vnexpress.net Open in urlscan Pro
111.65.250.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vnexpress.net/
Effective URL:
https://vnexpress.net/
Submission: On June 04 via manual (June 4th 2021, 2:01:33 am UTC) from US

Summary HTTP 961 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 131 IPs in 18 countries across 108 domains to perform 961 HTTP transactions. The main IP is 111.65.250.2, located in Viet Nam and belongs to FPTONLINE-AS-VN FPT Online JSC, VN. The main domain is vnexpress.net.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on January 21st 2021. Valid for: a year.

This is the only time vnexpress.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	111.65.250.2 111.65.250.2	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	111.65.249.130 111.65.249.130	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
20	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
31	111.65.251.2 111.65.251.2	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	180.148.129.21 180.148.129.21	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
4	2a00:1450:400... 2a00:1450:4001:803::2010	15169 (GOOGLE) (GOOGLE)
8	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
10	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	1.55.119.34 1.55.119.34	18403 (FPT-AS-AP...) (FPT-AS-AP The Corporation for Financing & Promoting Technology)
5	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	54.235.175.90 54.235.175.90	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2.16.186.105 2.16.186.105	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
5	111.65.249.227 111.65.249.227	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1	180.148.141.233 180.148.141.233	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1	180.148.132.197 180.148.132.197	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1	2600:1901:0:9... 2600:1901:0:98f7::	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:1... 2600:1901:0:14e5::	15169 (GOOGLE) (GOOGLE)
62	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 7	2606:4700:20:... 2606:4700:20::681a:b19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2606:4700:e6:... 2606:4700:e6::ac40:c219	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 57	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	111.65.249.131 111.65.249.131	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1	180.148.132.75 180.148.132.75	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
3	111.65.248.197 111.65.248.197	45894 (FPTONLINE...) (FPTONLINE-AS-VN FPT Online JSC)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3030::ac43:a1fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
6	2a02:26f0:6c0... 2a02:26f0:6c00:2ab::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
60	52.70.33.53 52.70.33.53	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	35.171.145.49 35.171.145.49	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	125.212.217.46 125.212.217.46	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
2 2	18.156.99.44 18.156.99.44	16509 (AMAZON-02) (AMAZON-02)
3	35.170.116.13 35.170.116.13	14618 (AMAZON-AES) (AMAZON-AES)
3 6	52.28.254.214 52.28.254.214	16509 (AMAZON-02) (AMAZON-02)
1	150.136.156.92 150.136.156.92	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
5	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
9	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
10	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.58.174.102 13.58.174.102	16509 (AMAZON-02) (AMAZON-02)
3 8	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
1 38	52.29.183.32 52.29.183.32	16509 (AMAZON-02) (AMAZON-02)
48	18.185.190.87 18.185.190.87	16509 (AMAZON-02) (AMAZON-02)
36	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
2 21	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
7 7	185.29.133.58 185.29.133.58	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
12 53	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4 10	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
7 10	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
5 5	52.58.102.227 52.58.102.227	16509 (AMAZON-02) (AMAZON-02)
5	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
76	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1 6	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
3	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
5 8	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
5 6	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
2 2	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 3	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 3	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
2	2606:4700:10:... 2606:4700:10::6816:36ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700:303... 2606:4700:3033::ac43:dcda	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1 1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
6	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
5	5.178.65.253 5.178.65.253	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	2606:4700::68... 2606:4700::6810:cf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	34.193.191.157 34.193.191.157	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 3	168.119.146.39 168.119.146.39	24940 (HETZNER-AS) (HETZNER-AS)
2 2	88.214.206.142 88.214.206.142	46636 (NATCOWEB) (NATCOWEB)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	213.155.156.168 213.155.156.168	1299 (TELIANET ...) (TELIANET Telia Carrier)
7	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 18	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	52.49.183.138 52.49.183.138	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.113 185.86.139.113	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	162.55.6.212 162.55.6.212	24940 (HETZNER-AS) (HETZNER-AS)
1 1	94.23.73.243 94.23.73.243	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	72.251.241.204 72.251.241.204	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 3	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
4	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
1 19	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
1 1	51.75.146.159 51.75.146.159	16276 (OVH) (OVH)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
1 1	34.251.173.19 34.251.173.19	16509 (AMAZON-02) (AMAZON-02)
5 15	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 6	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	2607:ae80:5::49 2607:ae80:5::49	26558 (FREEWHEEL) (FREEWHEEL)
2 2	2a05:d018:24:... 2a05:d018:24:b002:28a5:2c7e:9fea:57ab	16509 (AMAZON-02) (AMAZON-02)
2 3	54.170.210.188 54.170.210.188	16509 (AMAZON-02) (AMAZON-02)
1 3	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1 1	151.1.205.165 151.1.205.165	3242 (ASN-ITNET) (ASN-ITNET)
2 2	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
1	89.163.159.109 89.163.159.109	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	54.194.226.253 54.194.226.253	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	18.132.239.61 18.132.239.61	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	34.252.41.130 34.252.41.130	16509 (AMAZON-02) (AMAZON-02)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	3.210.3.115 3.210.3.115	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.95.123.41 52.95.123.41	16509 (AMAZON-02) (AMAZON-02)
1	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.249.223.226 34.249.223.226	16509 (AMAZON-02) (AMAZON-02)
1	52.222.158.126 52.222.158.126	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700:20:... 2606:4700:20::ac43:47f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
4 4	52.57.110.162 52.57.110.162	16509 (AMAZON-02) (AMAZON-02)
1 1	52.44.53.247 52.44.53.247	14618 (AMAZON-AES) (AMAZON-AES)
2 2	38.27.122.158 38.27.122.158	174 (COGENT-174) (COGENT-174)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.190.87 185.64.190.87	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1 1	34.196.50.33 34.196.50.33	14618 (AMAZON-AES) (AMAZON-AES)
1	51.158.28.83 51.158.28.83	12876 (Online SAS) (Online SAS)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	67.202.110.23 67.202.110.23	32748 (STEADFAST) (STEADFAST)
1 2	54.239.17.112 54.239.17.112	16509 (AMAZON-02) (AMAZON-02)
1	35.241.40.233 35.241.40.233	15169 (GOOGLE) (GOOGLE)
1 2	54.204.142.198 54.204.142.198	14618 (AMAZON-AES) (AMAZON-AES)
1	52.48.131.173 52.48.131.173	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
5	18.185.190.161 18.185.190.161	16509 (AMAZON-02) (AMAZON-02)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.29.32.79 52.29.32.79	16509 (AMAZON-02) (AMAZON-02)
961	131

8 111.65.250.2 (Viet Nam) 1 redirects

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 111.65.249.130 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

s.eclick.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 111.65.251.2 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
PTR: mx1.gatemail.vn

s1.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.148.129.21 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

logperf.vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

vcdn1-suckhoe.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s1cdn.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scdn.eclick.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vcdn1-thethao.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

vcdn1-vnexpress.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vcdn1-kinhdoanh.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vcdn1-giaitri.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vcdn1-giadinh.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 1.55.119.34 (Ho Chi Minh City, Viet Nam)

ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN)

octopus-stream01-cads.fpt.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.235.175.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-175-90.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.105 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-105.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 111.65.249.227 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

adp.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.eclick.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.148.141.233 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

la.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.148.132.197 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

la2.vnecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:98f7:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.hbplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:14e5:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.fuseplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:b19 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rtb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-ads.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:e6::ac40:c219 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
user-sync.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 185.33.221.90 (Amsterdam, Netherlands) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.65.249.131 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

static.eclick.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.148.132.75 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

gw.vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 111.65.248.197 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)

usi-saas.vnexpress.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
be9aa53dc887d61241faa8d2b9b10cec.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::ac43:a1fd (United States)

ASN13335 (CLOUDFLARENET, US)

solution.urekamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bd.urekamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 52.70.33.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-33-53.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.171.145.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-145-49.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6a5f99c19352bb293dfbeba2e59e3d28.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 125.212.217.46 (Ho Chi Minh City, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)

dmp.urekamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.99.44 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.170.116.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-116-13.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.28.254.214 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.156.92 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.58.174.102 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-174-102.us-east-2.compute.amazonaws.com

rtb.gamoshi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.221.14 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 52.29.183.32 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 18.185.190.87 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 37.157.6.253 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.29.133.58 (United Kingdom) 7 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.236 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 142.250.181.226 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.248.242.197 (United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.58.102.227 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

76 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.126.56.137 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.14.49 (Frankfurt am Main, Germany) 5 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:dcda (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dmp.rtbsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.249.52.249 (Netherlands) 2 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 5.178.65.246 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

u-ams02.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 5.178.65.253 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)

s.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.193.191.157 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2040 (United States)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 168.119.146.39 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.214.206.142 (United Kingdom) 2 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.49.183.138 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-183-138.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.6.212 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.73.243 (Lisbon, Portugal) 1 redirects

ASN16276 (OVH, FR)

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.137.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.80.231 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ns574734.ip-51-222-80.net

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.253.128.188 (Amsterdam, Netherlands) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.146.159 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: de05.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.173.19 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2.18.234.21 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.248.159 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:5::49 (United States)

ASN26558 (FREEWHEEL, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b002:28a5:2c7e:9fea:57ab (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.170.210.188 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-210-188.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.198.69.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.1.205.165 (Bellagio, Italy) 1 redirects

ASN3242 (ASN-ITNET, IT)

bn01.er.bemail.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.81.244 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.163.159.109 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.226.253 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.239.61 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.41.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-41-130.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.3.115 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.123.41 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.223.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-223-226.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.158.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-126.cdg52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::ac43:47f1 (United States)

ASN13335 (CLOUDFLARENET, US)

sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.110.162 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-110-162.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.53.247 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.27.122.158 (Chestertown, United States) 2 redirects

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Hjørring, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.50.33 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.28.83 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-83.rev.poneytelecom.eu

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.23 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-110.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.239.17.112 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.204.142.198 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-142-198.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.131.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-131-173.eu-west-1.compute.amazonaws.com

acds.prod.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

cdn-ssl.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.185.190.161 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

trk.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.32.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-32-79.eu-central-1.compute.amazonaws.com

ads-eu.v.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	googlesyndication.com pagead2.googlesyndication.com 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com tpc.googlesyndication.com be9aa53dc887d61241faa8d2b9b10cec.safeframe.googlesyndication.com 6a5f99c19352bb293dfbeba2e59e3d28.safeframe.googlesyndication.com	586 KB
84	googleapis.com storage.googleapis.com ajax.googleapis.com fonts.googleapis.com imasdk.googleapis.com	11 MB
77	doubleclick.net securepubads.g.doubleclick.net Failed stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net	469 KB
72	aniview.com player.aniview.com track1.aniview.com go1.aniview.com sync.aniview.com	403 KB
68	adnxs.com 10 redirects ib.adnxs.com secure.adnxs.com acdn.adnxs.com	124 KB
67	rubiconproject.com 7 redirects prebid-server.rubiconproject.com pixel-eu.rubiconproject.com pixel.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com secure-assets.rubiconproject.com	57 KB
54	vnecdn.net s1.vnecdn.net Failed vcdn1-suckhoe.vnecdn.net vcdn1-vnexpress.vnecdn.net s1cdn.vnecdn.net adp.vnecdn.net la.vnecdn.net la2.vnecdn.net vcdn1-thethao.vnecdn.net vcdn1-kinhdoanh.vnecdn.net vcdn1-giaitri.vnecdn.net vcdn1-giadinh.vnecdn.net	1 MB
48	google.com www.google.com analytics.google.com adservice.google.com	6 KB
46	pubmatic.com 1 redirects hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com aud.pubmatic.com simage4.pubmatic.com	118 KB
44	advertising.com 4 redirects pixel.advertising.com ads.adaptv.advertising.com	11 KB
38	2mdn.net s0.2mdn.net	623 KB
38	spotxchange.com 1 redirects sync.search.spotxchange.com search.spotxchange.com	37 KB
24	adform.net 4 redirects adx.adform.net dmp.adform.net c1.adform.net	11 KB
19	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	6 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com	358 KB
17	e-planning.net 2 redirects ads.us.e-planning.net u-ams02.e-planning.net s.e-planning.net sync.e-planning.net	19 KB
15	casalemedia.com 5 redirects ssum.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	18 KB
14	yahoo.com 7 redirects ups.analytics.yahoo.com ads.yahoo.com pr-bh.ybp.yahoo.com cms.analytics.yahoo.com ads-eu.v.ssp.yahoo.com	9 KB
13	vnexpress.net 1 redirects vnexpress.net logperf.vnexpress.net Failed gw.vnexpress.net usi-saas.vnexpress.net	155 KB
10	adsrvr.org 7 redirects match.adsrvr.org	4 KB
10	googletagservices.com www.googletagservices.com	309 KB
9	quantumdex.io sync.quantumdex.io	4 KB
9	onetag-sys.com onetag-sys.com	5 KB
8	vidible.tv acds.prod.vidible.tv cdn-ssl.vidible.tv trk.vidible.tv	111 KB
8	mathtag.com 8 redirects sync.mathtag.com pixel.mathtag.com	4 KB
8	openx.net ureka-d.openx.net Failed u.openx.net eu-u.openx.net us-u.openx.net rtb.openx.net	2 KB
8	eclick.vn s.eclick.vn Failed scdn.eclick.vn g.eclick.vn static.eclick.vn	151 KB
7	adxpremium.services rtb.adxpremium.services user-sync.adxpremium.services	8 KB
7	adpone.com 1 redirects rtb.adpone.com eu-ads.adpone.com ads.adpone.com	5 KB
6	tapad.com 4 redirects pixel.tapad.com	2 KB
6	everesttech.net 5 redirects sync-tm.everesttech.net	2 KB
6	google.de www.google.de adservice.google.de	790 B
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	sonobi.com sync.go.sonobi.com	2 KB
5	ampproject.org cdn.ampproject.org	101 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
4	w55c.net 4 redirects pm.w55c.net	3 KB
4	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com s.amazon-adsystem.com	2 KB
4	bidr.io 4 redirects match.prod.bidr.io	2 KB
4	adtelligent.com 1 redirects s.adtelligent.com sync.adtelligent.com	2 KB
4	urekamedia.com solution.urekamedia.com bd.urekamedia.com dmp.urekamedia.com	30 KB
4	google-analytics.com www.google-analytics.com Failed	57 KB
4	googletagmanager.com www.googletagmanager.com Failed	182 KB
3	krxd.net 1 redirects beacon.krxd.net usermatch.krxd.net	932 B
3	crwdcntrl.net 2 redirects bcp.crwdcntrl.net tags.crwdcntrl.net	13 KB
3	exelator.com 1 redirects loadeu.exelator.com loadm.exelator.com	2 KB
3	demdex.net 2 redirects dpm.demdex.net	2 KB
3	simpli.fi 2 redirects um.simpli.fi	2 KB
3	taboola.com 1 redirects trc.taboola.com match.taboola.com	612 B
3	richaudience.com 1 redirects sync.richaudience.com	741 B
3	audrte.com 1 redirects a.audrte.com	4 KB
2	moatads.com z.moatads.com px.moatads.com	44 KB
2	eqads.com 1 redirects um2.eqads.com	563 B
2	betweendigital.com 2 redirects ads.betweendigital.com	925 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	1 KB
2	bnmla.com 2 redirects match.bnmla.com	1 KB
2	weborama.fr 2 redirects idsync.frontend.weborama.fr	844 B
2	tidaltv.com 2 redirects sync.tidaltv.com	791 B
2	turn.com 2 redirects ad.turn.com	943 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	adgrx.com cm.adgrx.com	816 B
2	adition.com 2 redirects dsp.adfarm1.adition.com	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	admanmedia.com 2 redirects cs.admanmedia.com	829 B
2	dotomi.com prebid-match.dotomi.com pubmatic-match.dotomi.com	207 B
2	sitescout.com 2 redirects pixel.sitescout.com pixel-sync.sitescout.com	625 B
2	rtbsrv.com 2 redirects dmp.rtbsrv.com	1 KB
2	connectad.io cdn.connectad.io sync-eu.connectad.io	979 B
2	quantserve.com 2 redirects pixel.quantserve.com	939 B
2	360yield.com 2 redirects ad.360yield.com	721 B
2	criteo.net static.criteo.net	53 KB
2	criteo.com bidder.criteo.com dis.criteo.com	490 B
2	yandex.ru 1 redirects mc.yandex.ru	69 KB
1	brand-display.com dmp.brand-display.com	253 B
1	33across.com ssc-cms.33across.com
1	cookieless-data.com js.cookieless-data.com	367 B
1	ipredictive.com 1 redirects sync.ipredictive.com	522 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	648 B
1	deepintent.com match.deepintent.com	44 B
1	imrworldwide.com obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	38 B
1	bluekai.com tags.bluekai.com	425 B
1	mookie1.com odr.mookie1.com	324 B
1	agkn.com 1 redirects aa.agkn.com	379 B
1	theadex.com dmp.theadex.com	378 B
1	bemail.it 1 redirects bn01.er.bemail.it	659 B
1	fwmrm.net dmp.v.fwmrm.net	361 B
1	gumgum.com 1 redirects rtb.gumgum.com	336 B
1	playground.xyz 1 redirects ads.playground.xyz	488 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu	516 B
1	onaudience.com 1 redirects pixel.onaudience.com	398 B
1	contextweb.com 1 redirects bh.contextweb.com	462 B
1	ad4m.at ad4m.at	1009 B
1	erne.co 1 redirects green.erne.co	325 B
1	loopme.me 1 redirects csync.loopme.me	211 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	navdmp.com tag.navdmp.com	4 KB
1	gamoshi.io rtb.gamoshi.io	321 B
1	technoratimedia.com sync.technoratimedia.com
1	creativecdn.com prebid-asia.creativecdn.com	175 B
1	fuseplatform.net cdn.fuseplatform.net	78 KB
1	hbplatform.com cdn.hbplatform.com	16 KB
1	sascdn.com ced.sascdn.com	12 KB
1	ipify.org api.ipify.org	230 B
1	fpt.vn octopus-stream01-cads.fpt.vn
0	unrulymedia.com Failed tag.targeting.unrulymedia.com Failed
0	1rx.io Failed sync.1rx.io Failed tag.1rx.io Failed
961	108

	Domain	Requested by
76	imasdk.googleapis.com	player.aniview.com imasdk.googleapis.com
62	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.gstatic.com 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com tpc.googlesyndication.com vnexpress.net www.googletagservices.com srcdoc
60	track1.aniview.com	vnexpress.net player.aniview.com
57	ib.adnxs.com	7 redirects s.eclick.vn player.aniview.com acdn.adnxs.com spl.zeotap.com
48	prebid-server.rubiconproject.com	player.aniview.com
41	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
38	pubads.g.doubleclick.net	imasdk.googleapis.com
38	s0.2mdn.net	imasdk.googleapis.com
38	ads.adaptv.advertising.com	1 redirects player.aniview.com
36	search.spotxchange.com	player.aniview.com
31	s1.vnecdn.net	vnexpress.net s1.vnecdn.net
20	securepubads.g.doubleclick.net	vnexpress.net www.googletagservices.com securepubads.g.doubleclick.net 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com bd.urekamedia.com
18	simage2.pubmatic.com	1 redirects ads.pubmatic.com
18	adx.adform.net	player.aniview.com
17	tpc.googlesyndication.com	vnexpress.net 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com cdn.ampproject.org securepubads.g.doubleclick.net tpc.googlesyndication.com
15	mwzeom.zeotap.com	1 redirects spl.zeotap.com ads.us.e-planning.net ads.pubmatic.com
15	cm.g.doubleclick.net	12 redirects u.openx.net vnexpress.net
10	dsum-sec.casalemedia.com	3 redirects ssum-sec.casalemedia.com ssum.casalemedia.com um2.eqads.com
10	match.adsrvr.org	7 redirects u.openx.net vnexpress.net ssum-sec.casalemedia.com
10	ads.pubmatic.com	player.aniview.com ads.pubmatic.com s.eclick.vn user-sync.adxpremium.services ads.us.e-planning.net
10	www.googletagservices.com	vnexpress.net securepubads.g.doubleclick.net 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
9	sync.quantumdex.io	ads.us.e-planning.net sync.quantumdex.io onetag-sys.com ssum-sec.casalemedia.com
9	onetag-sys.com	player.aniview.com onetag-sys.com sync.quantumdex.io
8	ups.analytics.yahoo.com	5 redirects vnexpress.net ssum.casalemedia.com
8	secure.adnxs.com	3 redirects player.aniview.com ssum-sec.casalemedia.com
8	vnexpress.net	1 redirects vnexpress.net s1.vnecdn.net
7	image2.pubmatic.com	ads.pubmatic.com
7	sync.mathtag.com	7 redirects
6	pixel.tapad.com	4 redirects ads.us.e-planning.net ads.pubmatic.com
6	u-ams02.e-planning.net	ads.us.e-planning.net ads.pubmatic.com ssum.casalemedia.com
6	sync-tm.everesttech.net	5 redirects vnexpress.net
6	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com ads.us.e-planning.net
6	pixel.rubiconproject.com	onetag-sys.com vnexpress.net
6	pixel.advertising.com	3 redirects player.aniview.com onetag-sys.com
6	player.aniview.com	solution.urekamedia.com player.aniview.com
5	trk.vidible.tv	vnexpress.net
5	s.e-planning.net	ads.us.e-planning.net
5	image6.pubmatic.com	ads.pubmatic.com spl.zeotap.com
5	x.bidswitch.net	5 redirects
5	sync.go.sonobi.com	player.aniview.com ads.us.e-planning.net sync.quantumdex.io
5	encrypted-tbn2.gstatic.com	8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
5	www.gstatic.com	8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	rtb.adxpremium.services	s.eclick.vn s.adtelligent.com vnexpress.net ads.us.e-planning.net ads.pubmatic.com
5	rtb.adpone.com	s.eclick.vn
5	mc.yandex.com	2 redirects vnexpress.net
5	www.google.com	vnexpress.net 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com tpc.googlesyndication.com
5	vcdn1-vnexpress.vnecdn.net	vnexpress.net
5	s.eclick.vn	vnexpress.net s1cdn.vnecdn.net
4	pm.w55c.net	4 redirects
4	spl.zeotap.com	ads.pubmatic.com ads.us.e-planning.net spl.zeotap.com
4	match.prod.bidr.io	4 redirects
4	token.rubiconproject.com	4 redirects
4	fonts.gstatic.com	fonts.googleapis.com
4	adp.vnecdn.net	s1cdn.vnecdn.net s.eclick.vn
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	storage.googleapis.com	vnexpress.net storage.googleapis.com
4	www.google-analytics.com	vnexpress.net www.google-analytics.com
4	www.googletagmanager.com	vnexpress.net www.googletagmanager.com
3	ssum-sec.casalemedia.com	1 redirects sync.quantumdex.io ssum-sec.casalemedia.com
3	dpm.demdex.net	2 redirects ssum-sec.casalemedia.com
3	um.simpli.fi	2 redirects ads.pubmatic.com
3	sync.e-planning.net	ads.us.e-planning.net eus.rubiconproject.com sync.quantumdex.io
3	sync.richaudience.com	1 redirects ads.us.e-planning.net spl.zeotap.com
3	a.audrte.com	1 redirects ads.us.e-planning.net ads.pubmatic.com
3	ads.us.e-planning.net	2 redirects user-sync.adxpremium.services
3	sync.adtelligent.com	1 redirects s.adtelligent.com
3	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com ssum.casalemedia.com
3	c1.adform.net	2 redirects ads.pubmatic.com
3	acdn.adnxs.com	s.eclick.vn player.aniview.com
3	dmp.adform.net	2 redirects spl.zeotap.com
3	sync.aniview.com	player.aniview.com onetag-sys.com
3	go1.aniview.com	player.aniview.com
3	encrypted-tbn0.gstatic.com	8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
3	8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	usi-saas.vnexpress.net	s1.vnecdn.net
3	vcdn1-kinhdoanh.vnecdn.net	vnexpress.net
3	www.google.de	vnexpress.net
3	vcdn1-suckhoe.vnecdn.net	vnexpress.net
2	cdn-ssl.vidible.tv	acds.prod.vidible.tv player.aniview.com
2	um2.eqads.com	1 redirects ssum.casalemedia.com
2	simage4.pubmatic.com	ads.pubmatic.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ads.betweendigital.com	2 redirects
2	loadm.exelator.com	1 redirects ads.pubmatic.com
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	visitor.fiftyt.com	2 redirects
2	match.bnmla.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.us.e-planning.net
2	beacon.krxd.net	spl.zeotap.com ads.us.e-planning.net
2	bcp.crwdcntrl.net	2 redirects
2	idsync.frontend.weborama.fr	2 redirects
2	sync.tidaltv.com	2 redirects
2	ssum.casalemedia.com	1 redirects ads.us.e-planning.net
2	ad.turn.com	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	trc.taboola.com	1 redirects spl.zeotap.com
2	cm.adgrx.com	ads.pubmatic.com ssum.casalemedia.com
2	dsp.adfarm1.adition.com	2 redirects
2	d5p.de17a.com	2 redirects
2	cs.admanmedia.com	2 redirects
2	dmp.rtbsrv.com	2 redirects
2	rtb.openx.net	2 redirects
2	us-u.openx.net	u.openx.net
2	pixel.quantserve.com	2 redirects
2	eu-u.openx.net	u.openx.net
2	user-sync.adxpremium.services	s.eclick.vn user-sync.adxpremium.services
2	u.openx.net	1 redirects s.eclick.vn
2	pixel-eu.rubiconproject.com	2 redirects
2	ad.360yield.com	2 redirects
2	encrypted-tbn3.gstatic.com	8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
2	solution.urekamedia.com	vnexpress.net
2	static.criteo.net	s.eclick.vn static.criteo.net
2	vcdn1-thethao.vnecdn.net	vnexpress.net
2	sync.search.spotxchange.com	1 redirects vnexpress.net
2	analytics.google.com	www.googletagmanager.com
2	mc.yandex.ru	1 redirects vnexpress.net
2	s1cdn.vnecdn.net	vnexpress.net s1.vnecdn.net
1	px.moatads.com	vnexpress.net
1	ads-eu.v.ssp.yahoo.com	vnexpress.net
1	z.moatads.com	cdn-ssl.vidible.tv
1	acds.prod.vidible.tv	player.aniview.com
1	dmp.brand-display.com	ssum-sec.casalemedia.com
1	ssc-cms.33across.com	sync.quantumdex.io
1	js.cookieless-data.com	s.e-planning.net
1	sync.ipredictive.com	1 redirects
1	aud.pubmatic.com	ads.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	match.deepintent.com	ads.pubmatic.com
1	tags.crwdcntrl.net	s.e-planning.net
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	spl.zeotap.com
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	pixel.mathtag.com	1 redirects
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	dmp.theadex.com	spl.zeotap.com
1	bn01.er.bemail.it	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	rtb.gumgum.com	1 redirects
1	ads.playground.xyz	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	match.adsby.bidtheatre.com	1 redirects
1	ws.rqtrk.eu	1 redirects
1	pixel.onaudience.com	1 redirects
1	match.taboola.com	ads.pubmatic.com
1	bh.contextweb.com	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	ad4m.at	ads.pubmatic.com
1	green.erne.co	1 redirects
1	csync.loopme.me	1 redirects
1	rtb-csync.smartadserver.com	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	secure-assets.rubiconproject.com	1 redirects
1	prebid-match.dotomi.com	ads.us.e-planning.net
1	tag.navdmp.com	ads.us.e-planning.net
1	pixel.sitescout.com	1 redirects
1	sync-eu.connectad.io	cdn.connectad.io
1	cdn.connectad.io	user-sync.adxpremium.services
1	s.adtelligent.com	user-sync.adxpremium.services
1	ads.yahoo.com	vnexpress.net
1	ads.adpone.com	s.eclick.vn
1	eu-ads.adpone.com	1 redirects
1	rtb.gamoshi.io	player.aniview.com
1	sync.technoratimedia.com	player.aniview.com
1	dmp.urekamedia.com	vnexpress.net
1	6a5f99c19352bb293dfbeba2e59e3d28.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	bd.urekamedia.com	player.aniview.com
1	vcdn1-giadinh.vnecdn.net	vnexpress.net
1	vcdn1-giaitri.vnecdn.net	vnexpress.net
1	be9aa53dc887d61241faa8d2b9b10cec.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	gw.vnexpress.net	s1.vnecdn.net
1	static.eclick.vn	vnexpress.net
1	bidder.criteo.com	s.eclick.vn
1	hbopenbid.pubmatic.com	s.eclick.vn
1	prebid-asia.creativecdn.com	s.eclick.vn
1	g.eclick.vn	scdn.eclick.vn
1	cdn.fuseplatform.net	cdn.hbplatform.com
1	scdn.eclick.vn	s.eclick.vn
1	cdn.hbplatform.com	vnexpress.net
1	la2.vnecdn.net	vnexpress.net
1	la.vnecdn.net	s1cdn.vnecdn.net
1	ced.sascdn.com	storage.googleapis.com
1	ajax.googleapis.com	storage.googleapis.com
1	api.ipify.org	storage.googleapis.com
1	octopus-stream01-cads.fpt.vn	vnexpress.net
1	logperf.vnexpress.net	vnexpress.net
0	tag.1rx.io Failed	player.aniview.com
0	tag.targeting.unrulymedia.com Failed	player.aniview.com
0	sync.1rx.io Failed	player.aniview.com ads.us.e-planning.net ads.pubmatic.com
0	ureka-d.openx.net Failed	s.eclick.vn
961	197

This site contains links to these domains. Also see Links.

Domain
e.vnexpress.net
video.vnexpress.net
startup.vnexpress.net
vhome.vnexpress.net
vm.vnexpress.net
vrace.vnexpress.net
diemthi.vnexpress.net
kidlab.vnexpress.net
raovat.vnexpress.net
shop.vnexpress.net
pay.vnexpress.net
vlight.vnexpress.net
eclick.vn
ai4vn.vnexpress.net
www.facebook.com
twitter.com
www.youtube.com
appgallery5.huawei.com
click.google-analytics.com
play.google.com
itunes.apple.com

Subject Issuer	Validity	Valid
*.vnexpress.net GlobalSign GCC R3 DV TLS CA 2020	`2021-01-21` - `2022-02-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.eclick.vn GlobalSign GCC R3 DV TLS CA 2020	`2021-01-21` - `2022-02-22`	a year	crt.sh
*.vnecdn.net Sectigo RSA Domain Validation Secure Server CA	`2019-12-09` - `2022-03-08`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.fpt.vn DigiCert TLS RSA SHA256 2020 CA1	`2021-04-14` - `2022-05-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.sascdn.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
*.cdn.fuseplatform.net R3	`2021-05-30` - `2021-08-28`	3 months	crt.sh
cdn.fuseplatform.net GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-11` - `2021-07-11`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
dmp.urekamedia.com R3	`2021-05-08` - `2021-08-06`	3 months	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
rtb.gamoshi.io R3	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-27` - `2021-07-14`	2 months	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-04-07` - `2021-07-06`	3 months	crt.sh
sync.adtelligent.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
ads.us.e-planning.net R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
*.e-planning.net R3	`2021-03-26` - `2021-06-24`	3 months	crt.sh
*.audrte.com Amazon	`2021-01-26` - `2022-02-24`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-17` - `2022-03-16`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-12-18`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.theadex.com GeoTrust RSA CA 2018	`2019-10-11` - `2021-10-10`	2 years	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-20`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.redinuid.imrworldwide.com Amazon	`2020-05-27` - `2021-06-27`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
js.cookieless-data.com R3	`2021-05-15` - `2021-08-13`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.brand-display.com GeoTrust RSA CA 2018	`2020-06-24` - `2022-06-24`	2 years	crt.sh
um3.eqads.com Amazon	`2020-07-24` - `2021-08-24`	a year	crt.sh
acds.prod.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-01-26` - `2021-07-20`	6 months	crt.sh
cdn-ycs.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-05-17` - `2021-11-10`	6 months	crt.sh
trk.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-02-09` - `2021-08-03`	6 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh

This page contains 192 frames:

Primary Page: https://vnexpress.net/
Frame ID: C2BD8F50F65D7545FCF0B9A99E0B8F06
Requests: 416 HTTP requests in this frame

Frame: https://g.eclick.vn/delivery/eclookup.html?fosp_aid=d4m74kwhd97ui1st.1622772057.des&orig_aid=d4m74kwhd97ui1st.1622772057.des&myvne_user_id=0
Frame ID: 93947AE36B132D67AA562CA4BBA3D91E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKLJYFeENrKWwPCMMTbe_FHd-UyY78CiYoYWdgXYrAucWQ7JILGQO2U7elC2kT96OIIzxdV3xbrzfRBXs5EPsyCIvaPbiI-He8LVpMom-vdCcUvn4uVuPz4c493B5zvgHsXzuxAOSQsZz-xLuBNFN_c_-d4zUUIaxLXkzstKNQ8NsiAPE32nwoYNe_Gw0E7jLGs9o9jFHO4GFuNo50wF3MF25E2IacBVEYnK8OkjewJjzxEyOE185cIYuZkB95p0BRBvQqW0V9ENQPCU8Ecx2onLmahyE5uwx0rpV62FAQLRNzTHMlozG9dkBCXFLwp6mH7Sq5U-t2GQ&sai=AMfl-YS6DcLgGopIWkPHaP_5C9Yymb7k793ero3sjWgyix_NjoyXqrOT-PJFHDYAZNawepJunTt2dmrlFvEZ1ZEVZuvaZFSOvUYDAkiMV71CKnENakUU-c1zcUDZLlRtmbg&sig=Cg0ArKJSzF1PnVUPAtpyEAE&urlfix=1&adurl=
Frame ID: A140EA691A92C634FFA0399AE1BD57E0
Requests: 14 HTTP requests in this frame

Frame: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 67A11F1E6421A25A49357A4235CF9835
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs
Frame ID: 9F4FD0D52B8255A449134212DE69AF2F
Requests: 17 HTTP requests in this frame

