e57829ebe7517f2d8e644944e6a0c9a6a41caac0b4757af046796fca1a5
97aeeb355690f18f4f8ab092bf45df8e3270ce82231bde26d44c08670273896f
98089a1caaeab7cde0df23540e16fb5e3fe46c07819c23fb63c0854a64381260
9a0c928280cd64d6142a774255558cce48908f6b1ff7ddd6cd856ab5ee5453c9
9a1b10dacb76fa5da43b5c27b466898ba8819e463107544540ecce30737fa68d
9a6a403a35e94f2a7689050dbfed4e75fecf7a2941da8dd9cacf74f24264252a
9e4721b32776ef17b081967b6bd9ddd94ffe55255bffb09c72bc7d6fb995d651
9e7d5733ae9b2da0e411aa9711cb74fe7ea4791275e00fe1a75eea70c47b82b1
9e8fc4c8e13a101ff6dc68c7e9e595e8315aa37cde1fb9d5d515a8fd1247d03f
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9fef10f19ecd21e2bd95af1dd2dd525fc8f1fcbca16328dba520672d7f0f3ec3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3edd55939fb0c18a9d51db07f652e6d5508c90d2d0a862a2091ae2c62759e29
a4353df0d45673ae0685be75ad1345ad25b4786d92775932761d45bd21175e47
a47576973ea493cec903b80575fe79a4e108dcecac72dbff08ddce06e09a833c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d3bc308e21c549703742e61546501ded1f57e3de7ef8a23314bc2d2cfc5f2f
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a71dbe9204573bf9cc60a9ccc52e007afd06efbed70525b8550b2df599248bf4
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a848badec3e5321bd9458ac63ab62d424d76742f532e338afef91d5f0297a4b0
a859cf8b40f088b325f2ac3b1b86574d3461eab092b1256b98db87e348a8b2a5
a9430b19d1678da7e43f00da23ba8a528facb0fd87cdc37696c1244343d92b28
a983bd0c3fd8abb928ec9381f5737963732572d4b2df0e04beed7285d0c45b10
a9f282cc3f6609997b455eb886a43d098b81c9cf0478e284f3fdf1df0f584931
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaed9e48c2425016dab5bf1d7220b2553620bbd1beb6f8f662e1606901518652
aca4f78f6565cf5c888ff9101625789895680f616dd9c2daf62f8396c54a5152
ad06ecbf1abdfe2b431660fddaa5bd00d25e61dd4bbac2e002a5fc361dec2e57
ad29f2f1dd0f3e65be64c8c50673b20671760d7251811b8362da31193aba7625
ad565e2f8e21ff4525bdccc71754b1b648bb8cc8af075e7e6c39a1091a045cb6
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae623015ac4b4ab3c8bdae58951d7f70548eeec733e896962b1466ab0fcb92c8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe65eda5dc748c910b2e6a3d369fd145dc8e7d0595a694010167d2fb8cfb4a
b2d2be9c15115e6926f572ab0cdc4728a0fa5902b7769cfefedc3a6ae7d8ba4e
b310c77b39c89cc43370834398da4f10f99498ab9291290aca73782e4db2d856
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4
b5012a41584b9d2f7a4e842240d4678af6f7f92f3661ef06dcacd35ab674f38b
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf
b725577f3fb370ba9dfe56ea0ccbce05adc5dd89f46edd8c7725876bab2b4bce
b7ba116e26726a9e294d974c8f9e8b8e8a795ca792a4ec7e5e40f133f727ae09
b9260c76ec8c9e6f02d5e42efbd15b105b80325e9254fe8e6f728fc620069db5
ba273b85e8fe0043c3dad252bf5f782e67e1f2b43c8339f6393e4020cb4b7123
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd8d7438348ffab730a6d097b976bff79a6531a88a8f2adb261c6a016737d97b
bdfc8159c46abb3d63a9c2599eaf2176c4ef0170902940629700d957cc25e2cc
be7a22cea78af05f06b9b9533e397f23a0853c15d74591df9c53a88171bfabab
bf0ea5dd058376e251516ad20850f31ce6b7dbf97d1eecfac964fb485ef2278f
bf781a882f3348667f8fe59cc360e3860f30d0a601499936251c416dcbbef1bc
bfb12cb73b76780859e79f58371b0d3d4a7c9c353c0436441d10654a9487c325
c025074bddc666be823515d4a8b2c506dc7141583475bda961294bad93e61188
c08cce165711c7d45255dee5fa18185b0ac36b0a19ba14629f9e67c192a2fe3a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ed0313cd813b049be4a3d06ccb03f34662b3842b4840a4ee37afc1f6c466c
c319e78dbad0308e0d0fa9a68c684df9100b7831b8ac456f05a7a31d75a3addc
c36ae13b9fc95a7e72fe046d52c2da404de109f222f50a1bdf6c350987e932c7
c36e119978f2d615ab449c7d16381c76f7236738d1a091408ec3e4f87617dada
c37ae6ed07f0d7aea49f75279b9886e17da1b5b47beb7a8fbeb9ce1eb91cb18b
c3ce68e93681c6d2b8f00bd22f56eb7e42390dcc263d289fdafa470b5ba233e2
c4d10214d66669b2cc88ea8affa688376b10bce29d513a0401f4e44b3b187710
c541888c9497913d5428327a0bc0886290a263284bb7e11d1bcee7733be15304
c6029aeb04639f2f1c95b229ab7b15bb97d5e3d02d1a25cb9b9a33ce335a79bb
c7b991a8f301f69e048536edd37635eb8ce3dd3f83fb898de7df764a89f508a7
c9d8c7dcab8308ee345a4cfbe7d52daa42865bf345de17bdb8e89b6450cbaddb