Frame: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FD40A454AA8ED25F279919DAC1EB58F5
Requests: 25 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssWsIVfvE2oW_LMu-1J4oDgucV4h1fIOeBR-J1SJxVu2SaYBfe5oVAqRZ1TIM4kdjJpg5OkB7GIOL6MW68S8OdwdjYRsNkJh1zYS81ZEZR9gy5EDJQZ0BlrBBHyZnbZUnZmVDWwmy75-ud6aLXx6b-RiwZnYfju1qSS-VFwdqUe7bsmF7MV2QVrcxtXp4sCnVKerjI0xykzO4rXaew8zEYyJQLX5yrmky53VGwdCyHTz36XRttxru8iXyiFSjRaiSdKr3sl1Igh7h3srrk1Gy_GvxBh7XXISzkpDJafexD_U8SOnwazequYUYgf9qCtt_d3DXQzZo8sjuKe114Jeua&sig=Cg0ArKJSzIbQH4-sSWk1EAE&urlfix=1&adurl=
Frame ID: 5133C49DE220BA5ACC0A0A9CD65562DB
Requests: 4 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Frame ID: 431CFD42D43081F9F800D831068379E8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 0F8FE3449D08D2236CC42A71243A1EC0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 76CA8C8936E7D81F8E8E4DDA8F3F0E5F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js
Frame ID: 60E561ED69AD876FBB7102CD793BA394
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 5B2E6659AFFFCB48836C09D714395552
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHr7vhFWmfJQK6an6Q2srYJDdy4r8GhRE8FMTf3JgatT9G5zC7YuKqUBaj9a5WIWZ8u29q4D2ZtYSifobP2TGTE476WinuM-MhBXzKvS_aA3qEDxxvFbC48SUmlpvDKSk4bERazlvNMJ22SIDUFUbq6St5SCftPljkaUBN9SnKqpeyHSlKd-jjriTnG9Fs4T9AaR6Ci7lqgJfSrc__U4qwG0qwGTZdq0TxSUHOVa5EokLerJyhNgv9R9XDzO340mKsMQqLdy_HoFr5kgCuKFQH9S7kONY3W9mIogMXZY2Hc2mPo1DFycydBtSMJlLeq2Rj0AYZLJGuQMPrkg&sig=Cg0ArKJSzGbjuDRFF8BvEAE&urlfix=1&adurl=
Frame ID: 47CCD91C2048E3CE58A7C196E24F1DC2
Requests: 3 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Frame ID: DB109F2180235D7B36D3E60096F77C34
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: B3F7BD53257807C39D05437BF3D8A022
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C2B8FDD6199220BCBDB63CB2C59A6338
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1622772060819-969018789622-028301-005-006512&biddername=22&key=2017cd17-d340-4b54-b804-a6f3b89da7a9
Frame ID: D021E6FEC9927DAEFA922A531FCD4126
Requests: 1 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: 4C919EB4CE9CC61E744AC2DDBC463228
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1622772060819-969018789622-028301-005-006512&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: 27B7611C90C72B1A28B219655BDAB16B
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D60%26key%3D%5BUID%5D
Frame ID: 3EB49372CC022CEEE6741267A6EE8D0A
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=
Frame ID: D411E04CF65F49707554DC62FB3C36DF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: F16E0808A39D10DEF1D7848B78713B59
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D1%26key%3D
Frame ID: BE31939887AEBB2DC0BA3AF0D3918BCC
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D200%26key%3D%5BRX_UUID%5D
Frame ID: BAF674A362A24E9D28C6AD9F59086212
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gamoshi.io/user_sync?bidder=16245&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D71%26pid%3D5ef33c8abcf1750da1720e91%26key%3D%5Bgusr%5D
Frame ID: CBD1471178660C971C90DAEA9C92AFB2
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1622772061149-967215516622-008534-012-006671&biddername=55&key=141772676130393054
Frame ID: 3DDA5A8CB64386AB83362CB0E27F3159
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 54ED4AA9C517005983EC46EFEFC4C52C
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: D86325B17A4279CA3A5CB7D8F391A153
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: A75B59F78BDDDC658769FD63006961D6
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: F9A6437D888484507B773193FF535F80
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 300D852395345BF4625CF00D82007792
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D73D26A1BC1FB19F06E670800ECC59D8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6C8023978B55D91E019490B2D899B872
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: 8CE8DD1AAFD5A24028FE7959177C76EA
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C014178203AF66704CB583E879DD7FED
Requests: 9 HTTP requests in this frame

Frame: https://ads.adpone.com/index.html
Frame ID: D87592BCA851392F9128713EE754E705
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Frame ID: B5265078C2258ECD5C0D2929FFDF0E27
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4E6195A366AF8FEEEAC8D1A41A20D993
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C9C6AC4EAE5786770283DBEE7DF52679
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: C757C1AC9355A9BBC7161D01B16E4B65
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: ECF6D7804BFDCFF9941E2241D5319BA6
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=601760
Frame ID: CF6ED888DF2897896727412248159055
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: FB7BEFC17CF885C30BBC4F0B6D142705
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: BF1744990A221026A0FF3852636497C8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3266216A4DB8BF4DDEC3ACE3ADB0643B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1F0E2036BAA8BBD4B3FFD98D1B398D4F
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: C76E2A7814B32DBF011413DB4367F207
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: E7FFB701CAEBE7E5363E5043C07DC04A
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 83504A96A9012356451C3CE679600F96
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: AA23D36D7855729A35B44567CE23B6DE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D64BEC6DBABD9500379C7525578621C3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C4E1B36E910F3F44089846D21DA19F4B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 5B3F1F2883895AEB7E8A6681881EC71E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 92293C76D8EBBC9799380330292D8CB0
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 50AD8F875FA9F0568CC21B49F15D0FEB
Requests: 3 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 046ED4C9C5ADFE2F897C19C446A1F903
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 4325ED85E4A98E1985287FFBED6E383D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 857AE7EF03ADD59B8575A39340D798B1
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: F78EF8AD77AB7E41916D8889E305A765
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 411715B52038A55AB09B7DD892D06364
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 995E82231C1633AA91C5E6161EDE0898
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C7AD89BE37D48D174A3E28D7C16CE667
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 3B86774877D0AF6C475E0A8928C7A5ED
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 494EA969EB560A2319B5459A7DE5E102
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.464.0_en.html
Frame ID: BA6C6C804E006B16E8E1ECE7E8123E43
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 86F873991513216F7EF77E9E261E3E8E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 609BA13EF52A356B372343CE40D83D49
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3DD7075E02D5716E4D5B55FB3DE05516
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Frame ID: 8EBD5F7A92F1EE7553F8B3605CBA9B74
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: E6A7AED4A2ED6005E4E26966F9661D56
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4654c36c83c62387%26uid%3D
Frame ID: B8016E4354A25BE686034506E445A842
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6DB6297FD55DBB7A2276E55FBC0AAA27
Requests: 24 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=9791364A-5D70-4DE7-99E3-E3BC5164F339
Frame ID: 126FBAA0D5F92850370732743C5B80D1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3462424979472878295
Frame ID: F487060D95DB548EA4D8D4BAC7A09695
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: DC493C5C3937CCFA4E0DF0EEB20FF84A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969752960922417300
Frame ID: 4FF000F4FFF19D60133B45A7174B0286
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADYBE7BcxMAADLZlL-lkQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: 30E49AFFA71175AC29A06A4B5860B531
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 8CBD85F9648AA6C2627BA80FB1750B4A
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
Frame ID: 6BB62090B68E0B17990F7BC400587CE2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5tptP9nfwUmcIAMEmkALW6v5
Frame ID: 88F3C79AA9A72DD94926D446A4779F51
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: C8359B53C494A78ABC04FD524188728A
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 6127977CFB3159EC0A66A9B6A108B877
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: DAA1F55732D9F9B04238F8CBDDF543B0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FprGLMAyTnL3&pid=557219
Frame ID: 37847D1A12FFEAA170244213F09B23FA
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7d685cd8-45eb-4822-abf3-e2c583f1e30d-tuct7b30ee2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 9A3257B9D05BA265812505A43E5DE0FC
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=4654c36c83c62387&uid=9791364A-5D70-4DE7-99E3-E3BC5164F339
Frame ID: ADCCE0B194722C5D1927EF02372EF2E5
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4654c36c83c62387%26uid%3D&s=190243&C=1
Frame ID: 44D2BE60E8126835B95BE61817BBE170
Requests: 9 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361&cmp=0
Frame ID: 9AA228530711175E36683244B70E6B80
Requests: 31 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 5C18233E6AAAB34A12C10DB3DEC276A4
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: FC71089C07CFA5FD7065700E5108BB58
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 0DA04237292897E9E576E318BA049ACC
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 2ED00CD357D20BA6D112BB80432146AC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 87219A8A341763F14FBAE305FF98A686
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AC613B84240A0C4DED69A21C9AFCA14E
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 5ECA0EC3894A0C0372C0A8BA4B3B7F70
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: 52740CAB8E4E3CDE8699731145C22B3B
Requests: 9 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AOkPQCHuLJHhD3UL
Frame ID: 5B772B03602EA516BFCEE299C3D2CD58
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 62F1D022512CA1EBBF00F99B9F90D083
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 5E95F1AE4C634EE05006C06D79F7EBB4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:p7ASOpuU1LOZ955&gdpr=0&gdpr_consent=
Frame ID: 4E8286DE75D3676E4506E2FAC008B29E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pxt1cxW2Q5JTcoo26BJvS8TwOaQ
Frame ID: 85C31EFDFDB8D87AE5B747481737B265
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=56dd738b-56ac-4170-9993-10100673625f
Frame ID: 4B41A3700CB5789FA2869B3C526D7400
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4CCDE0A0FAC94D62B005743F5EC7C30A
Frame ID: C6D65B6CC079DC3012035AD3D55580BE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 00334A9BD1FE735C028C59284074D280
Requests: 5 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 978A79EEA8F3DF7A0C0FB6C2904C6D3F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: A26BFD5CDE47A370B18DCCFC22582B2C
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: FD82679291919AA6916FA60E78E82A05
Requests: 1 HTTP requests in this frame

Frame: https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=9791364A-5D70-4DE7-99E3-E3BC5164F339
Frame ID: 2CCAB94BC1A891BCE9A6C371F04BF1C4
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: B44452D0FEA31E4FE63A4014C30625C8
Requests: 2 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1245982&orgId=23089&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=http%3A%2F%2Fvnexpress.net&vrid=e10f7624-7ab1-4512-acf0-12bfac6aaf68&pblob=
Frame ID: 8C6F24D896735F7EFE7F6B8092D73C49
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 0F49CE8B4F9D4313CCA4A809A1DC5CE1
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 43D0BA62D364EAF281DCDD13BDAD4E0A
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 9D464A2444A6E938A78BC67517B46AAA
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: A828FDF1A60CF222681271EE1E03499F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 20D9802541AC7C5BF7C276E7417BE8D6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5BDF284CE98DCF59C840A1DB1B06749C
Requests: 1 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: BC0EDFB0C8239FF44D501AF696C62C96
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 33332040BDF866160E70B6222FE565E4
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B8A894C74091DBB50BF18D79AFB36B9A
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CD01984A2E915E0A44A48D84D1036213
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 93A0450647B99CBE14997DA24B52D2D5
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 6179366521DEB3DD6E1966625D20D3D1
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 496B9D972C2946E690D7A98F380D8933
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 0ED62E6541E66BD0176890C26697A2C7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4B2FA6699A7A53B4FB3284D0A497D856
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 30BCEABA35A0C7ECCDEF02A1673622A9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: B3BF9EF98A3E3C3B0C3A99EF1D74B337
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 5E40B24702897AF2022CD03FAF49DC7F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: F3A8F1B4D50071F2E1EE235BD72D6E04
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: DDD47886CFF09E9A8EBDCFC6C3B6114A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 208C8135693C1B0949080DDE784490C1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4CD2E3031CC0125B0516329092F30856
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 11A2D572D1743B4C67E389BB02CC8767
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 68620028FE9BBAE86F3DB6404C170C67
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: C4654899A75353BA59BC66653EE1852F
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: AE1897A41E589FF1995A63DF9335AD26
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9715A71F7B23A5583E2E310DBFB4064E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F8BEF113F38C83CBF8123310D14A1D3F
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 55184A84B04BF64173B690F3BF36B8C2
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 406E0F828574097A171D2636EADFA626
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 18FCB14FCB33B67DAAEC0EE487CF90EE
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 09C3D3965EAAA90411939E9A98F753B3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9DAA346BAC98D3F9C9D6254D68662635
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B541E785732521B2D3AD016C2F9767AC
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: C1F00D14585FEFDC27143A4EFD8E71B1
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 3C922AC82B21DBB566BDF5E27C8DAC57
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: D992051BF241A04737B79BC3CE12F3B2
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 8BEEF437DBF7AE011887C6A991E567F8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E7B2EBA73482B4D3EDA51B81D63A2556
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 89E6B6FA8C3004A9B7631A814AF83E33
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: F5DF2027EE7F76B898BF1853ACEAE119
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: CAF342E70DE25CE8E11C749722446508
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 029C38D89189FDE8C8E7597849A671F5
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 0F632413A7AA5EB7DB6E9B0E44D22495
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 42F6B4DC9D8FA8FCAC6BB27462079AAF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DFB22F2796BDC23E6BD07252F9E19C5C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: E36B4F6DD2672E6E506ECCFCD4F5CB4A
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 124A9D0BA61FC2F5201E80E66D13605E
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 37DE3FD00899A52030DF7274C78E2807
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: C2811853C5FDF5A9AF8E47C60C400F2D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FAC7D01E504EAE93139F4C47F4730404
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: BA151C735FEC68E94DCB44836DA3B37A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 53A5713D0D3B638D39143E98DB9A3323
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 142714861244DDA6C0386173BE650A9A
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: CA8A2E111233CFEC375929DF9138F02D
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: F938F68503BC452ED153D3991F6C7828
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AA52916DD77EB6F8470D4E7012C4A91C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B51E12F9E117D713F8D1D101812B00B9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: C14A1C59B23EC54D49F8747A9EFE90CF
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: FE219624D241AC16F394DDCCC488C169
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: D306C1E3A9816D83837BAF958C758B78
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 8579711954C9324B563BA81BADF58984
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 456A059D90AF18F9D47C00FED9E55853
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8FE5A5B7571EA1179949030BBBD23761
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: EC1FCBAD9851D6D3A0D8BD42FBF468BE
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 05C3C37CBE6469B7D9CD2AA857540160
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: AAFB5BF56FE5AB057CC35ACCD505B89E
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: C2071CE02E2DF83135294690B4208191
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A016E6D7D161725665FA321FA6F9D2F9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 02522CAA044BC423C7F9BA6214EF09B6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: D4915FB357784CEF5F19D779D79F5BA9
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: B0F7498290CAD0A12C24F0BE7C5D9A45
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 89F88800B105BFC4FAA99295FD13ACBD
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 5E143C96B123B527C4578F1345FAEA25
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: EE53773D26837AB077CF7FFE0120972B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3B695BE201EFEFB64B596D171E2AD8AD
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: BB757DA7B1A4CBB8ED9ADDFBC1180CE3
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 549801CA6EC415D22751F5DA6924741C
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: 53E9167C464AD5D0709D369DE2825CC9
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html
Frame ID: A6F07C90025257022C05F4D8CEDAFD82
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5727A96FF0573B0668DC2163A54B8DC4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E088AA31CFA601ABED1BB600BC9D1A01
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://vnexpress.net/ HTTP 301
https://vnexpress.net/ Page URL
https://vnexpress.net/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Page Statistics

961
Requests

98 %
HTTPS

32 %
IPv6

108
Domains

197
Subdomains

131
IPs

18
Countries

17262 kB
Transfer

48975 kB
Size

0
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: https://e.vnexpress.net/
Title: International

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/
Title: Video

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/thoi-su
Title: Thời sự

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/nhip-song
Title: Nhịp sống

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/sports-life
Title: Sports Life

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/food
Title: Food

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/cuoc-song-4-0
Title: Cuộc sống 4.0

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/toi-ke
Title: Tôi kể

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/chuyen-nui-rung
Title: Chuyện núi rừng

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/toa-dam-kinh-te
Title: Tọa đàm kinh tế

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/giai-tri
Title: Giải trí

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/du-lich
Title: Du lịch

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/the-gioi
Title: Thế giới

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/phap-luat
Title: Pháp luật

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/kinh-doanh
Title: Kinh doanh

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/khoa-hoc
Title: Khoa học

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/giao-duc
Title: Giáo dục

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/suc-khoe
Title: Sức khỏe

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/kid-lab
Title: Kid-lab

Search URL Search Domain Scan URL

URL: https://startup.vnexpress.net/
Title: Startup

Search URL Search Domain Scan URL

URL: https://vhome.vnexpress.net/?utm_source=VnExpress_Desktop&utm_medium=KinhDoanh_Menu&utm_campaign=DropMenu_Startup
Title: Vhome

Search URL Search Domain Scan URL

URL: https://vm.vnexpress.net/
Title: VM 2021

Search URL Search Domain Scan URL

URL: https://vrace.vnexpress.net/
Title: V-Race

Search URL Search Domain Scan URL

URL: https://diemthi.vnexpress.net/
Title: Điểm thi

Search URL Search Domain Scan URL

URL: https://diemthi.vnexpress.net/diem-chuan-tuyen-sinh-dai-hoc
Title: Tra cứu đại học

Search URL Search Domain Scan URL

URL: https://kidlab.vnexpress.net/
Title: Kid-lab

Search URL Search Domain Scan URL

URL: https://raovat.vnexpress.net/o-to-xe
Title: Mua bán

Search URL Search Domain Scan URL

URL: https://raovat.vnexpress.net/?utm_campaign=VNEXPRESS&utm_source=footer&utm_medium=menu
Title: Rao vặt

Search URL Search Domain Scan URL

URL: https://shop.vnexpress.net/?utm_campaign=VNEXPRESS&utm_source=footer&utm_medium=menu
Title: Shop VnExpress

Search URL Search Domain Scan URL

URL: https://pay.vnexpress.net/
Title: Pay VnExpress

Search URL Search Domain Scan URL

URL: https://vlight.vnexpress.net/
Title: Mua ảnh VnExpress

Search URL Search Domain Scan URL

URL: https://vhome.vnexpress.net/?utm_source=VnExpress_Desktop&utm_medium=Footer_Menu&utm_campaign=Menu_Home_AllFolder
Title: Vhome

Search URL Search Domain Scan URL

URL: https://eclick.vn/lien-he/?utm_source=VNE&utm_medium=CPC_BOX&utm_campaign=LienHeQuangCao
Title: Quảng cáo

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/tin-tuc/nhip-song/tiep-te-thuc-pham-cho-khu-tam-dich-sai-gon-4288669.html
Title: Tiếp tế thực phẩm cho khu tâm dịch Sài Gòn

Search URL Search Domain Scan URL

URL: https://video.vnexpress.net/tin-tuc/nhip-song/tiep-te-thuc-pham-cho-khu-tam-dich-sai-gon-4288669.html#box_comment_vne
Title: 12

Search URL Search Domain Scan URL

URL: https://vhome.vnexpress.net/?utm_source=VnExpress_Desktop&utm_medium=Home_Menu&utm_campaign=HaVien_KinhDoanh
Title: Vhome

Search URL Search Domain Scan URL

URL: https://ai4vn.vnexpress.net/
Title: AI4VN

Search URL Search Domain Scan URL

URL: https://www.facebook.com/congdongvnexpress/

Search URL Search Domain Scan URL

URL: https://twitter.com/VnEnews

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVRqZH5QnrnbMWhElPBD-MQ?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://appgallery5.huawei.com/#/app/C101519049

Search URL Search Domain Scan URL

URL: https://click.google-analytics.com/redirect?tid=UA-41193011-3&url=https%3A%2F%2Fitunes.apple.com%2Fvn%2Fapp%2Fvnexpress-net%2Fid488630446%3Fl%3Dvi%26mt%3D8&aid=net.vnexpress.iphone&idfa={idfa}&cs=google&cm=cpc&anid=admob&hash=md5

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=fr.playsoft.vnexpress&referrer=utm_source%3Dgoogle%26utm_medium%3Dbanner%26anid%3Dadmob

Search URL Search Domain Scan URL

URL: https://appgallery5.huawei.com/#/app/C101530095

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/vn/app/vnexpress-international/id1435726486?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=fo.vnexpress.eng

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vnexpress.net/ HTTP 301
https://vnexpress.net/ Page URL
https://vnexpress.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://vnexpress.net/ HTTP 301
https://vnexpress.net/

Request Chain 66

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9293.maZL4Ffulb6wcqo5DJguDnXFPaqhZ-PWkhbLXoUxR3OgGgRm7Asr-Xy1D8hvepf2.7mrKl8hUk8AvTuf9Eyb56veFoO8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9293.0R3G-OzEp5pqoncvpgSwUm0uHPSrK670WwC8gVZbFjL3SQNYdf82m63tX9wW9xj6nyeorFipdnZne2Iisq9w_g%2C%2C.bpqXGAq6SBYHl4Tlz8rGqEQhVTA%2C

Request Chain 72

https://mc.yandex.com/watch/62978707?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A299%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A551%3Acn%3A1%3Adp%3A0%3Als%3A1409973049683%3Ahid%3A177172772%3Az%3A120%3Ai%3A20210604040057%3Aet%3A1622772057%3Ac%3A1%3Arn%3A752354595%3Au%3A16227720571054713009%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622772056828%3Ads%3A0%2C0%2C235%2C203%2C1%2C0%2C%2C244%2C0%2C%2C%2C%2C490%3Adsn%3A0%2C0%2C235%2C203%2C0%2C0%2C%2C50%2C0%2C%2C%2C%2C490%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622772058%3At%3AVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t HTTP 302
https://mc.yandex.com/watch/62978707/1?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A299%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A551%3Acn%3A1%3Adp%3A0%3Als%3A1409973049683%3Ahid%3A177172772%3Az%3A120%3Ai%3A20210604040057%3Aet%3A1622772057%3Ac%3A1%3Arn%3A752354595%3Au%3A16227720571054713009%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622772056828%3Ads%3A0%2C0%2C235%2C203%2C1%2C0%2C%2C244%2C0%2C%2C%2C%2C490%3Adsn%3A0%2C0%2C235%2C203%2C0%2C0%2C%2C50%2C0%2C%2C%2C%2C490%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622772058%3At%3AVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t

Request Chain 91

https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5 HTTP 302
https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=b48b01fd-c4d8-11eb-86a4-1708f5200206

Request Chain 254

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1622772060819-969018789622-028301-005-006512&biddername=22&key=2017cd17-d340-4b54-b804-a6f3b89da7a9

Request Chain 269

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772061149-967215516622-008534-012-006671%26biddername%3D55%26key%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1622772061149-967215516622-008534-012-006671%2526biddername%253D55%2526key%253D%2524UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1622772061149-967215516622-008534-012-006671&biddername=55&key=141772676130393054

Request Chain 290

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
https://onetag-sys.com/sync/i,1/fd6260b9-895d-4c00-b58f-aab0a8711566

Request Chain 291

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag HTTP 302
https://onetag-sys.com/sync/i,2/KPHOL4K3-6-43Q0

Request Chain 292

https://dmp.adform.net/serving/cookie/match?party=1167&cid=Ep32HRy8vmDenFTCkp1ifo6P6dn16E7PYggIRmlff2g HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=Ep32HRy8vmDenFTCkp1ifo6P6dn16E7PYggIRmlff2g HTTP 302
https://onetag-sys.com/sync/i,34/6354053604714367167

Request Chain 293

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 HTTP 302
https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEH2_Y509hE0V7WPP8_xG12w&google_cver=1

Request Chain 296

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/sync/i,29/?tdid=536177cc-28b9-47af-b08e-8f615acda350&ttl=1625364062

Request Chain 297

https://x.bidswitch.net/sync?ssp=onetag HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Donetag%26bsw_param%3D83dde611-02a5-4b36-a4b1-09a1d2cfc8b0&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=fd6260b9-895d-4c00-b58f-aab0a8711566&expires=30&ssp=onetag&bsw_param=83dde611-02a5-4b36-a4b1-09a1d2cfc8b0&gdpr=&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=83dde611-02a5-4b36-a4b1-09a1d2cfc8b0&gdpr=&gdpr_consent=&us_privacy=

Request Chain 315

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 317

https://eu-ads.adpone.com/ HTTP 301
https://ads.adpone.com/index.html

Request Chain 321

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=536177cc-28b9-47af-b08e-8f615acda350&_origin=1&gdpr=1&gdpr_consent=

Request Chain 322

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPb6a52bbd-c4d8-11eb-8cdb-02770eac6a52 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPb6a52bbd-c4d8-11eb-8cdb-02770eac6a52&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBiNmE1MmJiZC1jNGQ4LTExZWItOGNkYi0wMjc3MGVhYzZhNTI%3D HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEOYFd5fnzdMxVhUkRjyho_o&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEOYFd5fnzdMxVhUkRjyho_o&google_cver=1&apid=UPb6a52bbd-c4d8-11eb-8cdb-02770eac6a52

Request Chain 323

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YLmJXgABUDA36gBg

Request Chain 327

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fd6260b9-895d-4c00-b58f-aab0a8711566

Request Chain 328

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=aLJKXGa7HQBzthAHP7EFVWyzGlBztx4Babse4WZC

Request Chain 329

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6354053604714367167

Request Chain 332

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELvaM725qPFjTGWTCrhdJe0&google_cver=1

Request Chain 343

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHLTVtA79_AIztRnIogFahs&google_cver=1

Request Chain 344

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YLmJXgABiB9EuQA4 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YLmJXgABiB9EuQA4&_test=YLmJXgABiB9EuQA4

Request Chain 345

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BIT0w0SzMtNi00M1Ew

Request Chain 346

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWQ0NmI2ZTg3NTZkYTI0ZGRhYmE3ZGQ1OTg3NTJkMjJkMzUxOTE2Mg

Request Chain 347

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=fd6260b9-895d-4c00-b58f-aab0a8711566

Request Chain 349

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPHOL4K3-6-43Q0&sigv=1&esig=2~d0443d8fdd20c8c65efdf365fc5c77e056717109

Request Chain 350

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/uNChqr26sj_zrHocf3TE_g?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8982968478341327657

Request Chain 372

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=e51cfda6-693f-47c7-a8ff-6a14a4856630

Request Chain 373

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=655791726943216767

Request Chain 374

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D HTTP 302
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=b6ab8613e6a1ac10

Request Chain 427

https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D HTTP 302
https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=GgCCIAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9Fcr3J99 HTTP 302
https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=655791726943216767&mpk=GgCCIAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2cu0Wdp1WZyBHekFmLiRncGJTJGJTJBNTJzBHd0hWP0NWZylGZlJnJx0jcwR2ZmgTOy0DZp9Fcr3J99 HTTP 302
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=655791726943216767

Request Chain 450

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID

Request Chain 452

https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D4654c36c83c62387 HTTP 302
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4654c36c83c62387

Request Chain 457

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4654c36c83c62387%26uid%3D%24%7BUID%7D HTTP 302
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4654c36c83c62387&uid=e51cfda6-693f-47c7-a8ff-6a14a4856630

Request Chain 461

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D4654c36c83c62387 HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F

Request Chain 462

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4654c36c83c62387%26uid%3D%24UID HTTP 302
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4654c36c83c62387&uid=655791726943216767

Request Chain 464

https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-GMHYAb9E2uFIl05DiWKmHSf2.r5SKHZfxIcsEyc-~A

Request Chain 465

https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D4654c36c83c62387%26uid%3D%7B%24UID%7D HTTP 302
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4654c36c83c62387&uid=9a4adf7533dc217de2293d5fb76b49e49337c1c7

Request Chain 467

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Request Chain 483

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3462424979472878295

Request Chain 485

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969752960922417300

Request Chain 486

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEWUJFN0JjeE1BQURMWmxMLWxrUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADYBE7BcxMAADLZlL-lkQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID

Request Chain 487

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

Request Chain 489

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5tptP9nfwUmcIAMEmkALW6v5

Request Chain 492

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 493

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FprGLMAyTnL3&pid=557219

Request Chain 494

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7d685cd8-45eb-4822-abf3-e2c583f1e30d-tuct7b30ee2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 496

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l5E2Sl1wTeeZ4-O8UWTzOQ%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 497

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fd6260b9-895d-4c00-b58f-aab0a8711566

Request Chain 498

https://pixel.onaudience.com/?partner=214&mapped=9791364A-5D70-4DE7-99E3-E3BC5164F339 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=c8786159272a4c1a

Request Chain 499

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTc5MTM2NEEtNUQ3MC00REU3LTk5RTMtRTNCQzUxNjRGMzM5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 500

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEAgunsZe1UStbZDbewe4WU&google_cver=1

Request Chain 502

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6354053604714367167

Request Chain 503

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:fd6260b9-895d-4c00-b58f-aab0a8711566&gdpr=0&gdpr_consent=

Request Chain 504

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=536177cc-28b9-47af-b08e-8f615acda350

Request Chain 505

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=655791726943216767&gdpr=0&gdpr_consent=

Request Chain 507

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9791364A-5D70-4DE7-99E3-E3BC5164F339&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KEviZoFE2uXc6mJryY1r8ptPfLRDr5M-~A&gdpr=0&gdpr_consent=

Request Chain 508

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3efawdPujZ3G44CaiuSVyNnmis3G4o6c3O7m16kQ

Request Chain 509

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=83dde611-02a5-4b36-a4b1-09a1d2cfc8b0&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 510

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLmJXgABiB9EuQA4&gdpr=0&gdpr_consent=

Request Chain 511

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9088721734973394273&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 512

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2e890f60-accd-4231-bd07-d9ec617de7c2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 514

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 515

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=655791726943216767

Request Chain 516

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_f97e89ad-2cec-4f2b-be5d-3ffe71b00806

Request Chain 517

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4654c36c83c62387%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4654c36c83c62387%26uid%3D&s=190243&C=1

Request Chain 523

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186 HTTP 302
https://sync.e-planning.net/um?uid=KPHOL4K3-6-43Q0&dc=9bcc91305985f0db&iss=1

Request Chain 525

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESED-hPF7-cQlLXF_UxnRxn-k&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361

Request Chain 526

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1a4ff3a5-5629-4180-63a2-59891f08cd19%26reqId%3D15fb8f6c-55a6-4829-73c5-b62735f28fcc%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1a4ff3a5-5629-4180-63a2-59891f08cd19%26reqId%3D15fb8f6c-55a6-4829-73c5-b62735f28fcc%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=0fc70080-124f-472c-8edd-8854364bcc09&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361

Request Chain 528

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1a4ff3a5-5629-4180-63a2-59891f08cd19%26reqId%3D15fb8f6c-55a6-4829-73c5-b62735f28fcc%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=536177cc-28b9-47af-b08e-8f615acda350&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361

Request Chain 532

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=c8079880-3736-41e4-8e20-71ab047a948a&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 533

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=1a4ff3a5-5629-4180-63a2-59891f08cd19&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1a4ff3a5-5629-4180-63a2-59891f08cd19%26reqId%3D15fb8f6c-55a6-4829-73c5-b62735f28fcc%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=1a4ff3a5-5629-4180-63a2-59891f08cd19&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1a4ff3a5-5629-4180-63a2-59891f08cd19%26reqId%3D15fb8f6c-55a6-4829-73c5-b62735f28fcc%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=29802880632665058933582141027718999827&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361

Request Chain 535

https://bn01.er.bemail.it/zeotap.php?_bid=1a4ff3a5-5629-4180-63a2-59891f08cd19&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=BE1-2021060404-65913-0.510130001622772068-021840a42fa65a44433f2f47a03d6bb2&zdid=533&env=mWeb

Request Chain 536

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1a4ff3a5-5629-4180-63a2-59891f08cd19%26reqId%3D15fb8f6c-55a6-4829-73c5-b62735f28fcc%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=6969752960922679444&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361

Request Chain 537

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=1a4ff3a5-5629-4180-63a2-59891f08cd19 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=1a4ff3a5-5629-4180-63a2-59891f08cd19

Request Chain 538

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1a4ff3a5-5629-4180-63a2-59891f08cd19&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1a4ff3a5-5629-4180-63a2-59891f08cd19%26reqId%3D15fb8f6c-55a6-4829-73c5-b62735f28fcc%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1a4ff3a5-5629-4180-63a2-59891f08cd19&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1a4ff3a5-5629-4180-63a2-59891f08cd19%26reqId%3D15fb8f6c-55a6-4829-73c5-b62735f28fcc%26zdid%3D1361&bounce=1&random=1959170345 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=3EXDnMGoOyDgRwc656aA3e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361

Request Chain 540

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=1a4ff3a5-5629-4180-63a2-59891f08cd19?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=1a4ff3a5-5629-4180-63a2-59891f08cd19?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=e3cbda4a3a0ae2318fc27d777e0b117c&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361

Request Chain 541

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-oBmroA1E2oo3dWskrygQ0ztUvLJUwOyTCQ--~A&zpartnerid=570&env=mWeb

Request Chain 542

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ff9l181Aflt0LHUgwPtf3%2F0%2FgUEbeQ6t%2BS41iYitP1U%3D

Request Chain 546

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1a4ff3a5-5629-4180-63a2-59891f08cd19%26reqId%3D15fb8f6c-55a6-4829-73c5-b62735f28fcc%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YLmJXgABiB9EuQA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361

Request Chain 547

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1a4ff3a5-5629-4180-63a2-59891f08cd19%26reqId%3D15fb8f6c-55a6-4829-73c5-b62735f28fcc%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=fd6260b9-895d-4c00-b58f-aab0a8711566&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361

Request Chain 548

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OKQKyF1i&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=1a4ff3a5-5629-4180-63a2-59891f08cd19

Request Chain 549

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1a4ff3a5-5629-4180-63a2-59891f08cd19&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1a4ff3a5-5629-4180-63a2-59891f08cd19&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361&dcc=t

Request Chain 569

https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID HTTP 302
https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AOkPQCHuLJHhD3UL

Request Chain 571

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Request Chain 572

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:p7ASOpuU1LOZ955&gdpr=0&gdpr_consent=

Request Chain 573

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pxt1cxW2Q5JTcoo26BJvS8TwOaQ

Request Chain 574

https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
https://match.bnmla.com/usersync?dspid=6&uuid=C6571DA7A18D4B97BB35BB88E030C2B9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=56dd738b-56ac-4170-9993-10100673625f

Request Chain 575

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4CCDE0A0FAC94D62B005743F5EC7C30A

Request Chain 576

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9791364A-5D70-4DE7-99E3-E3BC5164F339&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9791364A-5D70-4DE7-99E3-E3BC5164F339&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=9791364A-5D70-4DE7-99E3-E3BC5164F339&addseg=19,36,42

Request Chain 577

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9791364A-5D70-4DE7-99E3-E3BC5164F339&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9791364A-5D70-4DE7-99E3-E3BC5164F339&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 579

https://loadm.exelator.com/load/?p=204&g=71&buid=9791364A-5D70-4DE7-99E3-E3BC5164F339&gdpr=0&gdpr_consent=&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=71&buid=9791364A-5D70-4DE7-99E3-E3BC5164F339&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1

Request Chain 580

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bfcb1713-c4d8-11eb-bdfa-8bc0de1c9fb7&gdpr=0&gdpr_consent=

Request Chain 582

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-GMHYAb9E2uFIl05DiWKmHSf2.r5SKHZfxIcsEyc-~A

Request Chain 583

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=655791726943216767

Request Chain 584

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=655791726943216767

Request Chain 585

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=f453d049-cae5-529b-a628-57f0c691de98

Request Chain 587

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=adman&uid=9a4adf7533dc217de2293d5fb76b49e49337c1c7

Request Chain 588

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=655791726943216767

Request Chain 592

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 594

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/sync/i,29/?tdid=536177cc-28b9-47af-b08e-8f615acda350&ttl=1625364065

Request Chain 600

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLmJYtQ9GfbVtRnS2n9s8wAABKEAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLmJYtQ9GfbVtRnS2n9s8wAABKEAAAIB&dcc=t

Request Chain 601

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLmJYtQ9GfbVtRnS2n9s8wAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBEjMl4hVM9AvT1dmVQWawg&google_cver=1&gdpr=1

Request Chain 602

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLmJYtQ9GfbVtRnS2n9s8wAABKEAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIcyXoAcVc1dr8ukx1ERBIU&google_cver=1

Request Chain 605

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bahfSC6J1LOZ965&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bahfSC6J1LOZ965&gdpr=1&C=1

Request Chain 612

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=9791364A-5D70-4DE7-99E3-E3BC5164F339 HTTP 302
https://a.audrte.com/p

Request Chain 615

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADYBE7BcxMAADLZlL-lkQ&expiration=1623981669&gdpr=1

Request Chain 616

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fd6260b9-895d-4c00-b58f-aab0a8711566&gdpr=1&gdpr_consent=

Request Chain 618

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLmJZNspkxR-NUKkLj.b1QAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBEjMl4hVM9AvT1dmVQWawg&google_cver=1&gdpr=1&google_hm=2

Request Chain 620

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9088721734973394273

Request Chain 622

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 641

https://ads.adaptv.advertising.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=2772061224&gdpr=1&gdpr_consent=&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=196.240.57.164&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lat=52.46350&lon=13.37920&us_privacy=1---&scpid=5e4d2a2d2a62e7166c1db7a5&eov=eov&hp=1&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fvnexpress.net%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=225&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=2&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=https%3A%2F%2Fvnexpress.net%2F&width=400 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=2772061224&gdpr=1&gdpr_consent=&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=196.240.57.164&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lat=52.46350&lon=13.37920&us_privacy=1---&scpid=5e4d2a2d2a62e7166c1db7a5&eov=eov&hp=1&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fvnexpress.net%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=225&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=2&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=https%3A%2F%2Fvnexpress.net%2F&width=400&a.y_rid=7afc725d-4e70-4afd-b869-ebf5a23bffc4&a.is_yahoo=3&redirect_y=dHM9MTYyMjc3MjA2OTc1Ny43NTgzMDE6YXBpZD1VUGI2YTUyYmJkLWM0ZDgtMTFlYi04Y2RiLTAyNzcwZWFjNmE1MjpyZXF1ZXN0X2lkPTdhZmM3MjVkLTRlNzAtNGFmZC1iODY5LWViZjVhMjNiZmZjNA==

961 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
vnexpress.net/
Redirect Chain

http://vnexpress.net/
https://vnexpress.net/

178 KB
37 KB

894ms
243ms

Document
text/html

111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

577whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: vnexpress.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:56 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: device_env=4; Expires=Fri, 04 Jun 2021 10:00:56; Domain=.vnexpress.net; Path=/
v-cache: VNE4
cache-control: max-age=60, stale-while-revalidate=6, stale-if-error=864000, private
etag: W/"d9632bab3291dd287a7c8c0ed8de3aa3"
server: 577whgldd10bf7c7468e873e79ba2ad139
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

Date: Fri, 04 Jun 2021 02:00:55 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://vnexpress.net/
Server: 577whgldd10bf7c7468e873e79ba2ad139
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET eclick.js
s.eclick.vn/delivery/ 0
0

GET
H2 200 gpt.js
www.googletagservices.com/tag/js/ 62 KB
21 KB 61ms
29ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "892 / 808 of 1000 / last-modified: 1622758190"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21347
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:00:56 GMT

GET dfpbrand.js
s.eclick.vn/delivery/dfp/ 0
0

GET prebid.js
s.eclick.vn/delivery/dfp/ 0
0

GET gpt.js
securepubads.g.doubleclick.net/tag/js/ 0
0

GET ov_pc_vne_home_home.js
s.eclick.vn/delivery/dfp/ 0
0

GET 1000000.js
s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/blocks/site/ 0
0

GET gtm.js
www.googletagmanager.com/ 0
0

GET analytics.js
www.google-analytics.com/ 0
0

GET
H2 200 Primary Request / Show response
vnexpress.net/ 178 KB
37 KB 236ms
235ms Document
text/html 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

577whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

3bccc3b4ae50c42fb624ad6deee20bf32edff96d7d67c4ae539027a9c343a089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: vnexpress.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: device_env=4; sw_version=1; _efr=1622772000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

date: Fri, 04 Jun 2021 02:00:56 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
v-cache: VNE4
cache-control: max-age=60, stale-while-revalidate=6, stale-if-error=864000, private
etag: W/"d9632bab3291dd287a7c8c0ed8de3aa3"
server: 577whgldd10bf7c7468e873e79ba2ad139
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

GET perf
logperf.vnexpress.net/ 0
0

GET
H2 200 eclick.js Show response
s.eclick.vn/delivery/ 537 B
582 B 700ms
231ms Script
application/x-javascript 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/delivery/eclick.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_43 /
Resource Hash: 6f95aa4d0f7e2770465337f912f435d712d620a0b4458d2c0afb3f1644ca72ba

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 04:38:42 GMT
server: FPT-static_eclick_141_43
etag: W/"60a5e7d2-219"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=0, static_eclick_141_43,no-cache
expires: Fri, 04 Jun 2021 02:00:57 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 55ms
29ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "892 / 51 of 1000 / last-modified: 1622758190"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21347
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:00:57 GMT

GET
H2 200 dfpbrand.js Show response
s.eclick.vn/delivery/dfp/ 69 KB
25 KB 888ms
435ms Script
application/x-javascript 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/delivery/dfp/dfpbrand.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_43 /
Resource Hash: 50f279761c523938ab4343556f143bb1ac4bd3874aa2c4e95b6d3b4ae5f5fab6

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 03:42:25 GMT
server: FPT-static_eclick_141_43
etag: W/"60b84fa1-115c9"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
expires: Fri, 04 Jun 2021 03:00:57 GMT

GET
H2 200 prebid.js Show response
s.eclick.vn/delivery/dfp/ 291 KB
91 KB 1084ms
631ms Script
application/x-javascript 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/delivery/dfp/prebid.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_43 /
Resource Hash: 4b9567f947e6f537c8c6858b78d5f31598d63aeb8e9013709494ce3a22fca803

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 03:58:02 GMT
server: FPT-static_eclick_141_43
etag: W/"6046f24a-48d9c"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
expires: Fri, 04 Jun 2021 03:00:57 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 136ms
52ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

b1b210746f3af2466e7dfa40e9f0472ba8d6779131adf856792002d857cea0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "892 / 298 of 1000 / last-modified: 1622758284"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21347
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:00:57 GMT

GET
H2 200 ov_pc_vne_home_home.js Show response
s.eclick.vn/delivery/dfp/ 106 KB
20 KB 1288ms
835ms Script
application/x-javascript 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_43 /
Resource Hash: cd7f7ccc5bd9430069c8ab0ee21279ef536cd7a6f25f266fec86655468393280

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 09:25:46 GMT
server: FPT-static_eclick_141_43
etag: W/"60b0b71a-1a78f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
expires: Fri, 04 Jun 2021 03:00:57 GMT

GET
H2 200 1000000.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/blocks/site/ 155 KB
33 KB 1271ms
834ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/blocks/site/1000000.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 1406d6721214263c0df42d8a2be9ec16531dacc36403dc3054997ea856dabab7

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 04:10:43 GMT
etag: W/"60adca43-26ac9"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:57 GMT

GET
H2 200 general-file.css
s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/ 117 KB
21 KB 671ms
221ms Stylesheet
text/css 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/general-file.css
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: da08e3c9ffa013580c65b3b8da2f39f3f866a96408b3df35e7d343d149899847

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 04:52:12 GMT
etag: W/"60af257c-1d4d4"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:57 GMT

GET
H2 200 vod.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/ 1 KB
779 B 1271ms
834ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/vod.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 5429c9d50e6222c5a8082411c59146871a585b8eadc84a9d7843ec0953274ef3

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:32 GMT
etag: W/"60934550-446"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:57 GMT

GET
H2 200 logo.svg
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 5 KB
5 KB 869ms
432ms Image
image/svg+xml 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/logo.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: cd456e897b78da5e11de8896786c7224774c71b21f46d04bc65ee6f32b040958

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:57 GMT
last-modified: Thu, 06 May 2021 01:23:20 GMT
etag: "60934508-13b6"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5046
expires: Sun, 05 Jun 2022 02:00:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 310 KB
52 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23c1f17c29f9c7ae5dc0ff54fb68e92d3e71ea82923a325399ad462f377f2a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53556
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Jun 2021 02:00:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2974
date: Fri, 04 Jun 2021 01:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 04 Jun 2021 03:11:23 GMT

GET
H/1.1 200
OK perf
logperf.vnexpress.net/ 0
0 1276ms
425ms Image
text/html 180.148.129.21
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logperf.vnexpress.net/perf?lt=0&dclt=0&sr=0&url=vne_reload&iscache=0&device_env=4&domain=vnexpress.net&timeserver=1622772000000&timecookie=1622772000000&timeclient=1622790057000&action=no_reload
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 180.148.129.21 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 avmLibrary.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/library/ 16 KB
17 KB 40ms
7ms Script
text/javascript 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 434762a76dfd6af3bdeeb1f2de8dad923633467deb93e7c15ac71cd87e5b99df

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:21 GMT
content-encoding
age: 36
x-guploader-uploadid: ABg5-Uy6Jsy8RdJeeKu3AzZOPrBZZlG6QG4N0BJ1Fdyt3rm4GBSb6aGcxpUnLZ75UVLOSHu5SK5KBjtqHoOi8fz5BQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 1
x-goog-stored-content-encoding
content-disposition
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16656
x-goog-meta-
last-modified: Tue, 11 Aug 2020 07:31:10 GMT
server: UploadServer
etag: "9dfc4ebc8c94abdb09c9fb98143eff5e"
x-goog-hash: crc32c=61K1/A==, md5=nfxOvIyUq9sJyfuYFD7/Xg==
content-language
x-goog-generation: 1597131070573686
cache-control: public, max-age=60
x-goog-stored-content-length: 16656
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 04 Jun 2021 02:01:21 GMT

GET
H2 200 icon-vne.svg Show response
s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/images/graphics/ 57 KB
57 KB 668ms
220ms XHR
image/svg+xml 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/images/graphics/icon-vne.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 45b83f6b6a8fc5a941655b074f10b26bc4dfca4035c372326e1dba7307c82c43

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:57 GMT
last-modified: Thu, 06 May 2021 01:23:00 GMT
etag: "609344f4-e3ec"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 58348
expires: Sun, 05 Jun 2022 02:00:57 GMT

GET
H2 200 category.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/config/ 42 KB
9 KB 591ms
591ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/config/category.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 82164fb5aefd701319705aaf466529fb2ac1a91e6219bced5c1d02b594efba75

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 08:21:53 GMT
etag: W/"60b89121-a959"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:57 GMT

GET
H2 200 banner_tiepsuc_tamdich_home_pc.jpg
s1.vnecdn.net/vnexpress/restruct/i/v391/banner/ 73 KB
73 KB 852ms
434ms Image
image/jpeg 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/i/v391/banner/banner_tiepsuc_tamdich_home_pc.jpg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 0c84cf92322d1cced22a12ae95bb96fb0758c950f9fde7476934ec5915787005

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:57 GMT
last-modified: Sat, 08 May 2021 07:41:49 GMT
etag: "609640bd-12419"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 74777
expires: Sun, 05 Jun 2022 02:00:57 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 fonts.css
s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/webfonts/ 971 B
521 B 846ms
431ms Stylesheet
text/css 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/webfonts/fonts.css
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: d54b99754769e4c871583c276d4fae52d6fe493fa188ac09027a9deec6c46c7c

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:23:00 GMT
etag: W/"609344f4-3cb"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:57 GMT

GET
H2 200 ca-nhie-m-qua-n-11-jpeg-162276-3423-4164-1622765735.jpg
vcdn1-suckhoe.vnecdn.net/2021/06/04/ 95 KB
96 KB 22ms
6ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-suckhoe.vnecdn.net/2021/06/04/ca-nhie-m-qua-n-11-jpeg-162276-3423-4164-1622765735.jpg?w=680&h=408&q=100&dpr=1&fit=crop&s=lPATOmJashF4rx1b99jKxg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 2aa8d95323b55e841fd9dcb2b8989f31389601780cece276acb938d8fe7ff92e

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:57 GMT
last-modified: Fri, 04 Jun 2021 00:15:46 GMT
server: keycdn-engine
link: <http://i1-suckhoe.vnecdn.net/2021/06/04/ca-nhie-m-qua-n-11-jpeg-162276-3423-4164-1622765735.jpg?w=680&h=408&q=100&dpr=1&fit=crop&s=lPATOmJashF4rx1b99jKxg>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 97492
expires: Sat, 04 Jun 2022 07:49:57 GMT

GET
H2 200 ngothiphuonglepng-1527792998.png
vcdn1-vnexpress.vnecdn.net/2018/06/01/ 17 KB
18 KB 342ms
18ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2018/06/01/ngothiphuonglepng-1527792998.png?w=100&h=100&q=100&dpr=1&fit=crop&s=9U-LZyiOsvZ4TyiBWkd_kg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 757319d72d19e7b6cb63668eae4b99a71034b21823786c4efce125f8de370b5d

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:57 GMT
x-edge-location: defr
x-cache: MISS, HIT
content-length: 17597
x-shield: active
last-modified: Thu, 03 Jun 2021 12:18:53 GMT
server: keycdn-engine
x-handle: 242-19
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/png
link: <http://i1-vnexpress.vnecdn.net/2018/06/01/ngothiphuonglepng-1527792998.png?w=100&h=100&q=100&dpr=1&fit=crop&s=9U-LZyiOsvZ4TyiBWkd_kg>; rel="canonical"
expires: Sat, 04 Jun 2022 07:49:57 GMT

GET
H2 200 LVT4195-1622754779-5045-1622754789.jpg
vcdn1-vnexpress.vnecdn.net/2021/06/04/ 30 KB
31 KB 331ms
7ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/06/04/LVT4195-1622754779-5045-1622754789.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=mUqSsBGZPQlQ6nhPUdkUEg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 99329996a19d8a59a41e8f7478ef9d81801a9a860a5f51c4a3bdc34d87740d88

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:57 GMT
last-modified: Thu, 03 Jun 2021 21:13:26 GMT
server: keycdn-engine
link: <http://i1-vnexpress.vnecdn.net/2021/06/04/LVT4195-1622754779-5045-1622754789.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=mUqSsBGZPQlQ6nhPUdkUEg>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 30918
expires: Sat, 04 Jun 2022 07:49:57 GMT

GET
H2 200 pubads_impl_2021052601.js Show response
securepubads.g.doubleclick.net/gpt/ 311 KB
109 KB 53ms
53ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 08:37:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111649
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:00:57 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 119 KB
46 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81fe9a946760a9f9d2eca616813e56efd907416d3d45971a28794b905adf84ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46795
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:00:57 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 120 KB
46 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83943b7860887d42283f38d38ba313f207ec1c32b3fd45fd89d08507f17c50bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46841
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:00:57 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
86 B 18ms
17ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-50285069-28&cid=653929922.1622772057&jid=503882993&gjid=706174781&_gid=361810233.1622772057&_u=aGDAgEABAAAAAE~&z=1256990205

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 04 Jun 2021 02:00:57 GMT
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 103 KB
38 KB 50ms
48ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-P5FWR6V&t=gtm9&cid=653929922.1622772057

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4cd5b2f45611b3d5d531af9937c7bec0a64c9f1f4f84e54638807e1376a984e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38530
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:00:57 GMT

GET
H2 200 ea3.js Show response
s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ 36 KB
14 KB 9ms
7ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 2158f6295fd6de1f85e8230b955e5707d717af210d28722ba3f194e9a07f5b12

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Wed, 14 Apr 2021 07:38:01 GMT
server: keycdn-engine
etag: W/"60769bd9-8e99"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js>; rel="canonical"
expires: Sat, 04 Jun 2022 07:49:57 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 217 KB
69 KB 44ms
43ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

472c14b69dab114052924354027353019f4c1e5372c1c28be768be17b227192e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: br
last-modified: Thu, 03 Jun 2021 20:58:15 GMT
etag: "60b77459-113b0"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 70576
expires: Fri, 04 Jun 2021 03:00:57 GMT

GET
H/1.1 200
OK cdp.js
octopus-stream01-cads.fpt.vn/ 97 KB
0 7450ms
300ms Script
application/javascript 1.55.119.34
FPT-AS-AP The Cor...

General

Check archive.org

Show headers Download Go to

Full URL: https://octopus-stream01-cads.fpt.vn/cdp.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 1.55.119.34 Ho Chi Minh City, Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:01:04 GMT
Last-Modified: Wed, 19 May 2021 07:24:28 GMT
Server: nginx
ETag: "60a4bd2c-20170"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 131440

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
18ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=702914869&t=pageview&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEAB~&jid=503882993&gjid=706174781&cid=653929922.1622772057&tid=UA-50285069-28&_gid=361810233.1622772057&gtm=2wg621N3FNJF&cg1=Home&cg4=Home&cd1=1000000&cd8=Home&cd17=No&cd19=Web&cd22=1&cd24=0&cd27=Home&cd37=&cd55=653929922.1622772057&z=1696985455

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Jun 2021 13:37:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44583
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-50285069-28&cid=653929922.1622772057&jid=503882993&_u=aGDAgEABAAAAAE~&z=427727091

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 28ms
28ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-50285069-28&cid=653929922.1622772057&jid=503882993&_u=aGDAgEABAAAAAE~&z=427727091

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 46 B
230 B 479ms
122ms Script
application/javascript 54.235.175.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=adAsiaTM.writeIpData
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.175.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-175-90.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 8374e6b757753b8997151eaba0f58b2759b36d9a75ce6b5fdf522465a8f32284

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:00:57 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 46
Vary: Origin
Content-Type: application/javascript

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
94 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 23:24:35 GMT
x-content-type-options: nosniff
age: 9382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95931
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jun 2022 23:24:35 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/2060/ 35 KB
12 KB 195ms
34ms Script
application/javascript 2.16.186.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/2060/smart.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f4a1f2dfe79b751c36aca5e01379145e3842614d4363b6384267f0b514abd133

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:00:57 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=213
Content-Length: 12553
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8

GET
H3-29 200 atmSticky.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/library/ 6 KB
6 KB 36ms
8ms Script
application/javascript 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/atmSticky.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 57b34107b8f7999e55b91489c92d84cb8b966dc48efaf173ea6e3333b39ef1c9

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:06 GMT
age: 411
x-guploader-uploadid: ABg5-UxhGAyqlSdYHx6hkZTtmtnAbFEo8Q2GsIvgPHWqip8NkVre4LE5uLRr78Pnfabr5Ix_vlOnc5_woowMS7SmbLM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
last-modified: Fri, 24 Aug 2018 08:30:39 GMT
server: UploadServer
etag: "0f158b74b82b73279189624ff4bee981"
x-goog-hash: crc32c=HUYPNw==, md5=DxWLdLgrcyeRiWJP9L7pgQ==
x-goog-generation: 1535099439593447
cache-control: public, max-age=31536000
x-goog-stored-content-length: 6232
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 04 Jun 2022 01:54:06 GMT

GET
H3-29 200 domain.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/config/ 11 KB
11 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/config/domain.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 693fbd0ab5fc53069137459b79a060d087dc2a1ce0c5e13277297799a38ce621

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:49:40 GMT
age: 677
x-guploader-uploadid: ABg5-UxVI-w0YLaR3jwzXiHuzXRXAbfmVCF1zudFqo0ppMbZU7B1HsZW--B33VYAloZ83q7I75U0C4wz3B0ysLG-WrE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11525
last-modified: Tue, 27 Oct 2020 09:28:39 GMT
server: UploadServer
etag: "9ea740f3ffa53339fa0a55540ed53fd8"
x-goog-hash: crc32c=IZZ5fQ==, md5=nqdA8/+lMzn6ClVUDtU/2A==
x-goog-generation: 1603790919481748
cache-control: public, max-age=3600
x-goog-stored-content-length: 11525
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 04 Jun 2021 02:49:40 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
70 B 26ms
25ms Ping
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-DQJ7NF9DN2&gtm=2oe621&_p=702914869&sr=1600x1200&_gaz=1&ul=en-us&cid=653929922.1622772057&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&dr=https%3A%2F%2Fvnexpress.net%2F&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sid=1622772057&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:00:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 collect
stats.g.doubleclick.net/g/ 0
17 B 39ms
18ms Ping
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DQJ7NF9DN2&cid=653929922.1622772057&gtm=2oe621&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQJ7NF9DN2&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:00:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 50ms
49ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DQJ7NF9DN2&cid=653929922.1622772057&gtm=2oe621&aip=1&z=195638224

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 collect
analytics.google.com/g/ 0
17 B 26ms
26ms Ping
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-57577CKS2C&gtm=2oe621&_p=702914869&sr=1600x1200&_gaz=1&ul=en-us&cid=653929922.1622772057&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&dr=https%3A%2F%2Fvnexpress.net%2F&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sid=1622772057&sct=1&seg=0&en=page_view&_fv=2&_ss=1&_c=1&ep.vn_segment=%7Bvn_segment%7D%7D&up.page_category=Home&up.page_category_id=1000000&up.page_subcategory_id=&up.page_type=Home&up.page_platform=Web&up.user_logged_in=No
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:00:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 collect
stats.g.doubleclick.net/g/ 0
17 B 23ms
18ms Ping
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-57577CKS2C&cid=653929922.1622772057&gtm=2oe621&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57577CKS2C&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:00:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 51ms
50ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-57577CKS2C&cid=653929922.1622772057&gtm=2oe621&aip=1&z=1338568502

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bad.js Show response
s.eclick.vn/ 17 B
258 B 612ms
611ms Script
application/x-javascript 111.65.249.130
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.eclick.vn/bad.js
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_43 /
Resource Hash: ed4ef2139cd317225ee317868a334ddb6218915eeb808fa9d8017ab6e9dbabdc

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: gzip
last-modified: Sun, 09 Aug 2020 14:01:42 GMT
server: FPT-static_eclick_141_43
etag: W/"5f3001c6-11"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
expires: Sat, 05 Jun 2021 02:00:57 GMT

GET
H/1.1 200
OK syncuser Show response
adp.vnecdn.net/ 110 B
886 B 672ms
223ms XHR
application/json 111.65.249.227
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://adp.vnecdn.net/syncuser?fosp_aid=d4m74kwhd97ui1st.1622772057.des&orig_aid=d4m74kwhd97ui1st.1622772057.des&myvne_user_id=0
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.227 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 179eb59a05741f19c91f25c503fbb3d6927c82424a63afce8e04d49422f14690

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:00:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 04 Jun 2021 09:00:57 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With

GET
H/1.1 200
OK get Show response
la.vnecdn.net/ 288 B
474 B 914ms
239ms Script
application/javascript 180.148.141.233
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://la.vnecdn.net/get?action_name=vnexpress.net%2FVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&idsite=6&rec=1&r=376431&h=4&m=0&s=57&url=https%3A%2F%2Fvnexpress.net%2F&urlref=https%3A%2F%2Fvnexpress.net%2F&_id=3b6462135f0ad0b4&_idts=1622772057&_idvc=1&_idn=1&_refts=0&_viewts=1622772057&cvar=%7B%222%22%3A%5B%22tt_category_id%22%2C%221000000%22%5D%2C%223%22%3A%5B%22tt_article_id%22%2C%221000000%22%5D%2C%226%22%3A%5B%22keyword%22%2C%22VnExpress%2C%20tin%20t%E1%BB%A9c%2C%20tin%20the%20gioi%2C%20tin%20nhanh%2C%20tin%20tuc%20viet%20nam%2C%20doc%20bao%20VnExpress%20tin%20t%E1%BB%A9c%20m%E1%BB%9Bi%20nh%E1%BA%A5t%20-%20Th%C3%B4ng%20tin%20nhanh%20%26%20ch%C3%ADnh%20x%C3%A1c%20%C4%91%C6%B0%E1%BB%A3c%20c%E1%BA%ADp%20nh%E1%BA%ADt%20h%C3%A0ng%20gi%E1%BB%9D.%20%C4%90%E1%BB%8Dc%20b%C3%A1o%20tin%20t%E1%BB%A9c%20online%20Vi%E1%BB%87t%20Nam%20%26%20Th%E1%BA%BF%20gi%E1%BB%9Bi%20n%C3%B3ng%20%22%5D%7D&cookie=1&res=1600x1200&_cvar=%7B%224%22%3A%5B%22fosp_aid%22%2C%22d4m74kwhd97ui1st.1622772057.des%22%5D%7D&fosp_id=d4m74kwhd97ui1st.1622772057.des
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 180.148.141.233 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: /
Resource Hash: 747163455190e84b87c56b3d381fa90c287880248c78ca43c8fb6596c30ee341

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/javascript
Content-Length: 288
P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE IND PHY ONL COM NAV OTC NOI DSP COR IDC'

GET
H/1.1 204
No Content get
la2.vnecdn.net/ 0
197 B 675ms
223ms Image
text/plain 180.148.132.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://la2.vnecdn.net/get?app_id=100&ss_id=0&pg_id=e9ac808bbb3109122a71d86afc52b4b7&site_id=1000000&page_type=1&idsite=1000000&type=site&fid=1000000&aid=1000000&fosp_aid=d4m74kwhd97ui1st.1622772057.des&orig_aid=d4m74kwhd97ui1st.1622772057.des&fosp_country=&fosp_gender=&fosp_ip=&fosp_isp=&fosp_zone=&fosp_location=&adblock=0&myvne_user_id=0&referrer=https%3A%2F%2Fvnexpress.net%2F&url=https%3A%2F%2Fvnexpress.net%2F&publication=&author=&article_type=&wordcount=&list_folder=1000000&vn_source=&vn_medium=&vn_campaign=&vn_term=&vn_content=&utm_source=&utm_medium=&utm_campaign=&utm_term=&utm_content=&index_topic=0&index_format=0&index_type=&r=0.6740886101548387&v=0809&action=pv
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 180.148.132.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FT /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 04 Jun 2021 02:00:58 GMT
Cache-Control: no-cache
Server: FT
Connection: keep-alive
Expires: Fri, 04 Jun 2021 02:00:57 GMT

GET
H3-29 200 vn_block_keywords.js Show response
storage.googleapis.com/adasia-ad-network-origin/atm/config/ 97 B
124 B 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/config/vn_block_keywords.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bbfab80d791a853415a874777184fa442df7d5f61e4da3171bfb5278e16cc6bf

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:45:13 GMT
age: 944
x-guploader-uploadid: ABg5-UxjxHxzE0OA88qr02QgABTpTLJ3uXvzm3qNGlC8rSLMd3yrmbd2E42iMEPsqjXfoq63q28a-eS7OFPEAAb1cJg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97
last-modified: Tue, 20 Aug 2019 03:10:31 GMT
server: UploadServer
etag: "9ab805e8e5990ef2f6e5490772bebde8"
x-goog-hash: crc32c=yqWvcg==, md5=mrgF6OWZDvL25UkHcr696A==
x-goog-generation: 1566270631279906
cache-control: public, max-age=3600
x-goog-stored-content-length: 97
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 04 Jun 2021 02:45:13 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
38 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KJGNLDW&l=adAsiaDataLayer

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

790f85ca7548f0fe9199730f8d8c9c1b4ffa239d4e9440937ffd69ac2f5788bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39188
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Jun 2021 02:00:57 GMT

GET
H2 200 adasia.js Show response
cdn.hbplatform.com/adasia/tags/2/1121/ 53 KB
16 KB 20ms
7ms Script
application/javascript 2600:1901:0:98f7::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hbplatform.com/adasia/tags/2/1121/adasia.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:98f7:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8327b8e8cf877b87688ffc35ac6117b1632c0916e128ee022a8a97a8f53017b1

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:43 GMT
content-encoding: gzip
age: 375
x-guploader-uploadid: ABg5-UxJVdl2G-crHSsnATbsO47mpouMjRBTn2nAb_YvI0Twp6FqpwI5dJzRLMH0wKRiGgu35dSD17c3jvXn6vaVa5El0fwGrA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 15806
last-modified: Wed, 02 Jun 2021 03:51:13 GMT
server: UploadServer
etag: "2cc0fc6e4711fb90a33fd00f5ac57395"
vary: Accept-Encoding
x-goog-hash: crc32c=p/At9g==, md5=LMD8bkcR+5CjP9APWsVzlQ==
x-goog-generation: 1622605873646236
cache-control: public, max-age=1800
x-goog-stored-content-length: 15806
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
expires: Fri, 04 Jun 2021 02:24:43 GMT

GET
H2 200 lazyload.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/ 10 KB
4 KB 371ms
370ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/lazyload.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: e5235b9bab8f3e03517428422f94e0cfc8f356ce0089cfc60a0a7032af1825c2

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:31 GMT
etag: W/"6093454f-27d4"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:58 GMT

GET
H2 200 home.defer.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/modules/ 35 KB
11 KB 371ms
371ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/modules/home.defer.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 6419c8923bcd1a5e445edcbc8b321f47851f1df786aae1b8a337d75d47c79702

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 04:51:15 GMT
etag: W/"60b85fc3-8c43"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:58 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 18ms
18ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-169340704-1&cid=653929922.1622772057&jid=1794985722&gjid=547843617&_gid=361810233.1622772057&_u=aGDAgEADQAAAAE~&z=840701936

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 04 Jun 2021 02:00:57 GMT
content-type: text/plain
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=702914869&t=pageview&_s=1&dl=https%3A%2F%2Fvnexpress.net%2F&ul=en-us&de=UTF-8&dt=VnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQAAAAE~&jid=1794985722&gjid=547843617&cid=653929922.1622772057&tid=UA-169340704-1&_gid=361810233.1622772057&gtm=2wg621N3FNJF&cg1=Home&cg4=Home&cd1=1000000&cd2=Home&cd3=&cd5=Home&cd6=Web&cd55=653929922.1622772057&z=1448776103

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Jun 2021 13:37:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44583
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9293.maZL4Ffulb6wcqo5DJguDnXFPaqhZ-PWkhbLXoUxR3OgGgRm7Asr-Xy1D8hvepf2.7mrKl8hUk8AvTuf9Eyb56veFoO8%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9293.0R3G-OzEp5pqoncvpgSwUm0uHPSrK670WwC8gVZbFjL3SQNYdf82m63tX9wW9xj6nyeorFipdnZne2Iisq9w_g%2C%2C.bpqXGAq6SBYHl4Tlz8rGqEQhVTA%2C

75 B
75 B

42ms
42ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9293.0R3G-OzEp5pqoncvpgSwUm0uHPSrK670WwC8gVZbFjL3SQNYdf82m63tX9wW9xj6nyeorFipdnZne2Iisq9w_g%2C%2C.bpqXGAq6SBYHl4Tlz8rGqEQhVTA%2C

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:58 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9293.0R3G-OzEp5pqoncvpgSwUm0uHPSrK670WwC8gVZbFjL3SQNYdf82m63tX9wW9xj6nyeorFipdnZne2Iisq9w_g%2C%2C.bpqXGAq6SBYHl4Tlz8rGqEQhVTA%2C
date: Fri, 04 Jun 2021 02:00:58 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
109 B 44ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:58 GMT
last-modified: Thu, 03 Jun 2021 20:58:15 GMT
etag: "60b77459-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Jun 2021 03:00:58 GMT

GET
H2 200 adsbyeclick.js Show response
scdn.eclick.vn/delivery/asset/324297083/ 25 KB
10 KB 21ms
6ms Script
application/x-javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.eclick.vn/delivery/asset/324297083/adsbyeclick.js
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/eclick.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: fdef617a43d55e729cf502763d6f83b4db3e916ef26999422227c2564a30c9e6

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 04:37:20 GMT
server: keycdn-engine
link: <http://s.eclick.vn/delivery/asset/324297083/adsbyeclick.js>; rel="canonical"
x-edge-location: defr
etag: W/"60a5e780-621f"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-shield: active
expires: Fri, 04 Jun 2021 03:00:58 GMT

GET
H2 200 Merriweather-Bold.woff2
s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/fonts/ 59 KB
60 KB 221ms
221ms Font
application/octet-stream 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/fonts/Merriweather-Bold.woff2
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/webfonts/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 119ec1d9a42611e9ff521ffd50a5a8b85df6006c9c19ce856ebcef1ea373f506

Request headers

Origin: https://vnexpress.net
Referer: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/webfonts/fonts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
last-modified: Thu, 06 May 2021 01:23:00 GMT
etag: "609344f4-ed40"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 60736
expires: Sun, 05 Jun 2022 02:00:58 GMT

GET
H2 200 Merriweather-Regular.woff2
s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/fonts/ 61 KB
61 KB 397ms
397ms Font
application/octet-stream 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/fonts/Merriweather-Regular.woff2
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/webfonts/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 92482f69cf8b488f4e0364ce1ead48d89a0bac67ae2d147e7028fd14afb42aae

Request headers

Origin: https://vnexpress.net
Referer: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/webfonts/fonts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
last-modified: Thu, 06 May 2021 01:23:00 GMT
etag: "609344f4-f2a8"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 62120
expires: Sun, 05 Jun 2022 02:00:58 GMT

GET
H2 200 prebid.js Show response
cdn.fuseplatform.net/adasia/tags/2/1121/ 249 KB
78 KB 60ms
6ms Script
application/javascript 2600:1901:0:14e5::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/adasia/tags/2/1121/prebid.js
Requested by: Host: cdn.hbplatform.com
URL: https://cdn.hbplatform.com/adasia/tags/2/1121/adasia.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:14e5:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 13791f74085348e02137240ad8a3fa0f5b85c92c2b04867b064f2e8bda4733a0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:46:55 GMT
content-encoding: gzip
age: 843
x-guploader-uploadid: ABg5-UxRLxnHY-by_ABQipG-0qOkKoISXoMcMRPgIdZfrk67ElwTOJDnV-uwDgcIoJLAv3_SDVLXSaPxupDt9prvwK8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 79353
last-modified: Mon, 16 Nov 2020 06:56:24 GMT
server: UploadServer
etag: "3a55bf7e0d0dcf5840cafc850adf7d3f"
vary: Accept-Encoding
x-goog-hash: crc32c=4Cx9rw==, md5=OlW/fg0Nz1hAyvyFCt99Pw==
x-goog-generation: 1605509784906332
cache-control: public, max-age=1800
x-goog-stored-content-length: 79353
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
expires: Fri, 04 Jun 2021 02:16:55 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/62978707/
Redirect Chain

https://mc.yandex.com/watch/62978707?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A299%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen...
https://mc.yandex.com/watch/62978707/1?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A299%3Afu%3A1%3Aen%3Autf-8%3Ala%3A...