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca2e313c4d7f075f05e0175473fd193d50b280a0e45677d9e431782a6588a8f5
ca6329d951be61f37f8e1267de5845600a9640d9a354e018caa32222408e6333
ca95c80d3181860227c4f317654979c64c2ef2e6633bdeeccbf69b2d9719b527
cbea20f6c29eb8fc4a556a29fb722adb7f8bda7afe7dc039f1a9e7b2382e1b43
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cce58d4c04c5bc1c3c6cf3687222a843bc8f65c7425d10cb3ade72a7912e49c8
cd456e897b78da5e11de8896786c7224774c71b21f46d04bc65ee6f32b040958
cdd5480bca11fbd8f4c91da7255015d055a4c66b33c264944ec3b1cc7884a506
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b10a9241e4c086107bfe4ba089a20f6ebb4752539dde021c32207c6f142e84
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d30d5a15f01d0bf1d2eceda161aad30112be19ba8e5fbd1f1b65b15e32542b47
d341b5440a49bc56d6cf5539553b52c40348fc0a6604080d5d542f8ecdfcc020
d3cec98d819d9286f106a4fc3079874ee7c7f2908a5de51d9722e8a528af05f7
d55fbdab3fe95121adf9d97bc21664eed34c7e18630466c2fe980134fcaa6aee
d569b3809a5bb3ea042e90e5e15403ee2208fcf17063f83009610ede46f6396e
d754119bbec82eb1b4a74b38d4e73071fdbaddbaa887121839b92f7d3d636b2f
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
dba05ea6b33731e31b92093b3834a81ee17c9451af684b07f362706a714d086c
dbdc1ca1234084664d9c637a4db4faa0477468b728b41fa1fd21e83d4d1606a5
dbf0b31a8fc3efe0a793c47bc87155a4e9ecfa30ba888037c7a52406ec0a4555
dca99a88ee38089f3e3c181d0d93a980c03bbca7f0d5e6b1784d7ccefba29de8
dcceb506e62c750ec2bcd05e867bfb452f95f8b6bdbbcf2def1a852316070e5d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dda679b7fe3fbed551af0d855998345904103614ce2f2d092ecc9651307d5b0a
ddd1f79e84456dddc8cfb150f3fd8a1517d225e60c4466c9cba261f082ba5c94
de9e3bc61dca03d2d599fb9fab709332895f885d7bc16adb63995364a215d163
e020f5f10dcef4391d10711c2ec50cb88283d02d0ba5c9c5626854ba9367e7e0
e0d6303562cdf510524eecf2e39431c0e15800ab6ef20b116ee974b2606baf96
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e17b9620cde808b7964c624833347c92fe4b7d7f0a190b404eacecd2ea74996f
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e31abfba9498eb99c83e4d738058db4f316f1a3ef6d33e8dbb2cd5cf077096cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ebbd72dc5a64020eebe20eb1e0cdb6942e65cc16c508dbb093ad24642253b3
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e5235b9bab8f3e03517428422f94e0cfc8f356ce0089cfc60a0a7032af1825c2
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
ea42d4bfc86d8174b8d820351d394cb25e53471cce42e6723435a8604575e348
ecce53a5cb5d1e6096c2a947036eaf2783eafa94bebe62101d43873c50a5091f
ed4ef2139cd317225ee317868a334ddb6218915eeb808fa9d8017ab6e9dbabdc
edbb94901d3cec29434d8f6437a16a07a545c54c27cbb2e90a4f8c9dfff946db
ee225ac83d083a3c2b7112c8ef5dab7a91d61be8b14a13fad85519af2c510b55
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01892dc1842a40a7451343fe3b46c61a74e661dfb6404ceac6d7453bd8116ac
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f24bc9a7913cba8b040d66bcb781f82dcf4441ebbfde2a02ff2dd2e4694dc76d
f2e171aab5b7ab6e474654c08c82633a31754458bfaf1179d9c849fbc8c53ca8
f2fc95534dd01bed2f9f6e50f804809a996b4a2da23d253bcdf0a812f50afbf3
f38f76a5fccb4b20dbbbf15bc1e35ae75c1e7cb4600376e15111154635b20ad6
f4f68890a22c361757cc71dc5e24f15977d7552df62a5a9fbe7602de399ac16c
f5a1b91c192e5ed238507efddf3221800532b0ed1cca24b7fcd0e05cb458563a
f5ff7b1a96a0963d7b754722c07b01f20e15ac89b84bdc7cd7d30a1a700f071c
f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615
f7958ab4918a785ca6e0166881769fa4758850b2d753e91b11e941791b3afed0
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f92ab0cdaf056935d8f01176f142f6900f43291805ffa9dff8476ea71f9d66ea
f974e8d6e570fde2dd07cee4041a1b83dc62b583b47a817c2caa29ada0f1c7e5
f982a2a3b8c8bacfdbcb5c846735f41946cf64408264d9f22cb7914ae51aa1a7
fa745905743145fa9d894e05f9054deaa5c092d8d339bcc1f91dc5f729935438
fad4494b6752b2c24e0d25b2234ffe7901e317c425e5e50ab6e90002292e2518
faf26da8f02338afdb69220c7abfe43a28d02680cdca0d7c50a7d08d4a309572
fca8259d70551600ba57772469fd3b5fa6340f935b1941eeea3a77c4aaa55f7e
fcbcb21e1a60ef25b4cabb68547bab840d50ef0ffcf6b8680d1a90081648737f
fced8fc26b36b1d49051abc3c84c24cee40ddf32978e9777e6bc90f29803872c
fd65871333f32a3f54174f62fb06282f9dcad18926ad1aaf575f8962f17bc7d8