236 B
294 B

46ms
46ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/62978707/1?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A299%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A551%3Acn%3A1%3Adp%3A0%3Als%3A1409973049683%3Ahid%3A177172772%3Az%3A120%3Ai%3A20210604040057%3Aet%3A1622772057%3Ac%3A1%3Arn%3A752354595%3Au%3A16227720571054713009%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622772056828%3Ads%3A0%2C0%2C235%2C203%2C1%2C0%2C%2C244%2C0%2C%2C%2C%2C490%3Adsn%3A0%2C0%2C235%2C203%2C0%2C0%2C%2C50%2C0%2C%2C%2C%2C490%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622772058%3At%3AVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c24ed4ecefc330034306015d331ef8c362cad5198df653f7e323966e1b329043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:00:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 04-Jun-2021 02:00:58 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vnexpress.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 236
x-xss-protection: 1; mode=block
expires: Fri, 04-Jun-2021 02:00:58 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:00:58 GMT
last-modified: Fri, 04-Jun-2021 02:00:58 GMT
location: /watch/62978707/1?wmode=7&page-url=https%3A%2F%2Fvnexpress.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A299%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A551%3Acn%3A1%3Adp%3A0%3Als%3A1409973049683%3Ahid%3A177172772%3Az%3A120%3Ai%3A20210604040057%3Aet%3A1622772057%3Ac%3A1%3Arn%3A752354595%3Au%3A16227720571054713009%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622772056828%3Ads%3A0%2C0%2C235%2C203%2C1%2C0%2C%2C244%2C0%2C%2C%2C%2C490%3Adsn%3A0%2C0%2C235%2C203%2C0%2C0%2C%2C50%2C0%2C%2C%2C%2C490%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1622772058%3At%3AVnExpress%20-%20B%C3%A1o%20ti%E1%BA%BFng%20Vi%E1%BB%87t%20nhi%E1%BB%81u%20ng%C6%B0%E1%BB%9Di%20xem%20nh%E1%BA%A5t
strict-transport-security: max-age=31536000
access-control-allow-origin: https://vnexpress.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 04-Jun-2021 02:00:58 GMT

GET
H/1.1 200
OK eclookup.html Show response
g.eclick.vn/delivery/ Frame 9394 5 KB
3 KB 980ms
224ms Document
text/html 111.65.249.227
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.eclick.vn/delivery/eclookup.html?fosp_aid=d4m74kwhd97ui1st.1622772057.des&orig_aid=d4m74kwhd97ui1st.1622772057.des&myvne_user_id=0
Requested by: Host: scdn.eclick.vn
URL: https://scdn.eclick.vn/delivery/asset/324297083/adsbyeclick.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.227 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: c4d10214d66669b2cc88ea8affa688376b10bce29d513a0401f4e44b3b187710

Request headers

Host: g.eclick.vn
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Server: nginx/1.12.2
Date: Fri, 04 Jun 2021 02:00:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2 200 hls.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1732/v2/helper/vod/ 239 KB
70 KB 227ms
226ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v2/helper/vod/hls.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: e31abfba9498eb99c83e4d738058db4f316f1a3ef6d33e8dbb2cd5cf077096cd

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:27 GMT
etag: W/"6093454b-3bc3b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:58 GMT

GET
H2 200 embed_vod.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1732/v2/helper/ 55 KB
15 KB 238ms
237ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v2/helper/embed_vod.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: a6fd348793c16aaf8ad37966e528325582aad94ffbe93729bc6ab51fe9c639f5

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:27 GMT
etag: W/"6093454b-dcbf"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:58 GMT

GET
H2 200 video-js.css
s1.vnecdn.net/vnexpress/restruct/j/v1732/v2/helper/vod/ 75 KB
23 KB 239ms
239ms Stylesheet
text/css 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v2/helper/vod/video-js.css
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/vod.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: cce58d4c04c5bc1c3c6cf3687222a843bc8f65c7425d10cb3ade72a7912e49c8

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:27 GMT
etag: W/"6093454b-12c5c"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:58 GMT

GET
H2 200 ads.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1732/v2/helper/vod/ 29 KB
7 KB 241ms
241ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v2/helper/vod/ads.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 9742ad08db82dedf33acd2fe9bea9390d6197e672ccc2a6d3f40d87ed964824c

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:27 GMT
etag: W/"6093454b-7595"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:58 GMT

GET
H/1.1 200
OK fopt.js Show response
adp.vnecdn.net/ 0
249 B 223ms
222ms Script
text/plain 111.65.249.227
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://adp.vnecdn.net/fopt.js?aid=
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.227 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:00:58 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx/1.12.2
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 39ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5863
x-xss-protection: 0
server: cafe
etag: 12453517290502062038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 02:13:43 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
175 B 573ms
196ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Fri, 04 Jun 2021 02:00:58 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 226ms
161ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Fri, 04 Jun 2021 02:00:58 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
rtb.adpone.com/ 727 B
713 B 65ms
48ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=1201181228390
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ac127b876503dce9b17a1e623175e1d3eb6da1f291171435b4675fe8b33033

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ah3rGtCy61NmUO1r8IQ6Et67J5nCbTewnRkHBKpvRv%2BjaF%2FkhdveCsvuGyXOMkGbX5X6rAzETg5mDbP7g43xaItvmpsM1wO3x51MwRcjh6DJ1NY0X3OjH%2BiKWZwnDOwmCK%2BXzM4IdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
cf-ray: 659d9215898e4e67-FRA
cf-request-id: 0a7659a17700004e6799112000000001

POST
H2 200 bid-request Show response
rtb.adpone.com/ 765 B
726 B 61ms
44ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=120118122658647
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 060e8ad9dd20a0f83f8de271f91b3086a052a82a4cfd95110c1a77d6b3e52cfe

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Un0CdswLEPAZjFMf5VuwIcopJFDaAkZiImTQtBLPdXgSJhIIBUgM6AlNFGalCgAzJMM4KD1EDvOlnwT9Ec4CtjDAQBA4WLP6Nv38BSvq4w26jPawscpXYGrLoYQTu7BGOFU9j6kroA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
cf-ray: 659d921589904e67-FRA
cf-request-id: 0a7659a17700004e67aebbc000000001

POST
H2 200 bid-request Show response
rtb.adpone.com/ 765 B
733 B 62ms
46ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=120118122658647
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6703d2f4290eb2658f3ca9376a3aeaab873e65f418f95ff57815aaef3d57528

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZH7gOT9v3jC%2B5t3BoKGiw%2BWSiV8e2dkTnaMy34U0yJywW7xUJ3vvFiH5z6phAmklzS97Q%2BVbmi5wvvGDw0k6DbrHz37NbsYRwnL8cOsL%2BjStbr2OhGkXLmFE30ssLjyQlVVzCOXHJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
cf-ray: 659d921589914e67-FRA
cf-request-id: 0a7659a17700004e6787321000000001

POST
H2 200 bid-request Show response
rtb.adpone.com/ 763 B
990 B 59ms
43ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=120118122658647
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bd2e20de74b3a8d7e3102b88803d9c7d12929bd9a75ebe7536b7116b721f778

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=orqRzcHxyKO5tDqcKkhzuEhy1Nm1IUpx35119DFTkuriisD8f2QD5CiP8wbksle%2FPPnzKzXG28tDAWCkIE2rb%2FnnMuzweAlT2%2BYsO3bZ7f3iIXl7%2BPhFDRnSOTiwq1GbzgPWI4OXcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
cf-ray: 659d921589934e67-FRA
cf-request-id: 0a7659a17800004e679b9df000000001

POST
H2 200 bid-request Show response
rtb.adpone.com/ 732 B
724 B 71ms
55ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=120118122658647
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a987d4a7fad370da78c13d91823f1f293bc24598593e877f988777718c4c4376

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gO%2Fix7OCdkv%2FnHHBKW%2B3cE505I6Q%2BCPY82XTUKzYXt7%2BTt1vbeXCEtN0vW98X%2Bj1lPLEsc9fDyM1oKTuZrFf%2BGh2Za8nMbFUKua4xpUEr7VAZzLANioPgkcEM1TmIYTEKlbPTOM2Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
cf-ray: 659d921589944e67-FRA
cf-request-id: 0a7659a17800004e679b9e0000000001

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
186 B 123ms
41ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=81534789570
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
date: Fri, 04 Jun 2021 02:00:57 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 auction Show response
rtb.adxpremium.services/openrtb2/ 324 B
896 B 102ms
86ms XHR
application/json 2606:4700:e6::ac40:c219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43a6e9ce8a31de206a899ea59db703a5234809e45529daee5460388a71910fcf

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7659a17a0000dfd39f36a000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ssttPO9xFuEJyo4jvWjghux63m3m2bB40PZGMBYZLsVEkKYSZU5pRtKeUxPdlfukb4%2BbNSmQfJHrWuuEf%2Fpe%2BFauS9Cv6sEc9jJEv5umnLQlmju8cG1AWRwo8whv7oJ%2Fm3ed6%2FqVr%2BDsJDDCTLFRpi4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 659d921598d4dfd3-FRA
expires: 0

GET arj
ureka-d.openx.net/w/1.0/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 71 B
767 B 112ms
38ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

2bcfd666de44d15622d077fdb8bafb5bc9d44bf361734774517a0b645845b7d2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:00:58 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.86:80
AN-X-Request-Uuid: 5e1e251e-8809-4af6-8a56-01be5226bafe
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 71
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5
https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=b48b01fd-c4d8-11eb-86a4-1708f5200206

0
588 B

31ms
31ms

Image
text/plain

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=307342&sync_limit=5&__user_check__=1&sync_id=b48b01fd-c4d8-11eb-86a4-1708f5200206
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Fri, 04 Jun 2021 02:00:58 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 77
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Fri, 04 Jun 2021 02:00:58 GMT
Server: nginx
Location: /partner?source=307342&sync_limit=5&__user_check__=1&sync_id=b48b01fd-c4d8-11eb-86a4-1708f5200206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 84
Connection: keep-alive
Content-Length: 0

GET
H2 200 zepto.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/libs/ 39 KB
12 KB 223ms
223ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/libs/zepto.js
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/modules/home.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 464afcd8128470af2c00e32101a2df60a792586747321dd5afa9a21816a385ba

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:31 GMT
etag: W/"6093454f-9c7d"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:58 GMT

GET
H2 200 simple-scrollbar.min.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/libs/ 4 KB
2 KB 221ms
221ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/libs/simple-scrollbar.min.js
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/modules/home.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 1601c1cfc82d718d46138f6a4205cae60449697b94e6abf7586735ec2e05c3d0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:31 GMT
etag: W/"6093454f-10a7"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:58 GMT

GET
H2 200 usi.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/ 10 KB
3 KB 222ms
221ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/usi.js
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/modules/home.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: d6e3b5703ddd016c902373aed3e30d9532fc56bb712addc7365664d73e02d584

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 09:08:48 GMT
etag: W/"60af61a0-298b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:58 GMT

GET
H2 200 eclick_logo.png
static.eclick.vn/delivery/css/images/graphics/ 2 KB
2 KB 991ms
225ms Image
image/png 111.65.249.131
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.eclick.vn/delivery/css/images/graphics/eclick_logo.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.131 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-static_eclick_141_34 /
Resource Hash: 28c34d137ec2cc383f7177e97e1d0d1855ec48e45536b9ae395b6ac1f26ee3f5

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
last-modified: Tue, 28 Apr 2020 05:02:00 GMT
server: FPT-static_eclick_141_34
etag: "5ea7b8c8-76a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1898
expires: Sun, 04 Jul 2021 02:00:59 GMT

GET
H2 200 e2-ip6uyaaciey-jpeg-1622769534-6987-1622769593.jpg
vcdn1-thethao.vnecdn.net/2021/06/04/ 9 KB
10 KB 8ms
5ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-thethao.vnecdn.net/2021/06/04/e2-ip6uyaaciey-jpeg-1622769534-6987-1622769593.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=yegIHRjWNtCrLxT6kMzFDQ
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: d370bbe41b6e836475161c7f224bfb16a6c4db8c319c9dd989b382866eec28ac

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
last-modified: Fri, 04 Jun 2021 01:20:04 GMT
server: keycdn-engine
link: <http://i1-thethao.vnecdn.net/2021/06/04/e2-ip6uyaaciey-jpeg-1622769534-6987-1622769593.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=yegIHRjWNtCrLxT6kMzFDQ>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 9474
expires: Sat, 04 Jun 2022 07:49:58 GMT

GET
H2 200 metro-so-2-4815-1610096189-603-5031-4853-1622768420.png
vcdn1-vnexpress.vnecdn.net/2021/06/04/ 49 KB
50 KB 7ms
7ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/06/04/metro-so-2-4815-1610096189-603-5031-4853-1622768420.png?w=220&h=132&q=100&dpr=1&fit=crop&s=x13yh-nWKGbTa89G65cq6w
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: a2bf413a5adb51c52006e6a575a731bf180710de5c378d2e4895465bf81280a6

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
last-modified: Fri, 04 Jun 2021 01:00:40 GMT
server: keycdn-engine
link: <http://i1-vnexpress.vnecdn.net/2021/06/04/metro-so-2-4815-1610096189-603-5031-4853-1622768420.png?w=220&h=132&q=100&dpr=1&fit=crop&s=x13yh-nWKGbTa89G65cq6w>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 50426
expires: Sat, 04 Jun 2022 07:49:58 GMT

GET
H2 200 d9ec23a9e8231d7d4432-162270124-4781-8781-1622701267.jpg
vcdn1-suckhoe.vnecdn.net/2021/06/03/ 11 KB
11 KB 6ms
6ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-suckhoe.vnecdn.net/2021/06/03/d9ec23a9e8231d7d4432-162270124-4781-8781-1622701267.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=Y6roY1EDC6HgSlZPSYz_AA
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 57072bc9b9f3f9c3a450e9701b0b93b0673050f0b5f39d74d6021dd54504a29b

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
last-modified: Thu, 03 Jun 2021 06:22:23 GMT
server: keycdn-engine
link: <http://i1-suckhoe.vnecdn.net/2021/06/03/d9ec23a9e8231d7d4432-162270124-4781-8781-1622701267.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=Y6roY1EDC6HgSlZPSYz_AA>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 10806
expires: Sat, 04 Jun 2022 07:49:58 GMT

GET
H2 200 QUYN8123-1622736634-5200-1622736711.jpg
vcdn1-kinhdoanh.vnecdn.net/2021/06/03/ 21 KB
21 KB 22ms
6ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-kinhdoanh.vnecdn.net/2021/06/03/QUYN8123-1622736634-5200-1622736711.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=TjUhAuUSiUzFFzabnTVAWw
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: c09e31e9d07beac1beb12ac3157fbde930dc29587309b27b49a0f9645e07e610

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
last-modified: Thu, 03 Jun 2021 16:12:17 GMT
server: keycdn-engine
link: <http://i1-kinhdoanh.vnecdn.net/2021/06/03/QUYN8123-1622736634-5200-1622736711.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=TjUhAuUSiUzFFzabnTVAWw>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 21499
expires: Sat, 04 Jun 2022 07:49:58 GMT

GET
H2 200 tiepte-1622723045-1622723058-5806-1622723113.jpg
vcdn1-vnexpress.vnecdn.net/2021/06/03/ 28 KB
28 KB 7ms
6ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/06/03/tiepte-1622723045-1622723058-5806-1622723113.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=Vf14Giwd2IQ2hjs3c_1s8g
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: eebaba3fcdcc127b8e84a3d2fdc534620cc8b056f8824726b010bf12491cd7b3

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
last-modified: Thu, 03 Jun 2021 12:25:49 GMT
server: keycdn-engine
link: <http://i1-vnexpress.vnecdn.net/2021/06/03/tiepte-1622723045-1622723058-5806-1622723113.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=Vf14Giwd2IQ2hjs3c_1s8g>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 28311
expires: Sat, 04 Jun 2022 07:49:58 GMT

GET
H2 200 anhthutuongjohnsonapedited-162-2504-5795-1622763504.jpg
vcdn1-vnexpress.vnecdn.net/2021/06/04/ 18 KB
18 KB 7ms
6ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-vnexpress.vnecdn.net/2021/06/04/anhthutuongjohnsonapedited-162-2504-5795-1622763504.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=4kcy1HPU-AxapKV2h0zT2w
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 7afd6543fabc6f6921b857d6fa6c4c4a864a20d91ba1dbb964034c228a89a419

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
last-modified: Thu, 03 Jun 2021 23:38:42 GMT
server: keycdn-engine
link: <http://i1-vnexpress.vnecdn.net/2021/06/04/anhthutuongjohnsonapedited-162-2504-5795-1622763504.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=4kcy1HPU-AxapKV2h0zT2w>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 18207
expires: Sat, 04 Jun 2022 07:49:58 GMT

GET
H2 200 cornfield4306048960720-1622731-7264-9383-1622731294.jpg
vcdn1-kinhdoanh.vnecdn.net/2021/06/03/ 13 KB
13 KB 17ms
6ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-kinhdoanh.vnecdn.net/2021/06/03/cornfield4306048960720-1622731-7264-9383-1622731294.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=a8eZpUl3wcWN52hKrdIwOQ
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 2a7ca6113d143571cedcd8beae3d86613d34f6b545d9b85627a968f0bb756bbd

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
last-modified: Thu, 03 Jun 2021 14:41:46 GMT
server: keycdn-engine
link: <http://i1-kinhdoanh.vnecdn.net/2021/06/03/cornfield4306048960720-1622731-7264-9383-1622731294.jpg?w=220&h=132&q=100&dpr=1&fit=crop&s=a8eZpUl3wcWN52hKrdIwOQ>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 13002
expires: Sat, 04 Jun 2022 07:49:58 GMT

GET
H2 200 covid.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/widget/ 36 KB
9 KB 223ms
223ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/widget/covid.js
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/blocks/site/1000000.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: fdde09ec902ff630c0ee1f01f78665b4da34a828bf30c70e6dc85cd23cb20fc1

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 03:56:52 GMT
etag: W/"609ca384-8eb7"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:58 GMT

GET
H2 200 home Show response
vnexpress.net/microservice/ 370 KB
60 KB 271ms
271ms Fetch
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/microservice/home

Requested by

Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/blocks/site/1000000.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

577whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

bc0ea5d322c94735f125d9179d90fa61b1d5811c70cd6920a1294806bb65ca9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /microservice/home
pragma: no-cache
cookie: display_cpd=6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: vnexpress.net
referer: https://vnexpress.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: 577whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=60, no-cache
set-cookie: device_env=4; Expires=Fri, 04 Jun 2021 10:00:58; Domain=.vnexpress.net; Path=/
x-xss-protection: 1; mode=block
v-cache: VNE4

GET
H2 200 th Show response
gw.vnexpress.net/ 39 KB
7 KB 709ms
232ms Fetch
application/json 180.148.132.75
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.vnexpress.net/th?types=gia_vang_v2,ty_gia_vcb,data_shop_v2_home_vne_160,data_egift,data_shop_v2_home,rao_vat_v2,ewiki,bank_rate_offline,bank_rate_online
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/blocks/site/1000000.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 180.148.132.75 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: FPT-ams_global_139_54 /
Resource Hash: 7ca63979e3ac62dfe4aad1448c693793fc58a88b2cde0887985a4c6a59cbe9ec

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: gzip
server: FPT-ams_global_139_54
x-kong-server: kong_api_139_55
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
via: kong/1.2.1

GET
H2 200 4245034 Show response
vnexpress.net/microservice/getconsultants/aid/ 33 KB
7 KB 684ms
684ms Fetch
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/microservice/getconsultants/aid/4245034

Requested by

Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/blocks/site/1000000.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

577whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

d7a18af60149d105e1df041653f4306ba534e6d39ec10c1886ee31644e9306a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /microservice/getconsultants/aid/4245034
pragma: no-cache
cookie: display_cpd=6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: vnexpress.net
referer: https://vnexpress.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: 577whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=60, no-cache
set-cookie: device_env=4; Expires=Fri, 04 Jun 2021 10:00:58; Domain=.vnexpress.net; Path=/
x-xss-protection: 1; mode=block
v-cache: VNE4

GET
H2 200 video.lib.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1732/v2/helper/vod/ 461 KB
131 KB 227ms
227ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v2/helper/vod/video.lib.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 765afd4fecb7007452c0ca77ea09b9c06da6b5ca5717025d7fd3ade66affb18d

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:27 GMT
etag: W/"6093454b-73376"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:58 GMT

GET
H2 200 myvne_users_redesign.js Show response
s1cdn.vnecdn.net/myvne/j/v5/ 41 KB
10 KB 6ms
6ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s1cdn.vnecdn.net/myvne/j/v5/myvne_users_redesign.js
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/modules/home.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 98299e7fdaea04de37a4a123fd9cef3055d82d786c7d1b31aac0f5d695c81143

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
x-edge-location: defr
x-cache: HIT, HIT
x-shield: active
last-modified: Fri, 23 Apr 2021 08:24:44 GMT
server: keycdn-engine
etag: W/"6082844c-a31f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
link: <http://s1.vnecdn.net/myvne/j/v5/myvne_users_redesign.js>; rel="canonical"
expires: Sat, 04 Jun 2022 07:49:58 GMT

GET
H2 200 / Show response
usi-saas.vnexpress.net/widget/index/ 1 KB
1 KB 885ms
226ms Script
text/javascript 111.65.248.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://usi-saas.vnexpress.net/widget/index/?cid=4288833-1;4288781-1;4288698-1;4288740-1;4288819-1;4288823-1;4288832-5;4288803-1;4288458-1;4288797-1;4288669-1;4288830-1;4288751-1;4288839-1;4288775-1;4288821-1;4288801-1;4288733-1;4288728-1;4288746-1;4288763-1;4288782-1;4288506-1;4288727-1&
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/usi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.248.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: 10377inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash: 1a9c89cce1f5995855be9200eb022128b2ba8790712317c5a801fd5c5971da24

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
cache-control: max-age=30
last-modified: Fri, 04 Jun 2021 02:00:36 GMT
server: 10377inhcdd10bf7c7468e873e79ba2ad134
etag: "KsbG3iSJrs1IaIT5GNGjQQ=="
content-length: 1145
content-type: text/javascript; charset=utf-8

GET
H2 200 covid19_2021_by_location Show response
vnexpress.net/microservice/sheet/type/ 13 KB
1 KB 339ms
339ms XHR
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/microservice/sheet/type/covid19_2021_by_location

Requested by

Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/widget/covid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

577whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

73e238598643008c98bdb27247a2901458663b72c751a8c79487eddf812c9247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /microservice/sheet/type/covid19_2021_by_location
pragma: no-cache
cookie: display_cpd=6; login_system=1; fosp_loc=0-0-; fosp_country=; fosp_location=0; fosp_location_zone=0; fosp_isp=0; fosp_gender=3; device_env=4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: vnexpress.net
referer: https://vnexpress.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: 577whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=60, no-cache
v-type: 1
x-xss-protection: 1; mode=block
v-cache: VNE4

GET
BLOB 200
OK 8b019b83-70f8-4cb1-8d59-6e21d91ca967
https://vnexpress.net/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vnexpress.net/8b019b83-70f8-4cb1-8d59-6e21d91ca967
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 27ms
27ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 27ms
27ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 116 KB
28 KB 383ms
382ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2764200100999585&correlator=3978841355624615&output=ldjh&impl=fifs&eid=31060790%2C31061341&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CMasthead%2CHome%2CLarge1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F5%2F4&prev_iu_szs=320x50%7C1x1%7C728x90%7C900x225%7C970x250%7C1200x150%7C1800x180%7C1920x270%2C320x50%7C1x1%7C300x500%7C300x450&fluid=height%2Cheight&eri=1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dvnexpress.net%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB12%26inskin_yes%3Dtrue%26article_type%3D1%26article%3D1000000%26category%3D1000000%26cpd%3D6%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dnone&cookie_enabled=1&bc=31&abxe=1&lmt=1622772058&dt=1622772058999&dlt=1622772057074&idt=265&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1050&adys=0%2C391&adks=1832943895%2C1680299014&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvnexpress.net%2F&ref=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x270%7C300x0&msz=1600x0%7C300x0&ga_vid=653929922.1622772057&ga_sid=1622772059&ga_hid=702914869&ga_fc=false&fws=4%2C4&ohw=1600%2C300&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

fca14968ca5382c3e433ed5c47991c16d1a29b84f702559539b40d263b1fffb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28697
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 93ms
27ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 121 KB
30 KB 432ms
432ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2764200100999585&correlator=3449297672021944&output=ldjh&impl=fifs&eid=31060790%2C31061341&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CLarge2%2CHome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1%7C300x250%7C300x300%7C300x500%7C300x540%7C300x600&fluid=height&eri=1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dvnexpress.net%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB12%26inskin_yes%3Dtrue%26article_type%3D1%26article%3D1000000%26category%3D1000000%26cpd%3D6%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dnone&cookie_enabled=1&bc=31&abxe=1&lmt=1622772059&dt=1622772059006&dlt=1622772057074&idt=265&frm=20&biw=1600&bih=1200&oid=3&adxs=1030&adys=3716&adks=4260787118&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvnexpress.net%2F&ref=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x0&msz=340x250&ga_vid=653929922.1622772057&ga_sid=1622772059&ga_hid=702914869&ga_fc=false&fws=516&ohw=340&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a3f65edb7684964432e320fcbaaacc65e023e109fe0aa77f72cad6ff5fe385b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30530
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
5 KB 99ms
98ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2764200100999585&correlator=3130048466567175&output=ldjh&impl=fifs&eid=31060790%2C31061341&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=27973503%2COV.Vnexpress%2CDesktop%2CRichmedia%2CHome&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=320x50%7C1x1&fluid=height&eri=1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dvnexpress.net%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB12%26inskin_yes%3Dtrue%26article_type%3D1%26article%3D1000000%26category%3D1000000%26cpd%3D6%26bf%3D0%26islogin%3D0%26myvneid%3D0%26ismy%3D0%26myage%3D0%26mygender%3D0%26mysegment%3D%26mytop_folders%3Dundefined%26mytop_ver%3Dundefined%26myretar%3D%26screen_width%3D1600%26screen_height%3D1200%26bsf%3Dnone&cookie_enabled=1&bc=31&abxe=1&lmt=1622772059&dt=1622772059009&dlt=1622772057074&idt=265&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=4163&adks=3988550624&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvnexpress.net%2F&ref=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&ga_vid=653929922.1622772057&ga_sid=1622772059&ga_hid=702914869&ga_fc=false&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

b6eebda53c72a8cda49e643744f2dfc40dbc44b0f32cb7e7fc14ab5ae0ab6470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4333
x-xss-protection: 0
google-lineitem-id: 5632170936
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138341523710
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icon-eclick.svg
s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/images/graphics/ 2 KB
2 KB 224ms
223ms Image
image/svg+xml 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/images/graphics/icon-eclick.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:59 GMT
last-modified: Thu, 06 May 2021 01:23:00 GMT
etag: "609344f4-757"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1879
expires: Sun, 05 Jun 2022 02:00:59 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/libs/ 20 KB
7 KB 236ms
236ms Script
application/javascript 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/libs/jquery.magnific-popup.min.js
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/modules/home.defer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 01:24:31 GMT
etag: W/"6093454f-4ef8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
expires: Sun, 05 Jun 2022 02:00:59 GMT

GET
H2 200 Download_Huawei.png
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 7 KB
7 KB 236ms
235ms Image
image/png 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/Download_Huawei.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 713aa0cabaa57ebe333b3069a6975bd48987b8f3d1fe7da9f5fd52b5b626b017

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:59 GMT
last-modified: Thu, 06 May 2021 01:23:20 GMT
etag: "60934508-1c11"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 7185
expires: Sun, 05 Jun 2022 02:00:59 GMT

GET
H2 200 Download_AppStore.png
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 4 KB
5 KB 236ms
235ms Image
image/png 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/Download_AppStore.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 5a7360ce5db7ebcecb6a673d3a64c46fd55d474486ce305119c9a126bfb26ed7

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:59 GMT
last-modified: Thu, 06 May 2021 01:23:20 GMT
etag: "60934508-11d9"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 4569
expires: Sun, 05 Jun 2022 02:00:59 GMT

GET
H2 200 Download_PlayStore.png
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 7 KB
7 KB 236ms
236ms Image
image/png 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/Download_PlayStore.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 8f1310c655588faf022662db268ce663d4e320266162b2f8bc84a687a91232f1

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:59 GMT
last-modified: Thu, 06 May 2021 01:23:20 GMT
etag: "60934508-1b18"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 6936
expires: Sun, 05 Jun 2022 02:00:59 GMT

GET
H2 200 qr_app.svg
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 65 KB
66 KB 237ms
236ms Image
image/svg+xml 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/qr_app.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 1f66620f7dae42af4a6a3d1217e1e15a05090cac7bba5828b69e6d3321e5f924

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:59 GMT
last-modified: Thu, 06 May 2021 01:23:20 GMT
etag: "60934508-104d3"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 66771
expires: Sun, 05 Jun 2022 02:00:59 GMT

GET
H2 200 qr_app_en.svg
s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/ 68 KB
69 KB 258ms
220ms Image
image/svg+xml 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/i/v391/v2_2019/pc/graphics/qr_app_en.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: aca4f78f6565cf5c888ff9101625789895680f616dd9c2daf62f8396c54a5152

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:59 GMT
last-modified: Thu, 06 May 2021 01:23:20 GMT
etag: "60934508-1110a"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 69898
expires: Sun, 05 Jun 2022 02:00:59 GMT

GET
H2 200 icon-eclick.svg
s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/images/graphics/ 2 KB
2 KB 245ms
232ms Image
image/svg+xml 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/images/graphics/icon-eclick.svg
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/general-file.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768

Request headers

Referer: https://s1.vnecdn.net/vnexpress/restruct/c/v649/v2_2019/pc/general-file.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:59 GMT
last-modified: Thu, 06 May 2021 01:23:00 GMT
etag: "609344f4-757"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1879
expires: Sun, 05 Jun 2022 02:00:59 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A140 0
0 79ms
77ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKLJYFeENrKWwPCMMTbe_FHd-UyY78CiYoYWdgXYrAucWQ7JILGQO2U7elC2kT96OIIzxdV3xbrzfRBXs5EPsyCIvaPbiI-He8LVpMom-vdCcUvn4uVuPz4c493B5zvgHsXzuxAOSQsZz-xLuBNFN_c_-d4zUUIaxLXkzstKNQ8NsiAPE32nwoYNe_Gw0E7jLGs9o9jFHO4GFuNo50wF3MF25E2IacBVEYnK8OkjewJjzxEyOE185cIYuZkB95p0BRBvQqW0V9ENQPCU8Ecx2onLmahyE5uwx0rpV62FAQLRNzTHMlozG9dkBCXFLwp6mH7Sq5U-t2GQ&sai=AMfl-YS6DcLgGopIWkPHaP_5C9Yymb7k793ero3sjWgyix_NjoyXqrOT-PJFHDYAZNawepJunTt2dmrlFvEZ1ZEVZuvaZFSOvUYDAkiMV71CKnENakUU-c1zcUDZLlRtmbg&sig=Cg0ArKJSzF1PnVUPAtpyEAE&urlfix=1&adurl=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:00:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 04 Jun 2021 02:00:59 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A140 62 KB
21 KB 79ms
78ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

54f23a327ccea764cf2374d3caf851abd5be1b79b4b82c86591d7b45f5fdbe50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "892 / 35 of 1000 / last-modified: 1622758190"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21341
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:00:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A140 121 KB
37 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656031336809"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37735
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:00:59 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656037121142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28114
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:00:59 GMT

GET
DATA 200
OK truncated
/ Frame A140 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 390d8a86421da62be624e58d3f3267953fd7652c89cbbdbb37b437c286b25e20

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 pubads_impl_2021052601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A140 311 KB
109 KB 55ms
55ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 08:37:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111649
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:00:59 GMT

GET
H2 200 covid19_2021_hanoi Show response
vnexpress.net/microservice/sheet/type/ 2 KB
698 B 230ms
224ms XHR
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/microservice/sheet/type/covid19_2021_hanoi

Requested by

Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/widget/covid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

577whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

2e9abe448f1a4ff0e018253e47fb78ad2a3304c2bfb4011d55d2ecdb40a1eba2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /microservice/sheet/type/covid19_2021_hanoi
pragma: no-cache
cookie: display_cpd=6; login_system=1; fosp_loc=0-0-; fosp_country=; fosp_location=0; fosp_location_zone=0; fosp_isp=0; fosp_gender=3; device_env=4; __gads=ID=2df78b088cf5fb8b-227a0dec55c800ef:T=1622772059:S=ALNI_MYDfwq-pZa_X-DvMAfzHcTCylT7vA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: vnexpress.net
referer: https://vnexpress.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: 577whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=60, no-cache
x-xss-protection: 1; mode=block
v-cache: VNE4

GET
H2 200 / Show response
usi-saas.vnexpress.net/widget/index/ 947 B
1 KB 394ms
227ms Script
text/javascript 111.65.248.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://usi-saas.vnexpress.net/widget/index/?cid=4288772-1;4288863-1;4288807-1;4288711-1;4288338-1;4288846-1;4288829-1;4288822-1;4288814-1;4288798-1;4288520-1;4288041-1;4288649-1;4288454-1;4288472-1;4288560-1;4288761-1;4288357-1;4288508-1;4288762-1&
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/usi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.248.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: 10377inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash: 8c52a6da6158f68f15b9999674f9eafab30415be6bd61cda75c3f1f14b61d200

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
cache-control: max-age=30
last-modified: Fri, 04 Jun 2021 02:01:00 GMT
server: 10377inhcdd10bf7c7468e873e79ba2ad134
etag: "B1n1UNmBEF+8wlNLFE54UQ=="
content-length: 947
content-type: text/javascript; charset=utf-8

GET
H2 200 / Show response
usi-saas.vnexpress.net/widget/index/ 710 B
1 KB 339ms
227ms Script
text/javascript 111.65.248.197
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://usi-saas.vnexpress.net/widget/index/?cid=4287290-1;4288612-1;4288576-1;4288507-1;4288525-1;4288221-1;4288253-1;4288780-1;4288211-1;4288239-1;4288683-1;4288653-1;4288645-1;4288411-1;4288470-1&
Requested by: Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/usi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.248.197 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: 10377inhcdd10bf7c7468e873e79ba2ad134 /
Resource Hash: 7df8e16e05f158deda0c99f04a990865d04ad82ac582fb851754f4f30d8783a5

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
cache-control: max-age=30
last-modified: Fri, 04 Jun 2021 02:00:38 GMT
server: 10377inhcdd10bf7c7468e873e79ba2ad134
etag: "OahUYGWqfZ3mhn4zaZo65g=="
content-length: 710
content-type: text/javascript; charset=utf-8

GET
H3-29 200 container.html Show response
8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 67A1 6 KB
3 KB 33ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 04 Jun 2021 02:00:59 GMT
expires: Sat, 04 Jun 2022 02:00:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105242203000/ Frame 9F4F 191 KB
55 KB 42ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b90f60459b17f2ddf447768e249c21c662e70bde6148deff13643982f93f9a6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 177987
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55246
x-xss-protection: 0
server: sffe
date: Wed, 02 Jun 2021 00:34:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9907e100ee706e0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:34:32 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame 9F4F 12 KB
5 KB 55ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8de063d7075aa9a9a68120f3eb37178e85777138d4154903a2d4b187b4a893d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 177989
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4568
x-xss-protection: 0
server: sffe
date: Wed, 02 Jun 2021 00:34:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b435c2fa80137a0e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:34:30 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame 9F4F 87 KB
27 KB 52ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12993a139a46e15abb56308ef8656d80812fb748dfa88116ee6e20ad3494ae98

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 177989
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27371
x-xss-protection: 0
server: sffe
date: Wed, 02 Jun 2021 00:34:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6687a81702b10306"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:34:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame 9F4F 4 KB
2 KB 56ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de4196056e2ffb92e9e6eb78502d3ed77f71a1e8045434a907251ff0b998357

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 177989
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1521
x-xss-protection: 0
server: sffe
date: Wed, 02 Jun 2021 00:34:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5a9e085610d63d0a"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:34:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105242203000/v0/ Frame 9F4F 41 KB
13 KB 33ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105242203000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e53b8865f7f1e34e44d14f6ff8789dd7f421e7d3c69e48dab33188ff4d99f4e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 177989
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13132
x-xss-protection: 0
server: sffe
date: Wed, 02 Jun 2021 00:34:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1bd5431ac5ac76b7"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:34:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9F4F 3 KB
677 B 28ms
28ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 01:00:42 GMT
server: ESF
date: Fri, 04 Jun 2021 02:00:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Jun 2021 02:00:59 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11350528349118047428/ Frame 9F4F 13 KB
13 KB 128ms
6ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11350528349118047428/downsize_200k_v1?w=400&h=209

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb26ed6dfce4f0c58e608c259f43edec9608e5e0672d2e64259acf06f49e6b97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 16:20:07 GMT
x-content-type-options: nosniff
age: 207652
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13348
x-xss-protection: 0
last-modified: Tue, 17 Nov 2020 14:28:01 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 16:20:07 GMT

GET
DATA 200
OK truncated
/ Frame 9F4F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9F4F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 475fd1a78944ac73e9ece5602bb458b085ccc5455fe0d5113a055dfd848085cc

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9F4F 3 KB
3 KB 122ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Jun 2021 22:34:37 GMT
x-content-type-options: nosniff
server: cafe
age: 12382
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3099
x-xss-protection: 0
expires: Fri, 04 Jun 2021 22:34:37 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9F4F 344 B
812 B 122ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Jun 2021 06:55:38 GMT
x-content-type-options: nosniff
server: cafe
age: 68721
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:55:38 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9F4F 0
0 55ms
55ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHEBeW4m5YPeDBYaF7gPy1rBA0sekwGLGkYWKzQyCspXRliQQASDHx58jYJX68IGMB6AB4vf95gPIAQmpAoDeWFER2H4-4AIAqAMByAMKqgTmAU_QOzIQGTlvkuzWflRmVYJXSdgPZ7Y6-GW3nFxf4f5HSprmRwuxutyUg1wBBRcdakJtTxl-o1Gaig2PZcEayzjw8hV4V1BjEAEHCCqVcINQhrE2WsJLWdgqnPX3eLJWGfakVasW24_xVdXqCNV944WchYfAQ7p4uWPBpbUOQRPBXQ4o40Pkp_jkuSkpLv0p-THwg48nHDY8qP54rv9D2YYLxgLH9SguRV2m2SiX3xqWNLnwwdYtBMtBi48-ByHV4c_phKyoj0bDdUSyJXQcOSGjYN_cVm19zmitm_6QUVuq16OUZdkwwASdlt2upAPgBAGSBQQIBBgBkgUECAUYBKAGLoAHhoiCGagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHAxDwLtIICQiA4YBwEAEYHYAKA8gLAbgTiCfYEw2IFAbQFQGAFwGyFxoKGAgAEhRwdWItMTQ4MTAxOTc1NDE4NDk1NQ&sigh=-qXSYfdmCoI&template_id=5000
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame A140 107 B
122 B 50ms
48ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame A140 107 B
122 B 54ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A140 8 KB
4 KB 86ms
86ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3912935619714696&correlator=3394195518551386&output=ldjh&impl=fif&eid=31061161%2C31061357&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=2627062%2CUreka_Supply_ov.vnexpress.net_SliderPC_1x1_230221&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3D6858f3710ab6c25d-220a15e655c800e1%3AT%3D1622772059%3AS%3DALNI_Mbty6Fcpk1s8phII52nWbLRUZt5lQ&cdm=vnexpress.net&bc=31&abxe=1&lmt=1622772059&dt=1622772059674&dlt=1622772059122&idt=448&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=3&adxs=800&adys=4179&adks=2652662923&ucis=wpdrg2ixw6wm&ifi=1&ifk=1452496933&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fvnexpress.net%2F&top=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x1&msz=1x-1&ga_vid=1681027.1622772060&ga_sid=1622772060&ga_hid=211334367&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

daae586e476019614a7bf9686809ed591b8ade87c2d696f38a35c6f6a322b6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4127
x-xss-protection: 0
google-lineitem-id: 5655931394
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138344528633
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
be9aa53dc887d61241faa8d2b9b10cec.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A140 0
0 85ms
26ms Other
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://be9aa53dc887d61241faa8d2b9b10cec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 68ms
23ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 05 Jun 2021 02:00:59 GMT

GET
H3-29 200 container.html Show response
8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FD40 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 04 Jun 2021 02:00:59 GMT
expires: Sat, 04 Jun 2022 02:00:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Tracking.svg
s1.vnecdn.net/vnexpress/restruct/c/v583/images/graphics/ 870 B
1 KB 221ms
221ms Image
image/svg+xml 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v583/images/graphics/Tracking.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: f09769d783a6f6cd0be02b874c4b7fedfbafbc50b7bfc3438725c459cb127961

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:59 GMT
last-modified: Thu, 11 Feb 2021 01:51:47 GMT
etag: "60248db3-366"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 870
expires: Sun, 05 Jun 2022 02:00:59 GMT

GET
H2 200 News.svg
s1.vnecdn.net/vnexpress/restruct/c/v583/images/graphics/ 2 KB
2 KB 222ms
221ms Image
image/svg+xml 111.65.251.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.vnecdn.net/vnexpress/restruct/c/v583/images/graphics/News.svg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 111.65.251.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS: mx1.gatemail.vn
Software: /
Resource Hash: 68d2cc4486c92a0541f96c95d990873464c25dfc943cc9eb573b60b32044f673

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:59 GMT
last-modified: Thu, 11 Feb 2021 01:51:47 GMT
etag: "60248db3-665"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1637
expires: Sun, 05 Jun 2022 02:00:59 GMT

GET
H2 200 covid19_2021_by_day Show response
vnexpress.net/microservice/sheet/type/ 9 KB
1 KB 223ms
222ms XHR
application/javascript 111.65.250.2
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL

https://vnexpress.net/microservice/sheet/type/covid19_2021_by_day

Requested by

Host: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/widget/covid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

111.65.250.2 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),

Reverse DNS

Software

577whgldd10bf7c7468e873e79ba2ad139 /

Resource Hash

0a162d588c639f6f399c5d776c59dbe5fe170ad8fcc8ab15a92fbf02f4c5634b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /microservice/sheet/type/covid19_2021_by_day
pragma: no-cache
cookie: display_cpd=6; login_system=1; fosp_loc=0-0-; fosp_country=; fosp_location=0; fosp_location_zone=0; fosp_isp=0; fosp_gender=3; device_env=4; __gads=ID=03cefb9baf850a4b-22830b1956c800bd:T=1622772059:S=ALNI_MY5vJ2V0ronHNobCKJI4L7CVa-B5w
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: vnexpress.net
referer: https://vnexpress.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: 577whgldd10bf7c7468e873e79ba2ad139
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=60, no-cache
v-type: 1
x-xss-protection: 1; mode=block
v-cache: VNE4

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 9F4F 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://vnexpress.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 21:07:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 190380
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Wed, 01 Jun 2022 21:07:59 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 9F4F 21 KB
21 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://vnexpress.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 17:27:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 203613
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Wed, 01 Jun 2022 17:27:26 GMT

GET
H2 200 QuvaccineCovid19-1622733135-4266-1622733791.jpg
vcdn1-kinhdoanh.vnecdn.net/2021/06/03/ 22 KB
23 KB 8ms
6ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-kinhdoanh.vnecdn.net/2021/06/03/QuvaccineCovid19-1622733135-4266-1622733791.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=XkpgqpINPnJsLj7VfIDwGA
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: fd3b05c9c943a441df8bda9385bed8121c061feab23d9a0bbfeb57f1a85040b1

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:59 GMT
last-modified: Thu, 03 Jun 2021 15:23:23 GMT
server: keycdn-engine
link: <http://i1-kinhdoanh.vnecdn.net/2021/06/03/QuvaccineCovid19-1622733135-4266-1622733791.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=XkpgqpINPnJsLj7VfIDwGA>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 23037
expires: Sat, 04 Jun 2022 07:49:59 GMT

GET
H2 200 NewProject15-1622769840-8452-1622770055.jpg
vcdn1-thethao.vnecdn.net/2021/06/04/ 82 KB
83 KB 8ms
6ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-thethao.vnecdn.net/2021/06/04/NewProject15-1622769840-8452-1622770055.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=eq8zjHkXxa9p4Tu7XhupbA
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: bdd709f7fb02fa27877750e6ce270df56d154bd188541e7f2bd5bf149c7fb0f2

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2377casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:59 GMT
last-modified: Fri, 04 Jun 2021 01:27:59 GMT
server: keycdn-engine
link: <http://i1-thethao.vnecdn.net/2021/06/04/NewProject15-1622769840-8452-1622770055.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=eq8zjHkXxa9p4Tu7XhupbA>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 84039
expires: Sat, 04 Jun 2022 07:49:59 GMT

GET
H2 200 hhennieava-1622708489-2833-1622708787.jpg
vcdn1-giaitri.vnecdn.net/2021/06/03/ 53 KB
53 KB 20ms
18ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-giaitri.vnecdn.net/2021/06/03/hhennieava-1622708489-2833-1622708787.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=kGSSSqDUSaUsuDOtJAnbWQ
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 86e5bdbcdf90f8736528e3838379f3462afac9e7e2e1ff8cb3f531f95e53e60c

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:59 GMT
last-modified: Thu, 03 Jun 2021 08:26:58 GMT
server: keycdn-engine
link: <http://i1-giaitri.vnecdn.net/2021/06/03/hhennieava-1622708489-2833-1622708787.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=kGSSSqDUSaUsuDOtJAnbWQ>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 54267
expires: Sat, 04 Jun 2022 07:49:59 GMT

GET
H2 200 benh-nhi-h6-can-mau-1622716221-5429-4391-1622717177.jpg
vcdn1-suckhoe.vnecdn.net/2021/06/03/ 15 KB
15 KB 27ms
25ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-suckhoe.vnecdn.net/2021/06/03/benh-nhi-h6-can-mau-1622716221-5429-4391-1622717177.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=VEOApEmR9R44G17sXT5GXQ
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 2e7ae6289dfbf2885e9c9c1cbb52561c6fbb7952367ebb5d0b09da49abdd650f

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2277casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:59 GMT
last-modified: Thu, 03 Jun 2021 10:46:24 GMT
server: keycdn-engine
link: <http://i1-suckhoe.vnecdn.net/2021/06/03/benh-nhi-h6-can-mau-1622716221-5429-4391-1622717177.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=VEOApEmR9R44G17sXT5GXQ>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 14920
expires: Sat, 04 Jun 2022 07:49:59 GMT

GET
H2 200 z2526053545038f49dd7972a1234d9-6108-3472-1622530600.jpg
vcdn1-giadinh.vnecdn.net/2021/06/01/ 58 KB
59 KB 21ms
16ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcdn1-giadinh.vnecdn.net/2021/06/01/z2526053545038f49dd7972a1234d9-6108-3472-1622530600.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=1dqSjTiK9jWqIqvExevN_Q
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: a5dc9a93a935c64dde549286b5f51bcd0f0605c5da6595f1dd2302536072d38a

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-proxy: 2477casthcfpdd10bf7c7468e873e79ba2ad249
date: Fri, 04 Jun 2021 02:00:59 GMT
last-modified: Thu, 03 Jun 2021 22:05:24 GMT
server: keycdn-engine
link: <http://i1-giadinh.vnecdn.net/2021/06/01/z2526053545038f49dd7972a1234d9-6108-3472-1622530600.jpg?w=380&h=228&q=100&dpr=1&fit=crop&s=1dqSjTiK9jWqIqvExevN_Q>; rel="canonical"
x-edge-location: defr
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
access-control-allow-credentials: true
accept-ranges: bytes
x-shield: active
content-length: 59603
expires: Sat, 04 Jun 2022 07:49:59 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5133 0
0 54ms
53ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssWsIVfvE2oW_LMu-1J4oDgucV4h1fIOeBR-J1SJxVu2SaYBfe5oVAqRZ1TIM4kdjJpg5OkB7GIOL6MW68S8OdwdjYRsNkJh1zYS81ZEZR9gy5EDJQZ0BlrBBHyZnbZUnZmVDWwmy75-ud6aLXx6b-RiwZnYfju1qSS-VFwdqUe7bsmF7MV2QVrcxtXp4sCnVKerjI0xykzO4rXaew8zEYyJQLX5yrmky53VGwdCyHTz36XRttxru8iXyiFSjRaiSdKr3sl1Igh7h3srrk1Gy_GvxBh7XXISzkpDJafexD_U8SOnwazequYUYgf9qCtt_d3DXQzZo8sjuKe114Jeua&sig=Cg0ArKJSzIbQH4-sSWk1EAE&urlfix=1&adurl=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:00:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ani-uk-slider-vnexpress.js Show response
solution.urekamedia.com/vnexpress.net/ 6 KB
3 KB 32ms
16ms Script
application/javascript 2606:4700:3030::ac43:a1fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://solution.urekamedia.com/vnexpress.net/ani-uk-slider-vnexpress.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfd4123ab2a2a83c90fd333cd848570b353105c9764cfdecb729db92849fe21b

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1605
cf-polished: origSize=9355
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7659a6c900004e4f3d160000000001
last-modified: Mon, 12 Apr 2021 08:28:01 GMT
server: cloudflare
etag: W/"248b-5bfc24aad8640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=67wu4BuOLCnTbprdI9vp1qALdWb7assaE%2B9zMACbFVGLISB96ZNSBB69YJPmyCAzkxZWdeNqX8zFHzr%2BpI6O3aOJoIijTNeNGsUddCMXU857dJE5FPWsbz7AOBAcScbGTeOlFFuxiiXMHtMebwyhA3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 659d921e0dc14e4f-FRA
cf-bgj: minify

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5133 121 KB
37 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656031336809"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37735
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:00:59 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A140 73 KB
27 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656037121142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28114
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:00:59 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 67A1 2 KB
531 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 00:26:36 GMT
server: ESF
date: Fri, 04 Jun 2021 02:00:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Jun 2021 02:00:59 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 67A1 1 KB
909 B 39ms
12ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 00:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 00:39:08 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 67A1 0
0 55ms
43ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvUSJW4m5YPaDBYaF7gPy1rBA0vev7mKIq4bUsQ2U76mA3iQQASDHx58jYJX68IGMB6ABsbboyALIAQngAgCoAwHIA5sEqgTiAU_QQEViRzVOymHYp4l8491qj6GPeFZg-aMkxOQJSo5oqVLq9q90W1DT77rnnMKG65jUYt5Qu1JxOXE_SMYwwjgknXP6pGTZFmvYC2rFOyErIHN6LrwF-_0Dah5_L6CFNJHZ5N3sJ29NBJ0wKhcQ0gqy49iRjtIg285aGl3KKQ8BLVP8QLSTb1mCUtYRhvJ8lXpWawdbhvKaBO327b2kU9ZnuiPmJ_EE0NbdVItiNuk8q4j8jufF-xLTUMwVSSjW8KaCrLMHLSJOb6AqqQCE6YITwJZAxWyb7d6tkJyTLjr2I6rABNqRpvrBA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfd-43GAagHipyxAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQp-oB0ggJCIDhgHAQARgdgAoDyAsB2BMO0BUBgBcBshcaChgIABIUcHViLTE0ODEwMTk3NTQxODQ5NTU&sigh=PbbrcJIugmo&template_id=494
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame 67A1 17 KB
7 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:41:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7001
x-xss-protection: 0
server: cafe
etag: 17954294202796946299
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 01:41:51 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 67A1 2 KB
1 KB 25ms
11ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:50:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 01:50:55 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 67A1 121 KB
37 KB 32ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656031336809"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37735
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:00:59 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 67A1 13 KB
6 KB 21ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:52:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1091097466425408374
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 01:52:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 67A1 0
0 21ms
19ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpHB7i5KLSOYRVOBCgxawREvHd8uAQTbMCCrRuTRrK-QiSTmibBjyuwTPuI0oMnPXRKSmr
Requested by: Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 3b821d177d35ff0343c5a517c12ac1c9.js Show response
www.gstatic.com/mysidia/ Frame 67A1 25 KB
11 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3b821d177d35ff0343c5a517c12ac1c9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d7bc2e5c2959435469986ff3eb98d158edf428ed8eeccb0e8ffe31d3336c9ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10549
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 00:10:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Sep 2021 13:12:06 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 67A1 17 KB
18 KB 41ms
6ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQFWAOm9M8CiiTg607IkFevE5t-aqxZ5scMZiskezCDv9sso7BgrIGUCcqF7w&usqp=CAI

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88dbe7e935f9e48702c4102247bf35c0e12c5e4dc91539c0a4141cb930c6d708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 10:17:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 23 Dec 2020 17:10:20 GMT
server: sffe
age: 229427
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17819
x-xss-protection: 0
expires: Wed, 01 Jun 2022 10:17:12 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 67A1 34 KB
34 KB 46ms
11ms Image
image/png 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQSTh9-U9EbEAC9xAUDbYiuBuvBdF7jpMq1gIT1BslxfPcgSEwa&usqp=CAI

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3af0ba0d7d48e5fbc68a8f8d28b1c0752694e36d4b01a882411acfe352be816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 00:36:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 08:50:45 GMT
server: sffe
age: 177881
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34897
x-xss-protection: 0
expires: Thu, 02 Jun 2022 00:36:18 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 98ms
24ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:00 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 05 Jun 2021 02:01:00 GMT

GET
H3-29 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9F4F 3 KB
3 KB 9ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Jun 2021 22:34:37 GMT
x-content-type-options: nosniff
server: cafe
age: 12382
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3099
x-xss-protection: 0
expires: Fri, 04 Jun 2021 22:34:37 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9F4F 344 B
368 B 8ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Jun 2021 06:55:38 GMT
x-content-type-options: nosniff
server: cafe
age: 68721
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 04 Jun 2021 06:55:38 GMT

GET
H3-29 200 7da1cfc87e9de3403a645020146a5422.js Show response
www.gstatic.com/mysidia/ Frame FD40 7 KB
3 KB 57ms
53ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7da1cfc87e9de3403a645020146a5422.js?tag=client_fast_engine_2019

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf1248f78e9ad948b18a84ed85d2f8299b63b5257e7bb3f76b97bd9baa6becad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:12:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3114
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 00:10:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Sep 2021 13:12:05 GMT

GET
H3-29 200 31b729fb88fa882e4ddd2396f4347c83.js Show response
www.gstatic.com/mysidia/ Frame FD40 9 KB
4 KB 56ms
53ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/31b729fb88fa882e4ddd2396f4347c83.js?tag=pingback

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c35528d112989ddac3e41810014e5329aa55a517f17b7e546080db6465a75e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 03:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 May 2021 01:51:11 GMT
server: sffe
age: 252371
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4140
x-xss-protection: 0
expires: Mon, 30 Aug 2021 03:54:48 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame FD40 2 KB
531 B 56ms
55ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 00:15:07 GMT
server: ESF
date: Fri, 04 Jun 2021 02:00:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Jun 2021 02:00:59 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame FD40 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 00:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4912
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 00:39:08 GMT

GET
H3-29 200 4147e17d689efe07503085dffe12c699.js Show response
www.gstatic.com/mysidia/ Frame FD40 3 KB
1 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4147e17d689efe07503085dffe12c699.js?tag=analytics_pingback_2019

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45fafce6dae94d7e3f34a89ba7bc05be83abd4e000e5b08688cbcb583383431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 19:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 May 2021 01:51:11 GMT
server: sffe
age: 196851
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1315
x-xss-protection: 0
expires: Mon, 30 Aug 2021 19:20:08 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame FD40 17 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:41:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7001
x-xss-protection: 0
server: cafe
etag: 17954294202796946299
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 01:41:51 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame FD40 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:50:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 605
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 01:50:55 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FD40 121 KB
37 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:00:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656031336809"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37735
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:00:59 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame FD40 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:52:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1091097466425408374
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 01:52:21 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame FD40 0
0 22ms
21ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSm4OJnzVUJ1LPoEqC96pY-ITthna6HW9D1S_EFIeGLc9c5r_J01LLO-FQrT3lpEaVYxf2V
Requested by: Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 3b821d177d35ff0343c5a517c12ac1c9.js Show response
www.gstatic.com/mysidia/ Frame FD40 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3b821d177d35ff0343c5a517c12ac1c9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d7bc2e5c2959435469986ff3eb98d158edf428ed8eeccb0e8ffe31d3336c9ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10549
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 00:10:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Sep 2021 13:12:06 GMT

GET
DATA 200
OK truncated
/ Frame 5133 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16b203e6be5e0bb9ddc011e2f93bdf899f96ac24fa4bb0d20d3891e226bd691f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5133 0
0 104ms
53ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhrPJcOaZBsMraWxAX8PlwEiS4W2NwoMTxo6rqmsz7o0mnmVPrnWU5kS9uW4MaG2tSIX9R1kgs79VCKiqo78nhJb3LP1tKjN4qSdoMsKono7Ltwo9rmmm0cltHyOD9GxoaIP_dI9pAALUywclV9XVtqaUQB3Lvcjr5VuuCWUL-OCqKHpWXHMBWPHIkVjq-kAIHPlOZHWuEMvfhsig0fwFKVAnh-BhQUYPpJrBEMpjhcwbZ0TZzupaShVX_GW4_HKCYQKYX1sViEa_y-1Whl5AQx8RXMsMnO_B_22DNTnDfYpj8DXP1P0R7JO_OwWCbqi_1guqA__iqyVhE3q9w7UzgKnA&sig=Cg0ArKJSzOv9hBeo_aouEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 04 Jun 2021 02:01:00 GMT

GET
H2 200 player.js Show response
player.aniview.com/script/6.1/ 25 KB
9 KB 135ms
6ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/player.js
Requested by: Host: solution.urekamedia.com
URL: https://solution.urekamedia.com/vnexpress.net/ani-uk-slider-vnexpress.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6ba54b0d518a916eb45f571557bc19a2ec243a2f33fa44ea9976b9ee2304266b

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:00 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Ux7wIL64mRyN0cK7p9H_w6TJ9lWBynkpvDwPMMboEJZ_E_0okH3XNFOk_4YB0sXwAUEQjUH3wkQsKtaek__joWrT0FQiA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 9068
last-modified: Sun, 30 May 2021 09:56:36 GMT
server: UploadServer
etag: "b1f97cca37ab44f0c91e4b974cb0eb16"
vary: Accept-Encoding
x-goog-hash: crc32c=S4NPWg==, md5=sfl8yjerRPDJHkuXTLDrFg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1622368596875915
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9068
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 04 Jun 2021 02:06:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 374ms
122ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5e63d10e28a0614d2b01395e&cid=5ea26963e792ea55c7264da7&e=playerLoaded&cb=1622772060093
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A140 0
0 76ms
76ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuaF_qK16dK0jS58sVWDD5Qnt08m-0LnGwNwIa_yeIn-ZdwuEWKi62jaYTh0RUiu1-3VzdtwkjLkiK8LVoiKQ1-uOuMbkIjnKtsL_BWptqNbz6aW_LeCpYV0yQujE8vVyWOhac2MSJZzY40Krs08scMDiS674zGec-XSfd1NLz3bimfe-TirgZbVPLHQkqZlPh4tPjYtc0TxJQQT20cvBtTDt-4QlaldWHzs7AbR1UTazsJcw12_8M1LfMIY7WhdrlyqwIL9lX68Q0ig4PJ3_A5FSa1Z8SzNOHMLiOzLMEZ4qDdtaijvYrgtBsfvpnmFaJ2zH_oHp0zw_6W&sai=AMfl-YTQjoxXTlUdX8jB1G_nJpfus54HPU-r8GugDJWiE7WgC5bxEf9wePHWhDitjvsk5dUaWa73vc_-Iz7keEZcm6eQ4P78rnusYh3NE7YPg-wjzYz0s2rPEyYk8UQVDB4&sig=Cg0ArKJSzNwhrGue9iVEEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 04 Jun 2021 02:01:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A140 10 KB
8 KB 76ms
49ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12f6f96d79bcdc3c4926f3acab7fc6ac0baa6d30c58310c08d8556a055bb2615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7689
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 67A1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0789f4caa22fe3c39c102d0cba22b16523310c77f14f2e9de365f4f61f588274

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 67A1 20 KB
20 KB 29ms
27ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 23:54:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
age: 180367
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Wed, 01 Jun 2022 23:54:53 GMT

GET
H3-29 200 shopping
encrypted-tbn2.gstatic.com/ Frame FD40 16 KB
16 KB 40ms
11ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS2Yt5fYHIzi0mk7D8vZP2sUgkmyxHHlntRDtn7ijKE4AC0OFw79JZ2uCbeJw&usqp=CAI

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d11f0c702a9f0b8f681764eca8e98b41d27034eaaf10f6d12de481ebfc5cd37c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 02:27:37 GMT
x-content-type-options: nosniff
last-modified: Fri, 02 Apr 2021 01:02:22 GMT
server: sffe
age: 171203
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16204
x-xss-protection: 0
expires: Thu, 02 Jun 2022 02:27:37 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame FD40 17 KB
17 KB 12ms
7ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ16XU0_-Y3JTkXdWD1KUBKjQkp9sHLKENw7vYXG3ZQ_citxAbqdpkITfgjpg&usqp=CAI

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c74b979842d9bb6049f755063f0e2215ba29dadf82e477165ee0fc81495368e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 08:22:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 11:47:39 GMT
server: sffe
age: 236312
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16967
x-xss-protection: 0
expires: Wed, 01 Jun 2022 08:22:28 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame FD40 16 KB
16 KB 10ms
6ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSFc7VsXIUJEpfDwzOpxKafIRHvbYMSznrqtJjW2EaQKROfXQqJ&usqp=CAI

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22b0c06ca3204a0bf76269d925cfce0a352fbe431f437045cbb42f53fdd76aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 01:28:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Oct 2020 08:53:45 GMT
server: sffe
age: 174780
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16733
x-xss-protection: 0
expires: Thu, 02 Jun 2022 01:28:00 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame FD40 34 KB
34 KB 12ms
7ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRAizIH0P1uOJWo-yJjgNv4TFRbXn-x2HPU6SmnFTa7O2s9ibodB6_on5bOIQ&usqp=CAI

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5fce10e0443380c6013d29e801d27663abae16fc3bd50afde9c77853456169e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 06:19:10 GMT
x-content-type-options: nosniff
last-modified: Sat, 20 Mar 2021 09:53:31 GMT
server: sffe
age: 243710
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34913
x-xss-protection: 0
expires: Wed, 01 Jun 2022 06:19:10 GMT

GET
H3-29 200 shopping
encrypted-tbn2.gstatic.com/ Frame FD40 36 KB
36 KB 35ms
7ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSsMe5xcucCYbK1iKF8doU9JHwwr022m5bP0CcQV6tOXbg1pywdZYAwog-vrA&usqp=CAI

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

652bb335df1e33ff4fd0b6074178418269034187f2a32af8b0420d1e116e53cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 01:53:33 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Dec 2020 01:20:42 GMT
server: sffe
age: 173247
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36865
x-xss-protection: 0
expires: Thu, 02 Jun 2022 01:53:33 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame FD40 49 KB
49 KB 12ms
8ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRphuLMEoogrO62mirrdUy5nBwQShVEG7H21V13LwZjFro7ydw&usqp=CAI

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8c2704c1eb432ddd45ecf302b32b2a751d52cd11ca09e929146d7b5b4b20ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 13:42:45 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Dec 2020 01:40:45 GMT
server: sffe
age: 130695
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49704
x-xss-protection: 0
expires: Thu, 02 Jun 2022 13:42:45 GMT

GET
H3-29 200 shopping
encrypted-tbn2.gstatic.com/ Frame FD40 11 KB
11 KB 40ms
12ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQgNEL9VM26fLyb9Q9Hc1HD2VUe2pVVYDPEmZoMy5LnzcJQI8yYX3eWkfW2jPI&usqp=CAI

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

defa7ae751a2f1290038f323467789b9a1e945922b7a0d90132ee0ecdf3898af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 07:28:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 Jul 2020 02:28:20 GMT
server: sffe
age: 239561
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11289
x-xss-protection: 0
expires: Wed, 01 Jun 2022 07:28:19 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame FD40 15 KB
15 KB 10ms
6ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTH3YGuLaXvvmflM5Nyn5iMVfqZzGmKyviJ9gdDGgVEjxDkOITFm2E_AXFc8Ek&usqp=CAI

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaf07343ef9dcfdee52dfb633e8fb3deac8acbbbc662bc224fe33700e1e5029e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 09:27:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 07:47:24 GMT
server: sffe
age: 232420
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14982
x-xss-protection: 0
expires: Wed, 01 Jun 2022 09:27:20 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FD40 0
0 57ms
56ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCUURW4m5YMLyBJG4gAevqaLQD7XNgs1irrbGxLwNvLnZ-ZINEAEgx8efI2CV-vCBjAegAaXjhdkDyAEJ4AIAqAMByAPLBKoE4AFP0AmZ76G_2zV2H6DaqSJSl41DWBh3XcELhjhX9VcLXVrtxfnDCyGPF1d2fq6re7OIE7uXS6vypjVUadXgmMJs0fLQcgTiehm1inpmVFPK5ZWWVO1F65kWKic-gC6mBVxlGYuhhiWTmdLXwFIzuqsAE8GdFh9knQ2C3MSWtg0Ic7LvVDeHZpAujClXC7baDBn1axsgMD9D4t6iDFFaoA9Ny9cj3WMW415hvtPxn2TLZAgSptIybJllDVjynoR5QoMz1hXfJJ6obwzcfJ49p93HN0A4r0fHyefxabjixsnpYcAEmr2AgMAD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_qOqGqoB4qcsQKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcDEPAu0ggJCIDhgHAQARgdgAoDyAsB2BMO0BUBgBcBshcaChgIABIUcHViLTE0ODEwMTk3NTQxODQ5NTU&sigh=6rTc1XFJYYY&template_id=494
Requested by: Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A140 17 KB
6 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:00 GMT

GET
DATA 200
OK truncated
/ Frame FD40 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4de22a5d521718837004cdc0d570b54356517dc851c85f226a42194627c829c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK syncuser Show response
adp.vnecdn.net/ 110 B
886 B 223ms
222ms XHR
application/json 111.65.249.227
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://adp.vnecdn.net/syncuser?fosp_aid=d4m74kwhd97ui1st.1622772057.des&orig_aid=d4m74kwhd97ui1st.1622772057.des&myvne_user_id=0
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.227 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 179eb59a05741f19c91f25c503fbb3d6927c82424a63afce8e04d49422f14690

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:01:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 04 Jun 2021 09:01:00 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 431C 338 KB
96 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 81309cd747361ca3e364f13173e7f29b533febe65d486ec2fb630e9e2377c073

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:00 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Uw2flfV9f9HbNB50711uyEU_YZXDyQY4LTeeElNnhXkaRegBxRI8D28MbGB1fT-Zwdi9aODFhtEcshMPhzJK7duw84XVA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 97849
last-modified: Sun, 30 May 2021 09:55:50 GMT
server: UploadServer
etag: "d682e3f833c30ce1545dcf578221f62a"
vary: Accept-Encoding
x-goog-hash: crc32c=/tJbYg==, md5=1oLj+DPDDOFUXc9XgiH2Kg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1622368550134728
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 97849
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 04 Jun 2021 02:06:00 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD40 0
20 B 54ms
27ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChEIASoNdG93ZXIyLXNxdWFyZQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QAyEAAAAAAKiCQDAECg0QCiEAAAAAAAAvQDAECg0QDSEAAAAAAAAAADAECg0QHioHMzQweDYwMDAECg0QGSoHMzQweDYwMDAECg0QDiEAAAAAAAAAADAECg0QECEAAAAAAHqoQDAECg0QESEAAAAAAMnIQDAECg0QEiEAAAAAAAAUQDAECg0QEyEAAAAAAAAIQDAECg0QBCEAAACamS2DQDAECg0QDyEAAAAAAAAAADAECg0QFCEAAAAAgNLJQDAECg0QFSEAAAAAAAAcQDAECg0QFiEAAAAAAAAQQDAECg0QBSEAAAAAADCDQDAECg0QFyEAAABmZhqFQDAEEhpDSUtNaUlIeF9QQUNGUkVjNEFvZHI1UUktZyISZ3BhL21heGltYWxfdjFfb2NoKAw=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/31b729fb88fa882e4ddd2396f4347c83.js?tag=pingback

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame FD40 20 KB
20 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 23:54:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
age: 180367
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Wed, 01 Jun 2022 23:54:53 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 0F8F 12 KB
5 KB 11ms
10ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 03 Jun 2021 23:40:57 GMT
expires: Fri, 03 Jun 2022 23:40:57 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8403
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 76CA 783 B
532 B 31ms
30ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cbdcdb280e6b8e7fbf5221ee29740aa7014e17e2958cb0e6ca1b362aaecbed38

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xI6sXqte3zLr0B2mkvv+Lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

expires: Fri, 04 Jun 2021 02:01:00 GMT
date: Fri, 04 Jun 2021 02:01:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-xI6sXqte3zLr0B2mkvv+Lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js Show response
pagead2.googlesyndication.com/bg/ Frame 60E5 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js

Requested by

Host: 8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
URL: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04829f1cbe8df0d9cbd1245bcb3e02392318944f2dda5c129ebb409c77b21f89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 19:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
age: 198035
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5722
x-xss-protection: 0
expires: Wed, 01 Jun 2022 19:00:25 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 139ms
119ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=vnexpress.net&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&apppkg=&fv=3&proto=https&pid=5e63d10e28a0614d2b01395e&cid=5ea26963e792ea55c7264da7&e=inventory&vi=100&cb=1622772060483
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD40 0
20 B 27ms
27ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChEIASoNdG93ZXIyLXNxdWFyZQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QGCEAAABmZuaGQDAEEhpDSUtNaUlIeF9QQUNGUkVjNEFvZHI1UUktZyISZ3BhL21heGltYWxfdjFfb2NoKAw=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/31b729fb88fa882e4ddd2396f4347c83.js?tag=pingback

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 740 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 782 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Ureka_Supply_vnexpress.net_Slider_passback_Aniview.js Show response
bd.urekamedia.com/publishers/code/vnexpress.net/ 1 KB
838 B 15ms
13ms Script
application/javascript 2606:4700:3030::ac43:a1fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bd.urekamedia.com/publishers/code/vnexpress.net/Ureka_Supply_vnexpress.net_Slider_passback_Aniview.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad29f2f1dd0f3e65be64c8c50673b20671760d7251811b8362da31193aba7625

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 30394
cf-polished: origSize=1072
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7659a96000004e4f8d185000000001
last-modified: Wed, 12 Aug 2020 08:34:21 GMT
server: cloudflare
etag: W/"5f33a98d-430"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PcPrxUbEHzd1kcCxiF7znvYVjwg1vWJRYqO6qtN1VpHAjNwk0JIIvFIPYL65urfXS8MJ7eRB2bnMCG1gFxDDF5lrjX6exSNPPQDAQTIvnZlyZtJiPxVQXcsSZMnAZu82uOt1hgXVVs5YiDU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 659d92223ad04e4f-FRA
expires: Sat, 03 Jul 2021 17:34:26 GMT

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 28 KB
5 KB 683ms
443ms XHR
application/json 35.171.145.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fvnexpress.net%2F&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&AV_CHANNELID=5ea26963e792ea55c7264da7&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=vnexpress.net&AV_DADPOS=3&AV_PLACEMENT=5&v=6.1.1.243&avtoken=60483&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1622772060515
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-49.compute-1.amazonaws.com
Software: /
Resource Hash: f862ae973799aed4a7332794809feb0046b5bb1847f9423fcfdf37bad77a7ff2

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
expires: Sun, 23 May 2021 12:14:21 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5B2E 62 KB
21 KB 55ms
55ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bd.urekamedia.com
URL: https://bd.urekamedia.com/publishers/code/vnexpress.net/Ureka_Supply_vnexpress.net_Slider_passback_Aniview.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "892 / 850 of 1000 / last-modified: 1622758190"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21347
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:00 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F8F 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 23:40:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 23:40:26 GMT

GET
H3-29 200 pubads_impl_2021052601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5B2E 311 KB
109 KB 58ms
52ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 08:37:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111649
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A140 0
20 B 30ms
28ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=3912935619714696&bg=!Tk2lTQnNAAY6sG-_OrA7ACkAdvg8Wukb9PUYc8281dOaxnkKHD-K07aZxDX2Nr3xDP4_5PKiuxTIbgIAAACNUgAAAA1oAQcKAGE-PKjxVzWmo9TsEPCrMfEK_CcPiDV7sevd8M5k44_zqyuLiW0yW3QPSRERw-_O7rEIqv6fi-Rigw-h3Glc4ypUWp6HAqM91_y_ESchbkX87upvgnQbpcHpDIvwvjVkthfKmQJULGE4bXLsMnT9GtAkZDBUhR_dOEGGx1Qc9H8QklI0SMC8OExo-J862aK2yBsE7u3SdjGclYftKTttMIr4TMCUvhMC9PdQTEUYqIQ-7nfdUrY8v5_ldoY-oUcqdER4RvIzf9l9hR91ARCvyEKU-Cnr0idWJwCwMUslSZHfN2ev5Oyw5F3y90e5u6G3bfolaP2_EGL0MCCn8hYSRIbQo3mSLMf3u5zaAVyLymR_GpNVMffroD3k_0lBMsR0OTL-EHEmeTFh6KyZRt0943uO-Hjj89hZrZGtQWNeKB7t4AggBCg5ZILO2dBMjztnVrUoKN8jn9WRhPiq2qk887KgeHTyAQvqHwhD1Fi6qOYdRBolS3Nh-k9Ta3Rv5Sz-xBjR9NGVUhCAmqXWwd1UArDOEiBDowZbPXbl_01hkbI9jewSOa7-jVIaCaEEMpXLo1hzRa4WkfL029KRC4QPtrDFRwqLuAyZrgWlfrAxil6EPbQCUaGDneOk6InwhTsgR1E2TH4IeA6-zcxZCUzCB6NUVzEF8zl6iQ0185H78mxTqh7CNmbO6t07-BsjfWztafvWUB8x38Dpkmz-LYKHiq0pJdM1E2utakYQysZQcRDTuhTm0e-ApKS3izAqzRhjVfkcfvazJniUOZhhgqhIQ_7OAWCyhzoyc6yyVV9W5HK-OrsoTlPvYNRR76Aptow_xUp3DTH5SM686E5cvADzNTH3HiNP1XwQOSa5_1jSBq8du-Q5FCxlu53iEIVaaUxzIsTt_wDd7FqWS-XGIcaJ7ZEHheO_SrsLmes

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5B2E 107 B
122 B 29ms
28ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5B2E 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5B2E 7 KB
4 KB 80ms
79ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4253478798172150&correlator=2186498441145165&output=ldjh&impl=fif&eid=31061161%2C44741899%2C44743689&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=2627062%2Can.passback_ov.vnexpress.net_SliderPC_240420&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3D6858f3710ab6c25d%3AT%3D1622772059%3AS%3DALNI_MYirdMmQeB_a5GarT8LsCG4rIkAYw&cdm=vnexpress.net&bc=31&abxe=1&lmt=1622772060&dt=1622772060853&dlt=1622772060618&idt=225&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=984466752&ucis=sx37q13dagle&ifi=1&ifk=901199412&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fvnexpress.net%2F&top=https%3A%2F%2Fvnexpress.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x-1&ga_vid=905581655.1622772061&ga_sid=1622772061&ga_hid=1411494551&ga_fc=false&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

fc4bd29fa52db20b2dbb9d2675d00d98d5d3965fb5dcc333dda4d23b3c8c07ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3929
x-xss-protection: 0
google-lineitem-id: 5416437550
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138316342509
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6a5f99c19352bb293dfbeba2e59e3d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5B2E 0
0 91ms
27ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6a5f99c19352bb293dfbeba2e59e3d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 47CC 0
0 56ms
55ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHr7vhFWmfJQK6an6Q2srYJDdy4r8GhRE8FMTf3JgatT9G5zC7YuKqUBaj9a5WIWZ8u29q4D2ZtYSifobP2TGTE476WinuM-MhBXzKvS_aA3qEDxxvFbC48SUmlpvDKSk4bERazlvNMJ22SIDUFUbq6St5SCftPljkaUBN9SnKqpeyHSlKd-jjriTnG9Fs4T9AaR6Ci7lqgJfSrc__U4qwG0qwGTZdq0TxSUHOVa5EokLerJyhNgv9R9XDzO340mKsMQqLdy_HoFr5kgCuKFQH9S7kONY3W9mIogMXZY2Hc2mPo1DFycydBtSMJlLeq2Rj0AYZLJGuQMPrkg&sig=Cg0ArKJSzGbjuDRFF8BvEAE&urlfix=1&adurl=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 ani-uk-slider-vnexpress.net-avantis.js Show response
solution.urekamedia.com/vnexpress.net/avantis/ 5 KB
3 KB 28ms
17ms Script
application/javascript 2606:4700:3030::ac43:a1fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://solution.urekamedia.com/vnexpress.net/avantis/ani-uk-slider-vnexpress.net-avantis.js
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 448bbb82769ac61ff51ab6584fce6baf1cd44e60927c21a35106b2fb8c48475b

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1599
cf-polished: origSize=9754
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7659ab1a00004e1494ad9000000001
last-modified: Mon, 12 Apr 2021 08:30:38 GMT
server: cloudflare
etag: W/"261a-5bfc254092780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BlPBxotkvxijwJawyTfd5DTiM55wvgqzQWlrQ3z4VEgiCOFH3g%2Fa6c5xpLyIxBr4WFvp%2BjcZid9mfrwXPaqA%2B7qw0A98y1%2BEN25ivBMK%2FBVEEDRlE0ybqyq%2FGpRJhwMcBNHjbjribVKew8Vxx15J1ho%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 659d9224ff364e14-FRA
cf-bgj: minify

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47CC 121 KB
37 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:00 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656031336809"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37735
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:00 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B2E 73 KB
27 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:00 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622656037121142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28114
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5B2E 10 KB
8 KB 34ms
34ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ff9ae43607c6d9dea5f78955fdb7371eb44017ea614f06c3e79ae2dd0727d94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
119ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5d81ec9228a0610a0033fe67&cid=5d81ed7928a06164620898f0&e=playerLoaded&cb=1622772060980
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame DB10 338 KB
96 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 81309cd747361ca3e364f13173e7f29b533febe65d486ec2fb630e9e2377c073

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:00 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Uw2flfV9f9HbNB50711uyEU_YZXDyQY4LTeeElNnhXkaRegBxRI8D28MbGB1fT-Zwdi9aODFhtEcshMPhzJK7duw84XVA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 97849
last-modified: Sun, 30 May 2021 09:55:50 GMT
server: UploadServer
etag: "d682e3f833c30ce1545dcf578221f62a"
vary: Accept-Encoding
x-goog-hash: crc32c=/tJbYg==, md5=1oLj+DPDDOFUXc9XgiH2Kg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1622368550134728
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 97849
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 04 Jun 2021 02:06:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5B2E 17 KB
6 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:01 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 47CC 0
0 54ms
53ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9A0ifKEev4YgcDuagtiFaR98rBBM-ZGgBNbiASoOOkh9lznDzj61xvdI3wWFtMOCdZzymHh-o2Bcr2Ab4OrPW88qvFUIez1wVrdGC7Umr9Fw_HvkGBDZ5FgyNAdLGhanAew9vISQ-NWGsx77pa8mUMJ3BJzGqBsDIdxq0o5rMa9sINCyEiwG5p0EnWdn8qhAMoNsgehiMTNgeUOPEb8hN-JXGH0IIin-rrilPX6rE1zi5hFTy3agTL9IzqqzC08I9HCRzgjS45mlbKEyVEO9CNtZDp5_0Tptx9q1H2NrvCeCUCJd467orpZNfVsAA6tlFlHXObWotp7wudjzx&sig=Cg0ArKJSzLY1dPkO7UB-EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 04 Jun 2021 02:01:01 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame B3F7 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 03 Jun 2021 23:40:57 GMT
expires: Fri, 03 Jun 2022 23:40:57 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8404
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C2B8 783 B
531 B 30ms
30ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d395ee2e916086cf5f43cc4b48c1c56e20d528d829acdc936299054033dcd118

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mmpU7tQCEtE39xdbC0BFlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

expires: Fri, 04 Jun 2021 02:01:01 GMT
date: Fri, 04 Jun 2021 02:01:01 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-mmpU7tQCEtE39xdbC0BFlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=vnexpress.net&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&apppkg=&fv=3&proto=https&pid=5d81ec9228a0610a0033fe67&cid=5d81ed7928a06164620898f0&e=inventory&vi=100&cb=1622772061058
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 18 KB
3 KB 125ms
125ms XHR
application/json 35.171.145.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fvnexpress.net%2F&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&AV_CHANNELID=5d81ed7928a06164620898f0&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=vnexpress.net&AV_DADPOS=3&AV_PLACEMENT=5&v=6.1.1.243&avtoken=61057&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1622772061083
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-49.compute-1.amazonaws.com
Software: /
Resource Hash: 88ba1ec1c35d45569dd9802acf2c5b3a59423df4e8a04c705fd2118e986f55bd

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
expires: Sun, 23 May 2021 12:14:21 GMT

GET
H/1.1 200
OK Ureka-png--white.png
dmp.urekamedia.com/ 23 KB
24 KB 1959ms
770ms Image
image/png 125.212.217.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.urekamedia.com/Ureka-png--white.png
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 125.212.217.46 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx/1.10.2 /
Resource Hash: 52c93e3062d05ac961d93f0dcb33e826673778109ee29bb1c3ec82e3ccddcde3

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:01:02 GMT
Last-Modified: Tue, 08 Sep 2020 14:23:45 GMT
Server: nginx/1.10.2
ETag: "5f5793f1-5de9"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24041
Expires: Sun, 04 Jul 2021 02:01:02 GMT

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame B3F7 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 23:40:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 23:40:26 GMT

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame D021
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D22%26key%3D%7BPUB_USE...
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D22%26key%3D%7BP...
https://sync.aniview.com/cookiesyncendpoint?auid=1622772060819-969018789622-028301-005-006512&biddername=22&key=2017cd17-d340-4b54-b804-a6f3b89da7a9

0
238 B

361ms
120ms

Document
text/plain

35.170.116.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1622772060819-969018789622-028301-005-006512&biddername=22&key=2017cd17-d340-4b54-b804-a6f3b89da7a9
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.116.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-116-13.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1622772060819-969018789622-028301-005-006512&biddername=22&key=2017cd17-d340-4b54-b804-a6f3b89da7a9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aniC=1622772061149-967215516622-008534-012-006671
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
content-length: 0
set-cookie: 2_C_22=2017cd17-d340-4b54-b804-a6f3b89da7a9; Path=/; Domain=aniview.com; Expires=Sat, 05 Jun 2021 02:01:01 GMT; Secure; SameSite=None 2_C_22=2017cd17-d340-4b54-b804-a6f3b89da7a9; Path=/; Expires=Sat, 05 Jun 2021 02:01:01 GMT; Secure; SameSite=None

Redirect headers

date: Fri, 04 Jun 2021 02:01:01 GMT
content-type: text/plain
content-length: 0
location: https://sync.aniview.com/cookiesyncendpoint?auid=1622772060819-969018789622-028301-005-006512&biddername=22&key=2017cd17-d340-4b54-b804-a6f3b89da7a9
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 sync
pixel.advertising.com/ups/58246/ Frame 4C91 0
0 101ms
32ms Document
text/plain 52.28.254.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.254.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.advertising.com
:scheme: https
:path: /ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000

GET
H2 204 services
sync.technoratimedia.com/ Frame 27B7 0
0 364ms
120ms Document
text/plain 150.136.156.92
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1622772060819-969018789622-028301-005-006512&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: sync.technoratimedia.com
:scheme: https
:path: /services?srv=cs&pid=70&uid=1622772060819-969018789622-028301-005-006512&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D3%26key%3D%5BUSER_ID%5D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

server: nginx
date: Fri, 04 Jun 2021 02:01:01 GMT
set-cookie: tads_uid=GDPR; Max-Age=157680000; Expires=Wed, 03 Jun 2026 02:01:01 GMT; Path=/; Domain=.technoratimedia.com; Secure; SameSite=None
access-control-allow-origin: https://vnexpress.net/
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 785655554
age: 0
via: 1.1 varnish

GET
H/1.1 200
OK Cookie set us Show response
sync.go.sonobi.com/ Frame 3EB4 0
474 B 146ms
35ms Document
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D60%26key%3D%5BUID%5D

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Date: Fri, 04 Jun 2021 02:01:01 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YLmJY; path=/; domain=.go.sonobi.com

GET
H/1.1 404
Not Found Cookie set uc.html Show response
sync.go.sonobi.com/ Frame D411 571 B
421 B 146ms
35ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.go.sonobi.com/uc.html?pubid=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ams-1-sync.go.sonobi.com
Software: sonobi-go /
Resource Hash: 7308a2c8fc393c0af6acae7a1069ddb3e8a80439658d2eb130da76aaae010291

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Date: Fri, 04 Jun 2021 02:01:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YLmJY; path=/; domain=.go.sonobi.com

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame F16E 3 KB
1 KB 98ms
31ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

514d9a42497314d8f7ce718a13459f57d3a65869023fc978201d53b0ccd1ea2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie: OTP=Ep32HRy8vmDenFTCkp1ifo6P6dn16E7PYggIRmlff2g; path=/; expires=Sun, 04 Jun 2023 02:01:01; domain=onetag-sys.com; SameSite=None; Secure
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BE31 8 KB
3 KB 99ms
32ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D1%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D1%26key%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=86746
expires: Sat, 05 Jun 2021 02:06:47 GMT
date: Fri, 04 Jun 2021 02:01:01 GMT
vary: Accept-Encoding

GET rmpssp
sync.1rx.io/usersync2/ Frame BAF6 0
0

GET
H/1.1 200
OK user_sync Show response
rtb.gamoshi.io/ Frame CBD1 42 B
321 B 404ms
131ms Document
image/gif 13.58.174.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gamoshi.io/user_sync?bidder=16245&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D71%26pid%3D5ef33c8abcf1750da1720e91%26key%3D%5Bgusr%5D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.58.174.102 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-58-174-102.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host: rtb.gamoshi.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Date: Fri, 04 Jun 2021 02:01:01 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
x-gcontroller-pod: gcontroller-stable-6b74cf655d-9mxdm
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
content-encoding: identity

GET vast2
tag.targeting.unrulymedia.com/rmp/212158/0/ 0
0

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ 27 B
1 KB 142ms
38ms XHR
application/xml 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=20544214&cbb=2772061223

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:01 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.138:80
AN-X-Request-Uuid: f7cb651b-9905-4c24-b49a-ca39983d742c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 0SzYvAqqJfH4Pvhp5l0RGQ== Show response
ads.adaptv.advertising.com/a/h/ 3 KB
1 KB 153ms
34ms XHR
text/xml 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=2772061224&gdpr=1&gdpr_consent=&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=196.240.57.164&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lat=52.46350&lon=13.37920&us_privacy=1---&scpid=5e4d2a2d2a62e7166c1db7a5&eov=eov&hp=1

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

f0f5c51e90ebb613731aac48a4d44a624aa2f0c9cc140b08c2da6a774bfecaa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 1071
expires: 0

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame 431C 265 KB
84 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3f5e7fd2bfca920e7b07f4d5e62d28dc83d793c49bfff13bc0bbf17ce2873018

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UyFy-H7HpEmGAXmZv9Zt3n-D4BS6zweHh3ZRgZkP1nggZ7RPkqZmO7WA5jZfYH80kwAcvHpXMpLEEuGhjbq5JE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 85371
last-modified: Sun, 30 May 2021 09:54:49 GMT
server: UploadServer
etag: "5df9d6652e64786c5b87e1afaea66915"
vary: Accept-Encoding
x-goog-hash: crc32c=xIkkeg==, md5=XfnWZS5keGxbh+GvrqZpFQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1622368489825952
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 85371
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 04 Jun 2021 02:06:01 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
119ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=72291&t=1622772060&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622772060819-969018789622-028301-005-006512&cha=0.7&cb=35270495957&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622772061226&asid=603f38f09b9e2133d66bc06b%2C5f0e87a3db73b9083a397ae5%2C603f3845a58ab3069815987b%2C5fb766e909e8a7781132bf27%2C60506bdaaf1c271e961fe515%2C6050a53041a04e37862d1575%2C603f39fdf8b9bb72a801f4d4&ofpr=1%2C%2C1%2C3%2C%2C1.5%2C1&fpo=%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
120ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=72291&t=1622772060&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622772060819-969018789622-028301-005-006512&cha=0.7&cb=35270495957&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&copid=5e4d2a2d2a62e7166c1db7a5&nid=59c9148628a0612da3689288&cocid=5e97fece3706f1266619c969&ncid=5ea84900c94b8975a9508d38&coasid=5ea84ae409a41a723a209314&e=request&cb=1622772061226&asid=60802fa7bda96b4f7761daec%2C60938ff57621683c2c6776a3%2C5f4f9c3d23b3f315675708b0%2C5e5e346c28a0613c6a54f5b4&ofpr=%2C%2C0.5%2C&fpo=%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 3DDA
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772061149-967215516622-008534-012-006671%26biddername%3D55%26key%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1622772061149-967215516622-008534-012-006671%2526biddername%253D55%2526key%253D%...
https://sync.aniview.com/cookiesyncendpoint?auid=1622772061149-967215516622-008534-012-006671&biddername=55&key=141772676130393054

0
213 B

326ms
119ms

Document
text/plain

35.170.116.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1622772061149-967215516622-008534-012-006671&biddername=55&key=141772676130393054
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.116.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-116-13.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1622772061149-967215516622-008534-012-006671&biddername=55&key=141772676130393054
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aniC=1622772061149-967215516622-008534-012-006671
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
content-length: 0
set-cookie: 2_C_55=141772676130393054; Path=/; Domain=aniview.com; Expires=Sat, 05 Jun 2021 02:01:01 GMT; Secure; SameSite=None 2_C_55=141772676130393054; Path=/; Expires=Sat, 05 Jun 2021 02:01:01 GMT; Secure; SameSite=None

Redirect headers

Server: nginx/1.17.9
Date: Fri, 04 Jun 2021 02:01:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1622772061149-967215516622-008534-012-006671&biddername=55&key=141772676130393054
AN-X-Request-Uuid: 9184191a-c865-4567-8c8a-3b1b4d8d56c4
Set-Cookie: uuid2=141772676130393054; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Sep-2021 02:01:01 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.48:80

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 45ms
44ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772061266

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:01 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.41:80
AN-X-Request-Uuid: 4aae624b-9def-40e5-bc7c-e9b980f8a12c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 87ms
42ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772061267

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:01 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.43:80
AN-X-Request-Uuid: a002da35-1993-48f9-bae2-09cd4322030a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame DB10 265 KB
84 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3f5e7fd2bfca920e7b07f4d5e62d28dc83d793c49bfff13bc0bbf17ce2873018

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UyFy-H7HpEmGAXmZv9Zt3n-D4BS6zweHh3ZRgZkP1nggZ7RPkqZmO7WA5jZfYH80kwAcvHpXMpLEEuGhjbq5JE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 85371
last-modified: Sun, 30 May 2021 09:54:49 GMT
server: UploadServer
etag: "5df9d6652e64786c5b87e1afaea66915"
vary: Accept-Encoding
x-goog-hash: crc32c=xIkkeg==, md5=XfnWZS5keGxbh+GvrqZpFQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1622368489825952
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 85371
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 04 Jun 2021 02:06:01 GMT

GET
H2 200 avpb3a1.js Show response
player.aniview.com/script/6.1/ Frame DB10 52 KB
17 KB 9ms
8ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3a1.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 489a4bc87a34468a78ae982263ae283b8c38ba1c69701936652e89332cab50f0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UwcKNy_T5kTEU2YUqAcupedBc1UBQMLSQtX9Kfa6KwacJRnrVTjb7LqAa9WM_VuEtOaU8CVzpuI0xqPNaFzyUTXBgJ-gg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 16863
last-modified: Sun, 30 May 2021 09:55:24 GMT
server: UploadServer
etag: "7b61d3f639c4e4919659c1f44b40175f"
vary: Accept-Encoding
x-goog-hash: crc32c=1q7YmA==, md5=e2HT9jnE5JGWWcH0S0AXXw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1622368524433287
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 16863
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 04 Jun 2021 02:06:01 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 118ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772061269&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9F4F 42 B
64 B 178ms
178ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuC1UXRCWAORt-ysup3p2OXmfZ6iYcrwQvv-hTJ1Sc2ByDqBg1mmjae7TnzL5opnuSnLnmyJj0T41RM3OX468a-mT5KxLTlTs-OcaREkvDi5bswFWzuuUPkhmahyg&sai=AMfl-YSbi5Y3-k_vuCreAp9SNXQjcHwGQ-4U-HU2FstjrBXHp_bl3v9x64sNwROjU_BHBj_ELtbC5uq9H05cAheEPs5Pf_EO0jtsOB90Ixt6oeBq6a5QgrG4n7925npxkDM&sig=Cg0ArKJSzBiFsMPl-qoGEAE&cid=CAASPeRoMxlznSSjndqYnMD1ZaDuwZcLe98rh0nEgzt4ltpqT9z5Cr3ZFiGL1Ix47HjYv7MP5HiTMBEkIDcxeFk&id=ampim&o=1050,391&d=300,500&ss=1600,1200&bs=1600,1200&mcvt=1070&mtos=0,0,1070,1070,1070&tos=0,0,1070,0,0&tfs=353&tls=1423&g=100&h=100&tt=1423&r=v&avms=ampa&adk=1680299014

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
389 B 178ms
92ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 229f44de90bd40b9a749b0843eccf5d3a941ae77f80edfd28ca06ce24faef165

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 199ms
114ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f81f9a0f42f6075c6441391c0f4836a6bd0338e864207586b5cb0ddb76df461f

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 43ms
43ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

55b51af344219b7d1b0813b886d1eb2cbcd1caae2abb1d735050fe2e35ae7313

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:01 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.168:80
AN-X-Request-Uuid: 22c194d9-7bf6-42ca-97e6-0d4df2bda754
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 189ms
107ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 38bee29d3b11bfdcfbd9e82a3c07af13d601671065c1206788f0bf8b76f63ec0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST mvo
tag.1rx.io/rmp/211377/0/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 44ms
44ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

30171987564e142125ac9af58ed43a651a77d07fc90d47f462105811b4863792

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:01 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.44:80
AN-X-Request-Uuid: ace1cddc-20e1-490b-aa46-fab0f6d9871f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 135ms
41ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:01 GMT
X-SpotX-Timing-Transform: 0.000318
X-SpotX-Timing-SpotMarket: 0.004980
X-SpotX-Timing-Page-Mux: 0.000947
X-SpotX-Timing-Page-Require: 0.000290
X-fe: 008
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000013
X-SpotX-Timing-Page: 0.008941
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000289
Last-Modified: Fri, 04 Jun 2021 02:01:01 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004980
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002089
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000014
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 61ms
60ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 122ms
62ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 142ms
44ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:01 GMT
X-SpotX-Timing-Transform: 0.000285
X-SpotX-Timing-SpotMarket: 0.005777
X-SpotX-Timing-Page-Mux: 0.001041
X-SpotX-Timing-Page-Require: 0.000393
X-fe: 046
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.010260
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000443
Last-Modified: Fri, 04 Jun 2021 02:01:01 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.005777
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002305
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000014
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 183ms
118ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d4b62b3ba022e4982d1669e1c929e9c0edb1d07b38626116a85930eefff59342

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 209ms
145ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6e9ba83b2bd5084c4abd482e0f02a87263a5eda40fd28039a9fa5184ca9cf06e

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
447 B 178ms
99ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPTVjOTZlMmFmLTE4NjAtNDVmNC1iZTdkLTg5YzE5YmQxMzZmYg%3D%3D&pt=net&stid=abb7be09-9fc7-427a-b7a6-886deec35a25&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 67A1 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6k8NDIu_tWkhckDf1Tm36RKO9sS6ZSdSGrT5a_Xn55DGhoHiEoBogmiI5iprTLs5IobE8PmNzE-1tEFtp-pzlZtuDRWISReUIa2Ogl9XdHpUplnBomywxd0nG3w&sai=AMfl-YScv_JSC_SHEfZ4dSChIUAzTl5cR3c2atH0JJlSUOm3MEKOl6NpehiAcGrzzlq8P5FgM9KkxeHq6NRTMV0BeqEYpLSrGZMiBY3Vu51Q02h8yTxFUQmOe-vZ0-h6pWo&sig=Cg0ArKJSzCvdBH6Q0wYxEAE&cid=CAASPeRojrzadK93WQEdVteeqpZXjP7Kqeb7NW5vwVD3ix_N5cg9fn14x6Z0nexpyIDaPJg45-oUxqjeSgoVuj8&id=lidar2&mcvt=1039&p=10,0,260,1600&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&v=20210602&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1832943895&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622772059523&dlt=209&rpt=42&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

fd6260b9-895d-4c00-b58f-aab0a8711566
onetag-sys.com/sync/i,1/ Frame F16E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D
https://onetag-sys.com/sync/i,1/fd6260b9-895d-4c00-b58f-aab0a8711566

0
290 B

33ms
32ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,1/fd6260b9-895d-4c00-b58f-aab0a8711566

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Fri, 04 Jun 2021 02:00:53 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://onetag-sys.com/sync/i,1/fd6260b9-895d-4c00-b58f-aab0a8711566
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 04 Jun 2021 02:00:52 GMT

GET
H2

200

KPHOL4K3-6-43Q0
onetag-sys.com/sync/i,2/ Frame F16E
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag
https://onetag-sys.com/sync/i,2/KPHOL4K3-6-43Q0

0
290 B

32ms
31ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,2/KPHOL4K3-6-43Q0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://onetag-sys.com/sync/i,2/KPHOL4K3-6-43Q0
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H2

200

6354053604714367167
onetag-sys.com/sync/i,34/ Frame F16E
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1167&cid=Ep32HRy8vmDenFTCkp1ifo6P6dn16E7PYggIRmlff2g
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=Ep32HRy8vmDenFTCkp1ifo6P6dn16E7PYggIRmlff2g
https://onetag-sys.com/sync/i,34/6354053604714367167

0
290 B

31ms
31ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,34/6354053604714367167

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:01 GMT
server: nginx
location: https://onetag-sys.com/sync/i,34/6354053604714367167
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

204

/
onetag-sys.com/sync/i,19/ Frame F16E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1
https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEH2_Y509hE0V7WPP8_xG12w&google_cver=1

0
290 B

31ms
31ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEH2_Y509hE0V7WPP8_xG12w&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEH2_Y509hE0V7WPP8_xG12w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame F16E 42 B
773 B 1304ms
32ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=Ep32HRy8vmDenFTCkp1ifo6P6dn16E7PYggIRmlff2g
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

GET
H2 204 sync
pixel.advertising.com/ups/58198/ Frame F16E 0
124 B 34ms
32ms Image
text/plain 52.28.254.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.254.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/sync/i,29/ Frame F16E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/sync/i,29/?tdid=536177cc-28b9-47af-b08e-8f615acda350&ttl=1625364062

43 B
375 B

32ms
31ms

Image
image/gif

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,29/?tdid=536177cc-28b9-47af-b08e-8f615acda350&ttl=1625364062

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
cache-control: no-cache, no-transform
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/sync/i,29/?tdid=536177cc-28b9-47af-b08e-8f615acda350&ttl=1625364062
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 211

GET
H2

200

/
onetag-sys.com/match/ Frame F16E
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag
https://x.bidswitch.net/ul_cb/sync?ssp=onetag
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Donetag%26bsw_param%3D83dde611-02a5-4b36-a4b1-09a1d2cfc8b0...
https://x.bidswitch.net/sync?dsp_id=80&user_id=fd6260b9-895d-4c00-b58f-aab0a8711566&expires=30&ssp=onetag&bsw_param=83dde611-02a5-4b36-a4b1-09a1d2cfc8b0&gdpr=&gdpr_consent=
https://onetag-sys.com/match/?int_id=30&uid=83dde611-02a5-4b36-a4b1-09a1d2cfc8b0&gdpr=&gdpr_consent=&us_privacy=

0
291 B

32ms
31ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=83dde611-02a5-4b36-a4b1-09a1d2cfc8b0&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=83dde611-02a5-4b36-a4b1-09a1d2cfc8b0&gdpr=&gdpr_consent=&us_privacy=
date: Fri, 04 Jun 2021 02:01:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 cookiesyncendpoint
sync.aniview.com/ Frame F16E 0
253 B 291ms
120ms Image
text/plain 35.170.116.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aniview.com/cookiesyncendpoint?biddername=20&pid=59c9148628a0612da3689288&key=Ep32HRy8vmDenFTCkp1ifo6P6dn16E7PYggIRmlff2g
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.116.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-116-13.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
content-length: 0

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 54ED 38 KB
14 KB 32ms
31ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D1%26key%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157742&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D1%26key%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=136623
expires: Sat, 05 Jun 2021 15:58:04 GMT
date: Fri, 04 Jun 2021 02:01:01 GMT
vary: Accept-Encoding

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B2E 0
20 B 29ms
28ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=4253478798172150&bg=!yMuly4_NAAY6sG-_OrA7ACkAdvg8WpURvsf5_A11DaQfG8hcezmDt__lw5fRkf9Z_KPs1-kdWSdHAQIAAADaUgAAACNoAQcKAHuCHgTWwG1pYCwNOLu87RCZ3IGw-hyj9QIDAMtMWEZU1AQd5WzRScDGuH6TCB0ss5miWTy_NZBeVqTa6ktADLwLs5di2tLvuEZYaYdXBJyat3wBgpl0UuMJ9ZGpleWqILTtQZD6AUlQ1de2khWEtBpzNqDV_gp5hWiTUwuZAlPfilrj4Vm4aODxVbg4VT192mYxiOeB7587LUd9KcA5b0gvkbyUp8Oeij-0s_fFf-qXmol_FYkiqcaU50kqfbvTxw44-Mb-YHsY4RbCktwTRqD-pLWw_MPINX2qwRGanPFvPEuTL_05Xpkrrhh-kGI7lcD-3hq70GFQaqnFjh0ULIJFbuchbRxx55JnY4KbS6590VXyGrJRmOygRYeGtTRLDs00_l2u_he5aTzvTB1KcxyS3otyaAta7XFSOlF2VIOmSDHp050cSXV8sOftn7AQ3j0VuKa8jWn_GamNgKBBexdDJElIxX4sWsyL3x-IZDiKbrG4qClZl91v3D7qTthALDBQ_NZJ17NpvHP4S-wWABTaYYSQwVypIsHWRfL-J8gkOvL2Tibs-Hyo9-EtLAyySRHTpH21xy8Ug827y84OzCnCpjqUQaJHH9UL2AmlDuGA3D8nlYhpolCcXqBoPKZ-08uRqLq7vRssjck-bHWuhSE9N-gt09ipxDUWVcQ24tLoOtPp5UH55bSEYACC7V7LTgtRpkS18lr3TeZyDdq0EShGL9zyBliGUE1_HKkag9DwcH7hZ-OlKBh1OzN12UNe8Gscb-lhXuyfL_La5J_hhm5OoUN6ZAmEdXbp2xPvAKEkrzQ9pyD1dVavmbkuaffuRrxWdNvMQkF_Cg9Vehvc1vVGVIJxUe7uUmxnD_KVUMpJ7bwvwBmb-6b-d33B_s6kuOhjMLFvGSGcpcvJ_S1gMvtnfCVjwaFDIJ9jSomLyrC7AQ_kbxICoV7d1jfzrIINh3nl

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 54ED 0
42 B 349ms
33ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96804868&p=157742&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772061599&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D863 338 KB
116 KB 64ms
28ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:01 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A75B 338 KB
116 KB 70ms
35ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:01 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F9A6 575 KB
188 KB 33ms
7ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101081
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame D863 44 KB
17 KB 63ms
30ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:01 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame D863 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 300D 575 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101081
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame A75B 44 KB
16 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:01 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame A75B 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D73D 36 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 381
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6C80 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 381
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame F9A6 156 B
377 B 211ms
210ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1768505268742761&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2183157649&sdk_apis=2%2C8&sid=DF26DFBE-A2D4-4C01-95AD-00315925A732&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772062020&cookie=ID%3D6858f3710ab6c25d%3AT%3D1622772059%3AS%3DALNI_MYirdMmQeB_a5GarT8LsCG4rIkAYw&scor=1474433683481440&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 300D 156 B
185 B 246ms
246ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1394393141856410&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3587609979&sdk_apis=2%2C8&sid=4CA1F9C9-BAFC-454B-BFE5-823B991761CC&eid=44731467&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772062036&cookie=ID%3D6858f3710ab6c25d%3AT%3D1622772059%3AS%3DALNI_MYirdMmQeB_a5GarT8LsCG4rIkAYw&scor=3517104284107642&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pd Show response
u.openx.net/w/1.0/ Frame 8CE8
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

668 B
749 B

51ms
48ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: ba91f081d4c70ee96086d00a05bf4e9425135d5d1a634bc70c5c46ce00ae3b13

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=0f6e4d30-7927-4bd9-99a5-62e941f99740|1622772062
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=0f6e4d30-7927-4bd9-99a5-62e941f99740|1622772062; Version=1; Expires=Sat, 04-Jun-2022 02:01:02 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1622772062|gekin0vNiygu; Version=1; Expires=Sat, 19-Jun-2021 02:01:02 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.208.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 04 Jun 2021 02:01:02 GMT
content-type: text/html
content-length: 416
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=0f6e4d30-7927-4bd9-99a5-62e941f99740|1622772062; Version=1; Expires=Sat, 04-Jun-2022 02:01:02 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.208.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Fri, 04 Jun 2021 02:01:02 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C014 38 KB
14 KB 32ms
32ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=136622
expires: Sat, 05 Jun 2021 15:58:04 GMT
date: Fri, 04 Jun 2021 02:01:02 GMT
vary: Accept-Encoding

GET
H2

200

index.html Show response
ads.adpone.com/ Frame D875
Redirect Chain

https://eu-ads.adpone.com/
https://ads.adpone.com/index.html

2 KB
1 KB

143ms
134ms

Document
text/html

2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adpone.com/index.html
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47f377c3555535581c28d43c044f2b5395b53273142b865b7f1e1fc0dc4e17c9

Request headers

:method: GET
:authority: ads.adpone.com
:scheme: https
:path: /index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

date: Fri, 04 Jun 2021 02:01:02 GMT
content-type: text/html
x-amz-id-2: a1eUJ2/mz4cmHXxZJDK8fsP8sJwk4cswtwx5y0FO8SLfjxGA1qam3LSV3idr0IBRwgmefAixvdk=
x-amz-request-id: 7KJNKYMGYDF5C4YE
last-modified: Tue, 24 Mar 2020 15:22:42 GMT
cf-cache-status: DYNAMIC
cf-request-id: 0a7659afab00004e67821a4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ME0hu3vn55ntU6OYkFqyvWkqbOrJzUwYzN%2Bn6MBhSkmZ8OdmouQ%2BKgakuid%2FyUrWWQqtOXisqx6B34KaZarmSVkoV%2FbsftuISn%2BN0jCbi%2FU1z368OYn%2FU12pUUz0oXbM0Cv0jDjsZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 659d922c48254e67-FRA
content-encoding: br

Redirect headers

date: Fri, 04 Jun 2021 02:01:02 GMT
cache-control: max-age=3600
expires: Fri, 04 Jun 2021 03:01:02 GMT
location: https://ads.adpone.com/index.html
cf-request-id: 0a7659af9500004e675735f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CmHtZIv9Pqs3fnBvptYxmBVE2TPQUEHfxSevqfwpEU0gnKEW9yl4SNrJdEB01h7ln%2BOEAPYnawNOfA6ySmAoiGue6I0gqsprImZr74nBjgp8ZPDPH%2FLRBPNOvEuVGEgp58iQGv%2F4uqbTSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 659d922c2ff14e67-FRA

GET
H2 200 load-cookie.html Show response
user-sync.adxpremium.services/ Frame B526 8 KB
3 KB 35ms
25ms Document
text/html 2606:4700:e6::ac40:c219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876

Request headers

:method: GET
:authority: user-sync.adxpremium.services
:scheme: https
:path: /load-cookie.html?gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

date: Fri, 04 Jun 2021 02:01:02 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
last-modified: Fri, 26 Feb 2021 09:17:16 GMT
pragma: no-cache
vary: Origin
cf-cache-status: DYNAMIC
cf-request-id: 0a7659af960000dfd3af2a8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3JU7iYsSropKK9etib%2BvaY%2Bda%2FYn9UGpx6Yx1oqabWWurDUaWFiYQoedFoouGN0EoluEY78MOdsUF1mFcgDKzHA2u2J7kf9Bj0JR7WV7d0I%2FgLiRgFlCJo7yCKJt5lyoll0gCDobsD8tnmqS5KGEI4Hefbtjmjs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 659d922c2ddadfd3-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4E61 52 KB
17 KB 121ms
51ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GU$q)_I4!@wnf-Te9(>wL5L!!'<l$[+Qb; uuid2=655791726943216767; icu=ChgIuKdzEAoYAiACKAIw3ZLmhQY4AkACSAIQ3ZLmhQYYAQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sat, 05 Jun 2021 02:01:04 GMT
Date: Fri, 04 Jun 2021 02:01:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C9C6 281 B
554 B 102ms
34ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KPHOL4K3-6-43Q0; audit=1|i2LGsMLRd+CKTgL+xgTavtpPex04LS5tW6YwxxuVNQDPHaQ0M+WGolbpy0mGAXSuKP0ImOFzBnFCqQ3+tQhlLHMDvubSxZCGZ+mZHK3G62/Ik/Pf2oPXod1ZF9szPzrl0A+VO7RH1E0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Jun 2021 02:01:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=536177cc-28b9-47af-b08e-8f615acda350&_origin=1&gdpr=1&gdpr_consent=

0
234 B

37ms
36ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=536177cc-28b9-47af-b08e-8f615acda350&_origin=1&gdpr=1&gdpr_consent=

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:01:02 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=536177cc-28b9-47af-b08e-8f615acda350&_origin=1&gdpr=1&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPb6a52bbd-c4d8-11eb-8cdb-02770eac6a52
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPb6a52bbd-c4d8-11eb-8cdb-02770eac6a52&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBiNmE1MmJiZC1jNGQ4LTExZWItOGNkYi0wMjc3MGVhYzZhNTI%3D
https://pixel.advertising.com/ups/57304/sync?uid=CAESEOYFd5fnzdMxVhUkRjyho_o&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEOYFd5fnzdMxVhUkRjyho_o&google_cver=1&apid=UPb6a52bbd-c4d8-11eb-8cdb-02770eac6a52

0
1 KB

35ms
35ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEOYFd5fnzdMxVhUkRjyho_o&google_cver=1&apid=UPb6a52bbd-c4d8-11eb-8cdb-02770eac6a52

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:01:02 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEOYFd5fnzdMxVhUkRjyho_o&google_cver=1&apid=UPb6a52bbd-c4d8-11eb-8cdb-02770eac6a52
date: Fri, 04 Jun 2021 02:01:02 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

m7y5t93k
sync-tm.everesttech.net/ct/upi/pid/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...

85 B
165 B

29ms
29ms

Image
image/png

151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YLmJXgABUDA36gBg
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 147
x-served-by: cache-fra19144-FRA
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1622772063.566852,VS0,VE0
content-length: 85
x-cache-hits: 163

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1622772062.429383,VS0,VE92
x-served-by: cache-fra19144-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YLmJXgABUDA36gBg
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

POST
H2 200 cookie_sync Show response
user-sync.adxpremium.services/ Frame B526 2 KB
858 B 319ms
17ms XHR
application/json 2606:4700:e6::ac40:c219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync.adxpremium.services/cookie_sync
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2380f180199a4e2e4f231e34f97ac82949a84042e792ef5532be2956b99f563d

Request headers

Referer: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Jun 2021 02:01:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a7659b0eb0000dfd38c8fa000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ek%2BOuhuYcdVRduTW72YN%2BmT2%2B8TZd3s4JkT9YBHuoyl5h9%2BShmE%2FY1ESqP%2Fzh%2B54pGHnXebW9eX9SOugrjJiCqBGlpxI3klmSnB6M%2B91k2XYSevGoeO34JRk2Rp0YIxKZrrrKQRS%2BkzoeM0nVYpKr2%2FbiCBm2NY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://user-sync.adxpremium.services
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 659d922e4fdedfd3-FRA
expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C9C6 31 KB
9 KB 36ms
35ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:01:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 21:11:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9869
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9301
Expires: Fri, 04 Jun 2021 04:45:31 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4E61 0
751 B 34ms
34ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:02 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.116:80
AN-X-Request-Uuid: 0676503f-f955-46c5-bba0-121d2494fb6a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 8CE8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fd6260b9-895d-4c00-b58f-aab0a8711566

43 B
180 B

47ms
46ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fd6260b9-895d-4c00-b58f-aab0a8711566
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 04 Jun 2021 02:00:54 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fd6260b9-895d-4c00-b58f-aab0a8711566
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 04 Jun 2021 02:00:53 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8CE8
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=aLJKXGa7HQBzthAHP7EFVWyzGlBztx4Babse4WZC

43 B
106 B

48ms
46ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=aLJKXGa7HQBzthAHP7EFVWyzGlBztx4Babse4WZC
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=aLJKXGa7HQBzthAHP7EFVWyzGlBztx4Babse4WZC
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 8CE8
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6354053604714367167

43 B
106 B

46ms
46ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6354053604714367167
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6354053604714367167
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 8CE8 70 B
264 B 55ms
53ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=dcc27269-d0a0-742e-c373-aa0125dea4bd&gdpr=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 8CE8 170 B
188 B 102ms
52ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjBhZGExYTMtMTlkNy0yYThhLWQ2OTMtZjBiOGVmM2M2YWRk

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8CE8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELvaM725qPFjTGWTCrhdJe0&google_cver=1

43 B
106 B

47ms
47ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELvaM725qPFjTGWTCrhdJe0&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELvaM725qPFjTGWTCrhdJe0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 45ms
44ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772062293

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:02 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.84:80
AN-X-Request-Uuid: bd41c389-8e40-452a-883d-57625981b132
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 43ms
43ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772062294

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:02 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.147:80
AN-X-Request-Uuid: ef294cf1-606f-48ee-a24f-dd259b4df39e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
119ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772062295&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
385 B 92ms
92ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 98a986209246c743d834a74adfead2d99ac784c668fc698baf7a435f45a9bf00

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
389 B 83ms
82ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0933d1110d994d65b6d6190f9f9db8752fd254008e0bfa453aea02f035811af4

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 177
expires: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 44ms
44ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:02 GMT
X-SpotX-Timing-Transform: 0.000649
X-SpotX-Timing-SpotMarket: 0.004335
X-SpotX-Timing-Page-Mux: 0.001219
X-SpotX-Timing-Page-Require: 0.000282
X-fe: 043
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000022
X-SpotX-Timing-Page: 0.010067
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000269
Last-Modified: Fri, 04 Jun 2021 02:01:02 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004335
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.003278
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
538 B 107ms
107ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPWM0NzIzN2Q4LTdkNTMtNGM5MS05Yzc4LWE0ODU2ZWFmZWZiOQ%3D%3D&pt=net&stid=bded7386-11fd-4e10-929d-b38ec425a2d1&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 41ms
41ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:02 GMT
X-SpotX-Timing-Transform: 0.000305
X-SpotX-Timing-SpotMarket: 0.004350
X-SpotX-Timing-Page-Mux: 0.000859
X-SpotX-Timing-Page-Require: 0.000374
X-fe: 045
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000023
X-SpotX-Timing-Page: 0.009488
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000406
Last-Modified: Fri, 04 Jun 2021 02:01:02 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004350
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.003158
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 65ms
65ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 62ms
62ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame C9C6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHLTVtA79_AIztRnIogFahs&google_cver=1

42 B
720 B

383ms
31ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHLTVtA79_AIztRnIogFahs&google_cver=1
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHLTVtA79_AIztRnIogFahs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame C9C6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YLmJXgABiB9EuQA4
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YLmJXgABiB9EuQA4&_test=YLmJXgABiB9EuQA4

42 B
720 B

225ms
31ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YLmJXgABiB9EuQA4&_test=YLmJXgABiB9EuQA4
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1622772063.567782,VS0,VE0
x-served-by: cache-fra19144-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YLmJXgABiB9EuQA4&_test=YLmJXgABiB9EuQA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C9C6
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BIT0w0SzMtNi00M1Ew

170 B
188 B

53ms
51ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BIT0w0SzMtNi00M1Ew

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BIT0w0SzMtNi00M1Ew
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C9C6
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWQ0NmI2ZTg3NTZkYTI0ZGRhYmE3ZGQ1OTg3NTJkMjJkMzUxOTE2Mg

170 B
188 B

52ms
51ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWQ0NmI2ZTg3NTZkYTI0ZGRhYmE3ZGQ1OTg3NTJkMjJkMzUxOTE2Mg

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWQ0NmI2ZTg3NTZkYTI0ZGRhYmE3ZGQ1OTg3NTJkMjJkMzUxOTE2Mg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame C9C6
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=fd6260b9-895d-4c00-b58f-aab0a8711566

42 B
720 B

360ms
33ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=fd6260b9-895d-4c00-b58f-aab0a8711566
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

Date: Fri, 04 Jun 2021 02:00:54 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=fd6260b9-895d-4c00-b58f-aab0a8711566
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 04 Jun 2021 02:00:53 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame C9C6 70 B
264 B 54ms
53ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame C9C6
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPHOL4K3-6-43Q0&sigv=1&esig=2~d0443d8fdd20c8c65efdf365fc5c77e056717109

0
443 B

20ms
6ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPHOL4K3-6-43Q0&sigv=1&esig=2~d0443d8fdd20c8c65efdf365fc5c77e056717109

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:02 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPHOL4K3-6-43Q0&sigv=1&esig=2~d0443d8fdd20c8c65efdf365fc5c77e056717109
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame C9C6
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/uNChqr26sj_zrHocf3TE_g?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8982968478341327657

42 B
720 B

124ms
31ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8982968478341327657
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

date: Fri, 04 Jun 2021 02:01:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8982968478341327657
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
119ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772062414&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C757 338 KB
116 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:02 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame ECF6 338 KB
116 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:02 GMT

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame CF6E 1 KB
1 KB 290ms
138ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=601760
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 02e89ae04433ec2555f27e543f23ba9361c23a8ad89d357ba5f8b40c83c6a231

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://user-sync.adxpremium.services/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://user-sync.adxpremium.services/

Response headers

Server: VertaMedia 1.0
Date: Fri, 04 Jun 2021 02:01:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 736
Access-Control-Allow-Origin: https://user-sync.adxpremium.services
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame FB7B 575 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101082
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C757 44 KB
16 KB 55ms
28ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:02 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame C757 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame BF17 575 KB
188 KB 7ms
7ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101082
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame ECF6 44 KB
16 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:02 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame ECF6 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3266 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 382
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1F0E 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 382
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame FB7B 156 B
142 B 253ms
253ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3872216155669012&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=4275458296&sdk_apis=2%2C8&sid=8A7DC169-94EB-411D-9659-EBB6114DEA85&eid=40819805%2C44725355&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772062687&cookie=ID%3D6858f3710ab6c25d%3AT%3D1622772059%3AS%3DALNI_MYirdMmQeB_a5GarT8LsCG4rIkAYw&scor=4067474670601923&ged=ve4_td1_tt0_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame BF17 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF17 0
20 B 27ms
27ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?mode=2&lid=41&sdkv=h.3.463.0&id=ima_html5&c=3580909886419560&domain=vnexpress.net

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF17 0
20 B 27ms
27ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=xfp&ctv=0&lid=6&sdkv=h.3.463.0&e=44730896&id=ima_html5&c=3580909886419560&domain=vnexpress.net

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF17 0
20 B 28ms
27ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.13271740015760858&time=1622772062696&lid=43&sdkv=h.3.463.0&e=44730896&id=ima_html5&c=3580909886419560&domain=vnexpress.net

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame BF17 156 B
142 B 198ms
197ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4051764192777630&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2317486991&sdk_apis=2%2C8&sid=BADDF153-6991-46D2-A26B-820DE6CABCDC&eid=44730896&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772062703&cookie=ID%3D6858f3710ab6c25d%3AT%3D1622772059%3AS%3DALNI_MYirdMmQeB_a5GarT8LsCG4rIkAYw&scor=1209702008810936&ged=ve4_td1_tt0_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF17 0
20 B 27ms
26ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1622772062702&timeout=f&logid=0.13271740015760858&timediff=6&lid=43&sdkv=h.3.463.0&e=44730896&id=ima_html5&c=3580909886419560&domain=vnexpress.net

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF17 0
20 B 28ms
27ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.463.0&e=44730896&id=ima_html5&c=3580909886419560&domain=vnexpress.net

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF17 0
20 B 27ms
27ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?catu=f&cookiesen=t&doesgdpr=f&gdprapp&gdprcmpapp&gdprload=t&idlsena=f&rt=xfp&storallow=t&tcstr&hpadid=f&hpaid=f&hpatt=f&hpcke=f&hpckvalue=f&hpgapp1=f&hpidtype=f&hpilat=f&hprdid=f&lid=137&sdkv=h.3.463.0&e=44730896&id=ima_html5&c=3580909886419560&domain=vnexpress.net

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame CF6E
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=e51cfda6-693f-47c7-a8ff-6a14a4856630

86 B
547 B

787ms
397ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=e51cfda6-693f-47c7-a8ff-6a14a4856630
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:01:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:01 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=e51cfda6-693f-47c7-a8ff-6a14a4856630
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: o9pnkug60t4qnp7pr7j9kr5oevt3mdu1

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame CF6E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=655791726943216767

86 B
529 B

826ms
397ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=655791726943216767
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:01:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:02 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.251:80
AN-X-Request-Uuid: 9d90db0a-7bc9-4e44-9f3a-f13456d653b0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=655791726943216767
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
rtb.adxpremium.services/ Frame CF6E
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadtelligent%26uid%3D%7Buid%7D
https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=b6ab8613e6a1ac10

0
619 B

319ms
17ms

Image
text/plain

2606:4700:e6::ac40:c219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=b6ab8613e6a1ac10
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=601760
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:03 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vhTpHqJ5nas1%2BnN3u4YqIQHTX22cmwBKKEP0ts9vemqNKEQXjC%2BKpquiRr74l9ufehKYQ6Dj6VGCspC1t5yxftVEGX5drN5F7GLYzlUpwEY9Ksw8sDLzckPSv%2Fpu16ZvIxTndLXyr73LnxyOxJ3YZ0c%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 659d92356defdfd3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
cf-request-id: 0a7659b5660000dfd3728e1000000001
expires: 0

Redirect headers

Location: https://rtb.adxpremium.services/setuid?bidder=adtelligent&uid=b6ab8613e6a1ac10
Date: Fri, 04 Jun 2021 02:01:02 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 41ms
41ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772062949

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:02 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.38:80
AN-X-Request-Uuid: c8138a28-5161-450e-af76-2125fb165675
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 46ms
45ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772062949

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:02 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.68:80
AN-X-Request-Uuid: cc2d08e8-84fd-4265-a243-59e8a8489462
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772062950&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 62ms
62ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
389 B 94ms
94ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e4c2942ec5aff9cfe2554a28ed1d06c7848cdcb5332a1d0b1c1bbf1172ec6c83

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 177
expires: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 45ms
45ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:02 GMT
X-SpotX-Timing-Transform: 0.000430
X-SpotX-Timing-SpotMarket: 0.004625
X-SpotX-Timing-Page-Mux: 0.002057
X-SpotX-Timing-Page-Require: 0.000400
X-fe: 015
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.010902
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000350
Last-Modified: Fri, 04 Jun 2021 02:01:02 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004625
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.003018
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000018
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 94ms
94ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ae9e5f6c587f2beab7dbcb43ea5fb9a3d6f5c406f5aeafe46a3fdd934307a4ad

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
538 B 97ms
97ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPWZhOWJlYjNjLTE0YjItNDY4OC1iNDhmLWY0YTFjODg3MmU1MQ%3D%3D&pt=net&stid=b9966498-ce2d-4087-965b-dc30ae028c98&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:03 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 44ms
43ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:02 GMT
X-SpotX-Timing-Transform: 0.000299
X-SpotX-Timing-SpotMarket: 0.004667
X-SpotX-Timing-Page-Mux: 0.000950
X-SpotX-Timing-Page-Require: 0.000326
X-fe: 015
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000023
X-SpotX-Timing-Page: 0.011275
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000259
Last-Modified: Fri, 04 Jun 2021 02:01:02 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004667
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.004739
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 61ms
61ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
119ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772063056&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 358ms
121ms XHR
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 02:01:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C76E 338 KB
116 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:03 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E7FF 338 KB
116 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:03 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8350 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101083
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame E7FF 44 KB
16 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:03 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame E7FF 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame AA23 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101083
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C76E 44 KB
16 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:03 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame C76E 107 B
122 B 29ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D64B 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 383
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C4E1 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 383
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4E61 0
750 B 91ms
91ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:03 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.82:80
AN-X-Request-Uuid: e6417244-1c05-43af-9435-825107a8373a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8350 156 B
142 B 196ms
196ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1755786621052697&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=4045352411&sdk_apis=2%2C8&sid=7E70D982-ABFE-4FD6-97FB-EB44F9342FE7&eid=44730896&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772063305&cookie=ID%3D6858f3710ab6c25d%3AT%3D1622772059%3AS%3DALNI_MYirdMmQeB_a5GarT8LsCG4rIkAYw&scor=3075816502929612&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame AA23 156 B
142 B 240ms
239ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=377593405869389&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=1981209409&sdk_apis=2%2C8&sid=E067569C-FB38-4D39-9C0B-ED443F84C5B9&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772063309&cookie=ID%3D6858f3710ab6c25d%3AT%3D1622772059%3AS%3DALNI_MYirdMmQeB_a5GarT8LsCG4rIkAYw&scor=2975845039307898&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 43ms
42ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772063555

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:03 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: 25466d5e-879c-49a2-b223-4918ac863586
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 40ms
40ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772063555

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:03 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.80:80
AN-X-Request-Uuid: 4b6e43be-520a-41c5-89e8-83ea47e0e9f1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
119ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772063556&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 72ms
71ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 42ms
42ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:03 GMT
X-SpotX-Timing-Transform: 0.000297
X-SpotX-Timing-SpotMarket: 0.004494
X-SpotX-Timing-Page-Mux: 0.001079
X-SpotX-Timing-Page-Require: 0.000354
X-fe: 005
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000030
X-SpotX-Timing-Page: 0.009717
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000300
Last-Modified: Fri, 04 Jun 2021 02:01:03 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004494
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.003146
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000016
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 105ms
105ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3632cc8c8b9e1ee351b99cda2c28fd1b81ae8c81985d77ed95edc31bef8963cf

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 42ms
41ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:03 GMT
X-SpotX-Timing-Transform: 0.000240
X-SpotX-Timing-SpotMarket: 0.003671
X-SpotX-Timing-Page-Mux: 0.000890
X-SpotX-Timing-Page-Require: 0.000369
X-fe: 139
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.007490
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000318
Last-Modified: Fri, 04 Jun 2021 02:01:03 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003671
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.001988
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
538 B 105ms
105ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPTU0MTZhYTczLWY5NWItNDZlNi1hMzI5LTliOGUwNjcxMzlkOQ%3D%3D&pt=net&stid=23942218-3d5c-47c4-8005-d1e2d1cb75c1&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:03 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 64ms
64ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
385 B 88ms
87ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f289b1642c507482b511e6d15bff320b297bd7b5170d7ff4b504b6dda59147e1

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 118ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772063669&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 5B3F 1 KB
979 B 40ms
23ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method: GET
:authority: cdn.connectad.io
:scheme: https
:path: /connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://user-sync.adxpremium.services/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://user-sync.adxpremium.services/

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
cf-request-id: 0a7659b5d600004de2593a0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 659d92362bac4de2-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9229 338 KB
116 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:03 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 50AD 338 KB
116 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:03 GMT

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 046E 0
0 21ms
20ms Document
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: sync-eu.connectad.io
:scheme: https
:path: /syncer/1?gdpr_consent=&cb=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cadsync
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.connectad.io/

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0a7659b5f700004de2a0960000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 659d92365bf24de2-FRA

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4325 8 KB
3 KB 32ms
32ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://user-sync.adxpremium.services/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://user-sync.adxpremium.services/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=86744
expires: Sat, 05 Jun 2021 02:06:47 GMT
date: Fri, 04 Jun 2021 02:01:03 GMT
vary: Accept-Encoding

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 857A 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101083
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 9229 44 KB
16 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:03 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9229 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F78E 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101083
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 50AD 44 KB
16 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:03 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 50AD 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4117 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 383
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 995E 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 383
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C7AD 38 KB
14 KB 34ms
34ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159760&predirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=136621
expires: Sat, 05 Jun 2021 15:58:04 GMT
date: Fri, 04 Jun 2021 02:01:03 GMT
vary: Accept-Encoding

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 857A 156 B
142 B 188ms
188ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1957625385207154&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=301788202&sdk_apis=2%2C8&sid=9A9FF980-E3D2-464A-A29C-0DEBF9B6EFFD&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772063933&cookie=ID%3D6858f3710ab6c25d%3AT%3D1622772059%3AS%3DALNI_MYirdMmQeB_a5GarT8LsCG4rIkAYw&scor=113938150349859&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame F78E 156 B
142 B 204ms
204ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1370047844082168&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=309823704&sdk_apis=2%2C8&sid=75C95609-FEB1-497F-B4AC-9E7DB61AEA59&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772063939&cookie=ID%3D6858f3710ab6c25d%3AT%3D1622772059%3AS%3DALNI_MYirdMmQeB_a5GarT8LsCG4rIkAYw&scor=3432722162779060&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
rtb.adxpremium.services/ Frame B526
Redirect Chain

https://dmp.rtbsrv.com/dmp/profiles/cm?p_id=298&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dmarsmedia%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BGID%7D
https://ib.adnxs.com/getuid?https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=%24UID&mpk=GgCCIAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RX...
https://dmp.rtbsrv.com/dmp/profiles/cm/ap/getId?gid=655791726943216767&mpk=GgCCIAR3UCRJdkQ3UCNyUCRzUCZpVnNyUCRzUCduV2cu92YfJHckdmNyUSMENTJyBHZnZjMlEWakVWbzJXYtR0MlIXZkRWaiZ0MlQWa1RXZzZkMlMXZjlmdyV2...
https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=655791726943216767

0
715 B

314ms
13ms

Image
text/plain

2606:4700:e6::ac40:c219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=655791726943216767
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://user-sync.adxpremium.services/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2lIVJdYKVTftMV3jXd4D4j44BzXakH2WAY2Hu0TzWGeNzvEl5Ta1RKFa%2BNclU4dq9JYQyuNHQvTf8UBq7MxxSpGr4JzooOMcPwPzE6AzZP%2B2aPebDc5Cx5d9uNmVazrSs2cDnbBS2%2F11swUQML7Pwa8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 659d923b6b9fdfd3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
cf-request-id: 0a7659b9200000dfd361b87000000001
expires: 0

Redirect headers

date: Fri, 04 Jun 2021 02:01:04 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DswVGXlEDqAyj8Da018%2FVl%2FDDnCASMW9ddXWw1we72ccu%2FP4Qb96TaIWf%2B51KVePOdvu0tEPJ%2BlgBXXUA%2BkqVITz%2FoXrYaCRnCaC9sgBlKzjARh2GPjT9ETQFzXy5jtCoJski1H6I4k%3D"}],"group":"cf-nel","max_age":604800}
location: https://rtb.adxpremium.services/setuid?bidder=marsmedia&gdpr=1&gdpr_consent=&uid=655791726943216767
cf-ray: 659d9238d93a178e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
cf-request-id: 0a7659b7890000178ed995f000000001

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 45ms
45ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772064150

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:04 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.42:80
AN-X-Request-Uuid: 61126e8f-cfe2-4c5c-8aec-f64157b616e7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 41ms
40ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772064150

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:04 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.45:80
AN-X-Request-Uuid: 55c7f6e9-2f80-471f-b028-2d114a3de748
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 118ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772064150&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
538 B 102ms
102ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPTUxZjE5NzdlLTBiNWEtNDJjZi05ZmM5LTFiMzViZmNjODk1Zg%3D%3D&pt=net&stid=678b8e17-b5eb-4a38-8e25-4e4ee966f07f&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 81ms
81ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5303ddad0cd0c909de5b2781a7a62d221ddb3db9aaac191eaefa3aa2c05010e2

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 42ms
42ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:04 GMT
X-SpotX-Timing-Transform: 0.000293
X-SpotX-Timing-SpotMarket: 0.003857
X-SpotX-Timing-Page-Mux: 0.000751
X-SpotX-Timing-Page-Require: 0.000279
X-fe: 141
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.007667
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000336
Last-Modified: Fri, 04 Jun 2021 02:01:04 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003857
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002132
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000015
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 41ms
41ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:04 GMT
X-SpotX-Timing-Transform: 0.000487
X-SpotX-Timing-SpotMarket: 0.004473
X-SpotX-Timing-Page-Mux: 0.001112
X-SpotX-Timing-Page-Require: 0.000316
X-fe: 126
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000019
X-SpotX-Timing-Page: 0.009184
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000264
Last-Modified: Fri, 04 Jun 2021 02:01:04 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004473
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002502
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 62ms
62ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
387 B 109ms
108ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 05cc1aa08b9e7e07d3a98acd57698be692fc80cf208fae141b4f337675e12c8b

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 64ms
64ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772064268&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3B86 338 KB
116 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dab395a64d1a6cba64d52ecd6524989fe041021e28556459c01bdad4123ce60f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118262
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:04 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 494E 338 KB
116 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:04 GMT

GET
H3-29 200 bridge3.464.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame BA6C 575 KB
188 KB 7ms
7ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.464.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9d5e09558279565ec0682c25b6e19e7ba308333de0d5f4b50ca21e8dc6ce83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.464.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192661
date: Thu, 03 Jun 2021 23:33:18 GMT
expires: Fri, 03 Jun 2022 23:33:18 GMT
last-modified: Thu, 03 Jun 2021 23:26:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8866
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 3B86 44 KB
16 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:04 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3B86 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 86F8 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101084
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 494E 44 KB
16 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:04 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 494E 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 609B 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 384
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3DD7 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 384
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame BA6C 156 B
142 B 198ms
198ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4481195884160358&sdkv=h.3.464.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3308733228&sdk_apis=2%2C8&sid=62DFAA5D-EE96-4F97-B845-E61BC51DBE16&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772064587&cookie=ID%3D6858f3710ab6c25d%3AT%3D1622772059%3AS%3DALNI_MYirdMmQeB_a5GarT8LsCG4rIkAYw&scor=930960250441639&ged=ve4_td1_tt1_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.464.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame 8EBD
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_...
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26...

3 KB
1 KB

41ms
41ms

Document
text/html

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: user-sync.adxpremium.services
URL: https://user-sync.adxpremium.services/load-cookie.html?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 4c97bb1b8d9a289797ea829fb051f61eec75c51791a470920ef8cc40f0c6246b

Request headers

:method: GET
:authority: ads.us.e-planning.net
:scheme: https
:path: /uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://user-sync.adxpremium.services/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: CT=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://user-sync.adxpremium.services/

Response headers

server: openresty
date: Fri, 04 Jun 2021 02:01:04 GMT
content-type: text/html
cache-control: max-age=0, no-cache
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie: E=AOkPQCHuLJHhD3UL; path=/; domain=e-planning.net; expires=Fri, 02-Jun-2028 02:01:04 GMT; SameSite=None; Secure
expires: Fri, 04 Jun 2021 02:01:04 GMT
x-sid: AMS-746
content-encoding: gzip

Redirect headers

server: openresty
date: Fri, 04 Jun 2021 02:01:04 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: CT=1; path=/; SameSite=None; Secure
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
x-sid: AMS-746

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 86F8 156 B
142 B 180ms
180ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=247620204481996&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2466647103&sdk_apis=2%2C8&sid=BABA9EE4-DC53-4932-A470-8CFD4DFE9CF2&eid=44741233&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772064598&cookie=ID%3D6858f3710ab6c25d%3AT%3D1622772059%3AS%3DALNI_MYirdMmQeB_a5GarT8LsCG4rIkAYw&scor=4275901536924254&ged=ve4_td1_tt1_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

um
u-ams02.e-planning.net/ Frame 8EBD
Redirect Chain

https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D4654c36c83c62387
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4654c36c83c62387

42 B
103 B

43ms
38ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4654c36c83c62387
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
server: openresty
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=4654c36c83c62387
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET eplanning
sync.1rx.io/usersync2/ Frame 8EBD 0
0

GET
H2 200 dataxpand_28122020.js Show response
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 8EBD 39 KB
14 KB 132ms
51ms Script
application/x-javascript 5.178.65.253
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: 792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
last-modified: Mon, 28 Dec 2020 16:45:03 GMT
server: openresty
etag: W/"5fea0b8f-9a72"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Wed, 03 Jun 2026 02:01:04 GMT

GET
H2 200 tm60118.js Show response
tag.navdmp.com/ Frame 8EBD 12 KB
4 KB 37ms
14ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm60118.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3201
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 0a7659ba01000063d1041f6000000001
last-modified: Wed, 18 Nov 2020 16:32:07 GMT
server: cloudflare
etag: W/"5fb54c87-2ef4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 659d923ccc0e63d1-FRA
expires: Fri, 04 Jun 2021 02:07:43 GMT

GET
H2 200 retargetly_030920.js Show response
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 8EBD 2 KB
1 KB 132ms
52ms Script
application/x-javascript 5.178.65.253
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: 18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 18:45:03 GMT
server: openresty
etag: W/"5f5139af-857"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Wed, 03 Jun 2026 02:01:04 GMT

GET
H2

200

um
u-ams02.e-planning.net/ Frame 8EBD
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4654c36c83c62387%26uid%3D%24%7BUID%7D
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4654c36c83c62387&uid=e51cfda6-693f-47c7-a8ff-6a14a4856630

42 B
103 B

134ms
37ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4654c36c83c62387&uid=e51cfda6-693f-47c7-a8ff-6a14a4856630
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
server: openresty
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:03 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4654c36c83c62387&uid=e51cfda6-693f-47c7-a8ff-6a14a4856630
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: ru2hao0f6bc7v2uauagrd8his01kq2jl

GET
H/1.1 200 ptag Show response
a.audrte.com/ Frame 8EBD 5 KB
2 KB 475ms
119ms Script
text/plain 34.193.191.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptag?p=M1353665098
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.191.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: fa3daf367a655a3b1c520dc6248a72aa43f06eba40a533ae53abd3127207b99a

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:01:05 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-transform, public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1683

GET
H2 200 lotame.js Show response
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 8EBD 266 B
415 B 132ms
52ms Script
application/x-javascript 5.178.65.253
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: 76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
last-modified: Thu, 19 Nov 2020 16:18:03 GMT
server: openresty
etag: W/"5fb69abb-10a"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Wed, 03 Jun 2026 02:01:04 GMT

GET
H2 204 current
prebid-match.dotomi.com/match/bounce/ Frame 8EBD 0
104 B 119ms
65ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D4654c36c83c62387%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 8EBD
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D4654c36c83c62387
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F

95 B
222 B

35ms
35ms

Image
image/png

168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.39.146.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

Redirect headers

location: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date: Fri, 04 Jun 2021 02:01:04 GMT
server: nginx/1.10.3
content-type: text/html; charset=UTF-8

GET
H2

200

um
u-ams02.e-planning.net/ Frame 8EBD
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4654c36c83c62387%26uid%3D%24UID
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4654c36c83c62387&uid=655791726943216767

42 B
103 B

111ms
37ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4654c36c83c62387&uid=655791726943216767
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
server: openresty
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:04 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.135:80
AN-X-Request-Uuid: b63cfb90-7ba0-4f80-b12e-b87168d5edee
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=4654c36c83c62387&uid=655791726943216767
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 8EBD 0
474 B 106ms
35ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D4654c36c83c62387%26uid%3D%5BUID%5D

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:04 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.e-planning.net/ Frame 8EBD
Redirect Chain

https://ups.analytics.yahoo.com/ups/58414/occ
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-GMHYAb9E2uFIl05DiWKmHSf2.r5SKHZfxIcsEyc-~A

42 B
103 B

110ms
36ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-GMHYAb9E2uFIl05DiWKmHSf2.r5SKHZfxIcsEyc-~A
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
server: openresty
content-type: image/gif

Redirect headers

Date: Fri, 04 Jun 2021 02:01:05 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-GMHYAb9E2uFIl05DiWKmHSf2.r5SKHZfxIcsEyc-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

um
u-ams02.e-planning.net/ Frame 8EBD
Redirect Chain

https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D4654c36c83c62387%26uid%3D%7B%24UID%7D
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4654c36c83c62387&uid=9a4adf7533dc217de2293d5fb76b49e49337c1c7

42 B
103 B

36ms
36ms

Image
image/gif

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4654c36c83c62387&uid=9a4adf7533dc217de2293d5fb76b49e49337c1c7
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:08 GMT
server: openresty
content-type: image/gif

Redirect headers

Location: https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=4654c36c83c62387&uid=9a4adf7533dc217de2293d5fb76b49e49337c1c7
Date: Fri, 04 Jun 2021 02:01:08 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 test_dmp.html Show response
s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/ Frame 8EBD 0
0 133ms
53ms Script
text/html 5.178.65.253
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/test_dmp.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E6A7
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

281 B
554 B

34ms
33ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.us.e-planning.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: pux=1512%3D100131%262249%3D100131%262307%3D100131%262974%3D100131%263778%3D100131%26goog%3D100131%262249-DV360-Hosted%3D100131%26brx%3D100131%26; khaos=KPHOL4K3-6-43Q0; audit=1|i2LGsMLRd+CKTgL+xgTavtpPex04LS5tW6YwxxuVNQDPHaQ0M+WGolbpy0mGAXSuYgU+80BsubtCqQ3+tQhlLHMDvubSxZCGZ+mZHK3G62/Ik/Pf2oPXod1ZF9szPzrl0A+VO7RH1E0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Jun 2021 02:01:04 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date: Fri, 04 Jun 2021 02:01:04 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B801 8 KB
3 KB 32ms
32ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4654c36c83c62387%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4654c36c83c62387%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=86743
expires: Sat, 05 Jun 2021 02:06:47 GMT
date: Fri, 04 Jun 2021 02:01:04 GMT
vary: Accept-Encoding

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 120ms
120ms XHR
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 02:01:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6DB6 38 KB
14 KB 34ms
34ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4654c36c83c62387%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4654c36c83c62387%26uid%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4654c36c83c62387%26uid%3D

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=136620
expires: Sat, 05 Jun 2021 15:58:04 GMT
date: Fri, 04 Jun 2021 02:01:04 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 41ms
40ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772064804

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:04 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.74:80
AN-X-Request-Uuid: b4e36c4c-d91c-4902-aa23-70b7b993dba5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 63ms
43ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772064804

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:04 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.49:80
AN-X-Request-Uuid: 0de52eae-dc38-4e65-a254-41db2b3a30c8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
119ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772064805&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 63ms
62ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 86ms
86ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac528d24c6c9f20c4c653a289c3225e472aca25d952913ddd8c0464c4c1ce0e8

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 45ms
44ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:04 GMT
X-SpotX-Timing-Transform: 0.000304
X-SpotX-Timing-SpotMarket: 0.004635
X-SpotX-Timing-Page-Mux: 0.000930
X-SpotX-Timing-Page-Require: 0.000301
X-fe: 085
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000018
X-SpotX-Timing-Page: 0.010474
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000262
Last-Modified: Fri, 04 Jun 2021 02:01:04 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004635
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.004012
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 85ms
84ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9f3764506bba3aa1730a202fe7194468bab3dd7c15dbd5ea1ad09e0f7e146cf0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 41ms
40ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:04 GMT
X-SpotX-Timing-Transform: 0.000256
X-SpotX-Timing-SpotMarket: 0.004420
X-SpotX-Timing-Page-Mux: 0.000829
X-SpotX-Timing-Page-Require: 0.000362
X-fe: 104
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.008443
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000393
Last-Modified: Fri, 04 Jun 2021 02:01:04 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004420
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002169
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 67ms
67ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
538 B 106ms
106ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPWU3ODhlMzdkLTI2YmUtNGY3Mi1iZjBkLWE0ZGQ0YjYxNTFlOQ%3D%3D&pt=net&stid=3df89e95-91a8-4ce0-bee5-c4e5b5825320&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6DB6 5 KB
6 KB 31ms
31ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68639726&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e10faa505799b7d62e8257fb54d8ed8beeb9faf7e80ede0c0ff88f3f326c9d2b

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 126F 35 B
468 B 38ms
38ms Document
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=9791364A-5D70-4DE7-99E3-E3BC5164F339

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?party=14&cid=9791364A-5D70-4DE7-99E3-E3BC5164F339
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; uid=6354053604714367167
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 02:01:04 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=6354053604714367167; expires=Tue, 03 Aug 2021 02:01:04 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame F487
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3462424979472878295

42 B
210 B

40ms
39ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3462424979472878295
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3462424979472878295
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=9791364A-5D70-4DE7-99E3-E3BC5164F339; KRTBCOOKIE_218=22978-YLmJXgABiB9EuQA4&KRTB&23194-YLmJXgABiB9EuQA4&KRTB&23209-YLmJXgABiB9EuQA4&KRTB&23244-YLmJXgABiB9EuQA4; PUBMDCID=3; KRTBCOOKIE_391=22924-6354053604714367167&KRTB&23263-6354053604714367167; KRTBCOOKIE_22=14911-9088721734973394273; KRTBCOOKIE_27=16735-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&16736-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&23019-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&23114-uid:fd6260b9-895d-4c00-b58f-aab0a8711566; KRTBCOOKIE_377=6810-536177cc-28b9-47af-b08e-8f615acda350&KRTB&22918-536177cc-28b9-47af-b08e-8f615acda350&KRTB&23031-536177cc-28b9-47af-b08e-8f615acda350; chkChromeAb67Sec=2; DPSync3=1623974400%3A197_219_201_221_226_227_232%7C1622851200%3A174; SyncRTB3=1627948800%3A69%7C1624060800%3A35%7C1623628800%3A63%7C1623974400%3A81_231_78_176_7_161_104_234_21_71_233_165_189_88_54_5_204_13_22_220_166_230_8_55_3_57_99_222_56%7C1625356800%3A203%7C1623369600%3A67_15_2_223; KRTBCOOKIE_57=22776-655791726943216767; PugT=1622772065; KRTBCOOKIE_80=22987-CAESEEAgunsZe1UStbZDbewe4WU&KRTB&16514-CAESEEAgunsZe1UStbZDbewe4WU&KRTB&23025-CAESEEAgunsZe1UStbZDbewe4WU; KRTBCOOKIE_153=19420-3efawdPujZ3G44CaiuSVyNnmis3G4o6c3O7m16kQ&KRTB&22979-3efawdPujZ3G44CaiuSVyNnmis3G4o6c3O7m16kQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 02:01:06 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-3462424979472878295; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Jul-2021 02:01:06 GMT; path=/ PugT=1622772066; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Jul-2021 02:01:06 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 02:01:06 GMT; path=/
x-lat: lhrpug012:0:476
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3462424979472878295
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame DC49 43 B
304 B 1121ms
38ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Fri, 04 Jun 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1042
date: Fri, 04 Jun 2021 02:01:05 GMT
content-length: 43

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4FF0
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969752960922417300

42 B
365 B

32ms
32ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969752960922417300
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969752960922417300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=9791364A-5D70-4DE7-99E3-E3BC5164F339; KRTBCOOKIE_218=22978-YLmJXgABiB9EuQA4&KRTB&23194-YLmJXgABiB9EuQA4&KRTB&23209-YLmJXgABiB9EuQA4&KRTB&23244-YLmJXgABiB9EuQA4; PUBMDCID=3; KRTBCOOKIE_391=22924-6354053604714367167&KRTB&23263-6354053604714367167; KRTBCOOKIE_22=14911-9088721734973394273; KRTBCOOKIE_27=16735-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&16736-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&23019-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&23114-uid:fd6260b9-895d-4c00-b58f-aab0a8711566; KRTBCOOKIE_377=6810-536177cc-28b9-47af-b08e-8f615acda350&KRTB&22918-536177cc-28b9-47af-b08e-8f615acda350&KRTB&23031-536177cc-28b9-47af-b08e-8f615acda350; SyncRTB3=1627948800%3A69%7C1624060800%3A35%7C1623628800%3A63%7C1623974400%3A81_231_78_176_7_161_104_234_21_71_233_165_189_88_54_5_204_13_22_220_166_230_8_55_3_57_99_222_56%7C1625356800%3A203%7C1623369600%3A67_15_2_223; KRTBCOOKIE_57=22776-655791726943216767; KRTBCOOKIE_80=22987-CAESEEAgunsZe1UStbZDbewe4WU&KRTB&16514-CAESEEAgunsZe1UStbZDbewe4WU&KRTB&23025-CAESEEAgunsZe1UStbZDbewe4WU; KRTBCOOKIE_153=19420-3efawdPujZ3G44CaiuSVyNnmis3G4o6c3O7m16kQ&KRTB&22979-3efawdPujZ3G44CaiuSVyNnmis3G4o6c3O7m16kQ; KRTBCOOKIE_188=3189-no-consent; PugT=1622772066; KRTBCOOKIE_336=5844-3462424979472878295; chkChromeAb67Sec=3; DPSync3=1622851200%3A174%7C1623974400%3A201_226_197_219_232_235_221_227; SPugT=1622772066
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 02:01:07 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-6969752960922417300; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Jul-2021 02:01:07 GMT; path=/ PugT=1622772067; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Jul-2021 02:01:07 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 02:01:07 GMT; path=/
x-lat: amspug013:0:376
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Fri, 04 Jun 2021 02:01:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6969752960922417300; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969752960922417300

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 30E4
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEWUJFN0JjeE1BQURMWmxMLWxrUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADYBE7BcxMAADLZlL-lkQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...

43 B
163 B

125ms
40ms

Document
image/gif

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADYBE7BcxMAADLZlL-lkQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host: rtb-csync.smartadserver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
content-type: image/gif
transfer-encoding: chunked

Redirect headers

Date: Fri, 04 Jun 2021 02:01:06 GMT
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADYBE7BcxMAADLZlL-lkQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8CBD
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

0
88 B

32ms
32ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=9791364A-5D70-4DE7-99E3-E3BC5164F339; KRTBCOOKIE_218=22978-YLmJXgABiB9EuQA4&KRTB&23194-YLmJXgABiB9EuQA4&KRTB&23209-YLmJXgABiB9EuQA4&KRTB&23244-YLmJXgABiB9EuQA4; PUBMDCID=3; KRTBCOOKIE_391=22924-6354053604714367167&KRTB&23263-6354053604714367167; KRTBCOOKIE_22=14911-9088721734973394273; KRTBCOOKIE_27=16735-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&16736-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&23019-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&23114-uid:fd6260b9-895d-4c00-b58f-aab0a8711566; KRTBCOOKIE_377=6810-536177cc-28b9-47af-b08e-8f615acda350&KRTB&22918-536177cc-28b9-47af-b08e-8f615acda350&KRTB&23031-536177cc-28b9-47af-b08e-8f615acda350; SyncRTB3=1627948800%3A69%7C1624060800%3A35%7C1623628800%3A63%7C1623974400%3A81_231_78_176_7_161_104_234_21_71_233_165_189_88_54_5_204_13_22_220_166_230_8_55_3_57_99_222_56%7C1625356800%3A203%7C1623369600%3A67_15_2_223; KRTBCOOKIE_57=22776-655791726943216767; KRTBCOOKIE_80=22987-CAESEEAgunsZe1UStbZDbewe4WU&KRTB&16514-CAESEEAgunsZe1UStbZDbewe4WU&KRTB&23025-CAESEEAgunsZe1UStbZDbewe4WU; KRTBCOOKIE_153=19420-3efawdPujZ3G44CaiuSVyNnmis3G4o6c3O7m16kQ&KRTB&22979-3efawdPujZ3G44CaiuSVyNnmis3G4o6c3O7m16kQ; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_336=5844-3462424979472878295; chkChromeAb67Sec=3; DPSync3=1622851200%3A174%7C1623974400%3A201_226_197_219_232_235_221_227; SPugT=1622772066; KRTBCOOKIE_1101=23040-6969752960922417300; PugT=1622772067
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 02:01:06 GMT
content-type: text/html; charset=utf-8
x-lat: amspug012:2:256
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

set-cookie: viewer_token=c112ccef-b641-446c-9836-3e113f2f9c3d; path=/; domain=csync.loopme.me; Expires=Sun, 04-Jul-2021 02:01:08 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length: 0
date: Fri, 04 Jun 2021 02:01:08 GMT
server: _

GET pubmatic&gdpr=0&gdpr_consent=
sync.1rx.io/usersync2/ Frame 6BB6 0
0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 88F3
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5tptP9nfwUmcIAMEmkALW6v5

42 B
371 B

40ms
40ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5tptP9nfwUmcIAMEmkALW6v5
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5tptP9nfwUmcIAMEmkALW6v5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=9791364A-5D70-4DE7-99E3-E3BC5164F339; KRTBCOOKIE_218=22978-YLmJXgABiB9EuQA4&KRTB&23194-YLmJXgABiB9EuQA4&KRTB&23209-YLmJXgABiB9EuQA4&KRTB&23244-YLmJXgABiB9EuQA4; PUBMDCID=3; KRTBCOOKIE_391=22924-6354053604714367167&KRTB&23263-6354053604714367167; KRTBCOOKIE_22=14911-9088721734973394273; KRTBCOOKIE_27=16735-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&16736-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&23019-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&23114-uid:fd6260b9-895d-4c00-b58f-aab0a8711566; KRTBCOOKIE_377=6810-536177cc-28b9-47af-b08e-8f615acda350&KRTB&22918-536177cc-28b9-47af-b08e-8f615acda350&KRTB&23031-536177cc-28b9-47af-b08e-8f615acda350; SyncRTB3=1627948800%3A69%7C1624060800%3A35%7C1623628800%3A63%7C1623974400%3A81_231_78_176_7_161_104_234_21_71_233_165_189_88_54_5_204_13_22_220_166_230_8_55_3_57_99_222_56%7C1625356800%3A203%7C1623369600%3A67_15_2_223; KRTBCOOKIE_57=22776-655791726943216767; KRTBCOOKIE_80=22987-CAESEEAgunsZe1UStbZDbewe4WU&KRTB&16514-CAESEEAgunsZe1UStbZDbewe4WU&KRTB&23025-CAESEEAgunsZe1UStbZDbewe4WU; KRTBCOOKIE_153=19420-3efawdPujZ3G44CaiuSVyNnmis3G4o6c3O7m16kQ&KRTB&22979-3efawdPujZ3G44CaiuSVyNnmis3G4o6c3O7m16kQ; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_336=5844-3462424979472878295; chkChromeAb67Sec=3; DPSync3=1622851200%3A174%7C1623974400%3A201_226_197_219_232_235_221_227; SPugT=1622772066; KRTBCOOKIE_1101=23040-6969752960922417300; PugT=1622772067
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 02:01:08 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_409=22966-5tptP9nfwUmcIAMEmkALW6v5; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Jul-2021 02:01:08 GMT; path=/ PugT=1622772068; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Jul-2021 02:01:08 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 02:01:08 GMT; path=/
x-lat: lhrpug012:0:492
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Fri, 04 Jun 2021 02:01:08 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=5tptP9nfwUmcIAMEmkALW6v5; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=5tptP9nfwUmcIAMEmkALW6v5
strict-transport-security: max-age=0; includeSubDomains;

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame C835 42 B
1009 B 35ms
17ms Document
image/gif 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-type: image/gif
content-length: 42
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0a7659ba8300004ed9d7383000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 659d923d9ceb4ed9-FRA

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 6127 43 B
408 B 3873ms
36ms Document
image/gif 72.251.241.204
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Fri, 04 Jun 2021 02:01:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-6
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame DAA1
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
446 B

180ms
176ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aBnoeUqZbaOT6iPqcgTEx9gQHvLRWyHZdtfwLL6qVy
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aTnsIHNj6WkCyhURALhLNiEbb3wSVThBsOADh7JU5k48FDTWRRmGnLCyX6R1fHdJVdIZc0V3a3WhK3igsyAfqZdUuc; path=/; domain=.tribalfusion.com; expires=Thu, 02-Sep-2021 02:01:05 GMT; SameSite=None; Secure; ANON_ID_old=aTnsIHNj6WkCyhURALhLNiEbb3wSVThBsOADh7JU5k48FDTWRRmGnLCyX6R1fHdJVdIZc0V3a3WhK3igsyAfqZdUuc; path=/; domain=.tribalfusion.com; expires=Thu, 02-Sep-2021 02:01:05 GMT;
cf-cache-status: DYNAMIC
cf-request-id: 0a7659bb350000bf19bb834000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 659d923ebb0abf19-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Fri, 04 Jun 2021 02:01:05 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 333
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aBnoeUqZbaOT6iPqcgTEx9gQHvLRWyHZdtfwLL6qVy; path=/; domain=.tribalfusion.com; expires=Thu, 02-Sep-2021 02:01:04 GMT; SameSite=None; Secure; ANON_ID_old=aBnoeUqZbaOT6iPqcgTEx9gQHvLRWyHZdtfwLL6qVy; path=/; domain=.tribalfusion.com; expires=Thu, 02-Sep-2021 02:01:04 GMT;
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 0a7659ba8a0000bf198c1b3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 659d923daad6bf19-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3784
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FprGLMAyTnL3&pid=557219

1 B
68 B

32ms
31ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FprGLMAyTnL3&pid=557219
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FprGLMAyTnL3&pid=557219
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=9791364A-5D70-4DE7-99E3-E3BC5164F339; KRTBCOOKIE_218=22978-YLmJXgABiB9EuQA4&KRTB&23194-YLmJXgABiB9EuQA4&KRTB&23209-YLmJXgABiB9EuQA4&KRTB&23244-YLmJXgABiB9EuQA4; PUBMDCID=3; KRTBCOOKIE_391=22924-6354053604714367167&KRTB&23263-6354053604714367167; KRTBCOOKIE_22=14911-9088721734973394273; KRTBCOOKIE_27=16735-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&16736-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&23019-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&23114-uid:fd6260b9-895d-4c00-b58f-aab0a8711566; KRTBCOOKIE_377=6810-536177cc-28b9-47af-b08e-8f615acda350&KRTB&22918-536177cc-28b9-47af-b08e-8f615acda350&KRTB&23031-536177cc-28b9-47af-b08e-8f615acda350; SyncRTB3=1627948800%3A69%7C1624060800%3A35%7C1623628800%3A63%7C1623974400%3A81_231_78_176_7_161_104_234_21_71_233_165_189_88_54_5_204_13_22_220_166_230_8_55_3_57_99_222_56%7C1625356800%3A203%7C1623369600%3A67_15_2_223; KRTBCOOKIE_57=22776-655791726943216767; KRTBCOOKIE_80=22987-CAESEEAgunsZe1UStbZDbewe4WU&KRTB&16514-CAESEEAgunsZe1UStbZDbewe4WU&KRTB&23025-CAESEEAgunsZe1UStbZDbewe4WU; KRTBCOOKIE_153=19420-3efawdPujZ3G44CaiuSVyNnmis3G4o6c3O7m16kQ&KRTB&22979-3efawdPujZ3G44CaiuSVyNnmis3G4o6c3O7m16kQ; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_336=5844-3462424979472878295; chkChromeAb67Sec=3; DPSync3=1622851200%3A174%7C1623974400%3A201_226_197_219_232_235_221_227; SPugT=1622772066; KRTBCOOKIE_1101=23040-6969752960922417300; KRTBCOOKIE_409=22966-5tptP9nfwUmcIAMEmkALW6v5; KRTBCOOKIE_466=16530-83dde611-02a5-4b36-a4b1-09a1d2cfc8b0; PugT=1622772066
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 02:01:07 GMT
content-type: text/html; charset=utf-8
content-length: 1
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 02:01:07 GMT; path=/
x-lat: amspug008:0:393
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-555c8fd69d-snv5b
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=FprGLMAyTnL3&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=aad488428c691c8b; path=/; HttpOnly; Secure; SameSite=None

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 9A32
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7d685cd8-45eb-4822-abf3-e2c583f1e30d-tuct7b30ee2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
52 B

42ms
40ms

Document
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7d685cd8-45eb-4822-abf3-e2c583f1e30d-tuct7b30ee2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7d685cd8-45eb-4822-abf3-e2c583f1e30d-tuct7b30ee2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=7d685cd8-45eb-4822-abf3-e2c583f1e30d-tuct7b30ee2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Fri, 04 Jun 2021 02:01:06 GMT
via: 1.1 varnish
x-served-by: cache-hhn11552-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1622772067.831500,VS0,VE8
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=7d685cd8-45eb-4822-abf3-e2c583f1e30d-tuct7b30ee2;Version=1;Path=/;Domain=.taboola.com;Expires=Sat, 04-Jun-2022 02:01:06 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=7d685cd8-45eb-4822-abf3-e2c583f1e30d-tuct7b30ee2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Fri, 04 Jun 2021 02:01:06 GMT
via: 1.1 varnish
x-served-by: cache-hhn11552-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1622772067.727935,VS0,VE68
x-vcl-time-ms: 68
content-length: 0

GET
H2 200 um Show response
u-ams02.e-planning.net/ Frame ADCC 42 B
104 B 45ms
37ms Document
image/gif 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=4654c36c83c62387&uid=9791364A-5D70-4DE7-99E3-E3BC5164F339
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method: GET
:authority: u-ams02.e-planning.net
:scheme: https
:path: /um?dc=a208d9366469aa64&fi=4654c36c83c62387&uid=9791364A-5D70-4DE7-99E3-E3BC5164F339
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: E=AOkPQCHuLJHhD3UL
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: openresty
date: Fri, 04 Jun 2021 02:01:04 GMT
content-type: image/gif

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6DB6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=l5E2Sl1wTeeZ4-O8UWTzOQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

33ms
32ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 06:44:25 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-2080-5c3aeac410031"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=86743
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 2586
expires: Sat, 05 Jun 2021 02:06:47 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 6DB6
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fd6260b9-895d-4c00-b58f-aab0a8711566

0
128 B

6802ms
32ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fd6260b9-895d-4c00-b58f-aab0a8711566
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 04 Jun 2021 02:00:57 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fd6260b9-895d-4c00-b58f-aab0a8711566
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 04 Jun 2021 02:00:56 GMT

GET
H2

200

/
spl.zeotap.com/ Frame 6DB6
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=9791364A-5D70-4DE7-99E3-E3BC5164F339
https://spl.zeotap.com/?zdid=1332&zcluid=c8786159272a4c1a

95 B
647 B

43ms
42ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1332&zcluid=c8786159272a4c1a
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 659d925ca8d5dfbb-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a7659cdea0000dfbbe7a2a000000001

Redirect headers

location: https://spl.zeotap.com?zdid=1332&zcluid=c8786159272a4c1a
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6DB6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTc5MTM2NEEtNUQ3MC00REU3LTk5RTMtRTNCQzUxNjRGMzM5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

1086ms
40ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:354
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6DB6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEAgunsZe1UStbZDbewe4WU&google_cver=1

42 B
280 B

1086ms
40ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEAgunsZe1UStbZDbewe4WU&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:401
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEAgunsZe1UStbZDbewe4WU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 6DB6 43 B
609 B 6121ms
34ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:10 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 03 Jun 2021 02:01:10 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6DB6
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6354053604714367167

42 B
407 B

124ms
32ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6354053604714367167
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
cache-control: no-store, no-cache, private
x-lat: amspug013:0:412
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6354053604714367167
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6DB6
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:fd6260b9-895d-4c00-b58f-aab0a8711566&gdpr=0&gdpr_consent=

42 B
341 B

96ms
32ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:fd6260b9-895d-4c00-b58f-aab0a8711566&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
cache-control: no-store, no-cache, private
x-lat: amspug009:0:403
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 04 Jun 2021 02:00:57 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:fd6260b9-895d-4c00-b58f-aab0a8711566&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 04 Jun 2021 02:00:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6DB6
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=536177cc-28b9-47af-b08e-8f615acda350

42 B
293 B

116ms
33ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=536177cc-28b9-47af-b08e-8f615acda350
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
cache-control: no-store, no-cache, private
x-lat: amspug008:0:473
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=536177cc-28b9-47af-b08e-8f615acda350
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6DB6
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=655791726943216767&gdpr=0&gdpr_consent=

42 B
518 B

1093ms
39ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=655791726943216767&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:422
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:04 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.74:80
AN-X-Request-Uuid: b69ecc20-4372-4eb2-9d62-a39d9fe44c82
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=655791726943216767&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 9791364A-5D70-4DE7-99E3-E3BC5164F339
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6DB6 43 B
203 B 41ms
35ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/9791364A-5D70-4DE7-99E3-E3BC5164F339?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 6DB6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9791364A-5D70-4DE7-99E3-E3BC5164F339&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KEviZoFE2uXc6mJryY1r8ptPfLRDr5M-~A&gdpr=0&gdpr_consent=

0
128 B

6486ms
34ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KEviZoFE2uXc6mJryY1r8ptPfLRDr5M-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:10 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 04 Jun 2021 02:01:05 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KEviZoFE2uXc6mJryY1r8ptPfLRDr5M-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6DB6
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3efawdPujZ3G44CaiuSVyNnmis3G4o6c3O7m16kQ

42 B
269 B

1124ms
40ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3efawdPujZ3G44CaiuSVyNnmis3G4o6c3O7m16kQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:560
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3efawdPujZ3G44CaiuSVyNnmis3G4o6c3O7m16kQ
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6DB6
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=83dde611-02a5-4b36-a4b1-09a1d2cfc8b0&gdpr=&gdpr_consent=&gdpr_pd=

1 B
335 B

32ms
32ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=83dde611-02a5-4b36-a4b1-09a1d2cfc8b0&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:06 GMT
cache-control: no-store, no-cache, private
x-lat: amspug020:0:421
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=83dde611-02a5-4b36-a4b1-09a1d2cfc8b0&gdpr=&gdpr_consent=&gdpr_pd=
date: Fri, 04 Jun 2021 02:01:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6DB6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLmJXgABiB9EuQA4&gdpr=0&gdpr_consent=

1 B
546 B

130ms
31ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLmJXgABiB9EuQA4&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
cache-control: no-store, no-cache, private
x-lat: amspug014:0:385
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1622772065.909936,VS0,VE0
x-served-by: cache-fra19144-FRA
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLmJXgABiB9EuQA4&gdpr=0&gdpr_consent=
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6DB6
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9088721734973394273&gdpr=0&gdpr_consent=&us_privacy=

1 B
167 B

122ms
32ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9088721734973394273&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
cache-control: no-store, no-cache, private
x-lat: amspug007:0:401
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9088721734973394273&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6DB6
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2e890f60-accd-4231-bd07-d9ec617de7c2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

32ms
31ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2e890f60-accd-4231-bd07-d9ec617de7c2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
cache-control: no-store, no-cache, private
x-lat: amspug006:0:374
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:2e890f60-accd-4231-bd07-d9ec617de7c2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Fri, 04 Jun 2021 02:01:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 6DB6 0
103 B 18ms
11ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=9791364A-5D70-4DE7-99E3-E3BC5164F339&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:04 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6DB6
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
357 B

40ms
39ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:06 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:450
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:05 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6DB6
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=655791726943216767

42 B
110 B

31ms
31ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=655791726943216767
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
cache-control: no-store, no-cache, private
x-lat: amspug018:0:281
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:05 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.87:80
AN-X-Request-Uuid: b30945e3-909e-4bf4-9cd4-afcc4f304fa9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=655791726943216767
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6DB6
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_f97e89ad-2cec-4f2b-be5d-3ffe71b00806

42 B
397 B

31ms
31ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_f97e89ad-2cec-4f2b-be5d-3ffe71b00806
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:19 GMT
cache-control: no-store, no-cache, private
x-lat: amspug012:0:349
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_f97e89ad-2cec-4f2b-be5d-3ffe71b00806
date: Fri, 04 Jun 2021 02:01:20 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum.casalemedia.com/ Frame 44D2
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4654c36c83c62387%26uid%3D
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4654c36c83c62387%26uid%3D&s=190243&C=1

2 KB
3 KB

43ms
42ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4654c36c83c62387%26uid%3D&s=190243&C=1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bf316506fb90f67fece74479180127637aceca949be0f49251686e8092df7ac2

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.us.e-planning.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=5236; CMPRO=1185; CMST=YLmJYmC5iWIA; CMRUM3=bf60b9896205a0&e660b989622760&f160b9896205a0&2e60b9896205a0&2d60b9896205a0&da60b989622760&2760b989620b40&2f60b9896205a0; CMID=YLmJZNspkxR-NUKkLj.b1QAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 73|130|3|206|45|41|4|40
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1632
Expires: Fri, 04 Jun 2021 02:01:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:08 GMT
Connection: keep-alive
Set-Cookie: CMID=YLmJZNspkxR-NUKkLj.b1QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 04 Jun 2022 02:01:08 GMT CMPS=5236;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Sep 2021 02:01:08 GMT CMPRO=1185;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Sep 2021 02:01:08 GMT CMST=YLmJYmC5iWQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 05 Jun 2021 02:01:08 GMT CMRUM3=ce60b9896405a0&f160b9896205a0&bf60b9896205a0&e660b989622760&2e60b9896205a0&2860b9896405a00&4960b9896405a0&2d60b9896405a0&8260b98964a8c0&da60b989622760&2760b989620b40&0360b9896405a0&2f60b9896205a0&0460b9896405a0&2960b9896405a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 04 Jun 2022 02:01:08 GMT

Redirect headers

Server: Apache
Content-Length: 345
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4654c36c83c62387%26uid%3D&s=190243&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 04 Jun 2021 02:01:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:08 GMT
Connection: keep-alive
Set-Cookie: CMID=YLmJZNspkxR-NUKkLj.b1QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 04 Jun 2022 02:01:08 GMT CMPS=5236;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Sep 2021 02:01:08 GMT

GET
H2 200 / Show response
spl.zeotap.com/ Frame 9AA2 8 KB
2 KB 65ms
41ms Document
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6df3484a221ebccda6a7ad021b3cfe9f61f35c1309ac6fe9d50ba454a2d71b5d

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
set-cookie: zc=1a4ff3a5-5629-4180-63a2-59891f08cd19; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%EFNm%80%E6%C9%FD%02%9E%D4%5DHRJ%DD%60%DD%99%AC%F3Hj%7D%EA%DF%05%8F%EA%22%87n%00%95g%E3%08%AA%12o%D34V%FFX%BCD%D7z%0A%8Bg%06%AF%12%2F%5B%0A%85%CAG%9D%28%9Bm%8C%C0%E6%D8Rs%C5%23%8E%D1%CC%C3%F8%3Ec%C6%940%F4%21%7F%BC55%A8%C2%C9_%FF%B1%3A%DC%A98TD%3DC%AC%1B%A7%EC%C0Fq%D02%CA%D5%3A%F0%8Az%7Cc4%C5%C1%E8%A5%82%C2X%E9%AF%1C%EE%D6%D5%3D%DEY%86%E9%84%9D%F8%2B%B0%D4%C6%29~%F9%B4%5D%FE%E7%CA%87%D1%1A%16t%19%B2%DB%C6%11%FAsG%D9%E4; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 0a7659ba9f0000dfbbb73a1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 659d923dcb0bdfbb-FRA
content-encoding: br

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E6A7 31 KB
9 KB 37ms
36ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2

Request headers

Referer: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:01:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 21:11:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9867
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9301
Expires: Fri, 04 Jun 2021 04:45:31 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
119ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772064922&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5C18 338 KB
116 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:04 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FC71 338 KB
116 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:04 GMT

GET
H2

200

um
sync.e-planning.net/ Frame E6A7
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
https://sync.e-planning.net/um?uid=KPHOL4K3-6-43Q0&dc=9bcc91305985f0db&iss=1

42 B
104 B

344ms
35ms

Image
image/gif

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?uid=KPHOL4K3-6-43Q0&dc=9bcc91305985f0db&iss=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
server: openresty
content-type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://sync.e-planning.net/um?uid=KPHOL4K3-6-43Q0&dc=9bcc91305985f0db&iss=1
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 9AA2 0
0 36ms
36ms Image
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9AA2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73...
https://mwzeom.zeotap.com/mw?google_gid=CAESED-hPF7-cQlLXF_UxnRxn-k&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f...

95 B
189 B

34ms
33ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESED-hPF7-cQlLXF_UxnRxn-k&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659d923e6b9fdfbb-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a7659bb070000dfbbf23e3000000001

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESED-hPF7-cQlLXF_UxnRxn-k&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9AA2
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=0fc70080-124f-472c-8edd-8854364bcc09&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829...

95 B
228 B

32ms
32ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=0fc70080-124f-472c-8edd-8854364bcc09&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659d9253785adfbb-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a7659c82a0000dfbbc9083000000001

Redirect headers

date: Fri, 04 Jun 2021 02:01:08 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://mwzeom.zeotap.com/mw?cid=0fc70080-124f-472c-8edd-8854364bcc09&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
alt-svc: clear
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame 9AA2 0
330 B 50ms
40ms Image
text/plain 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:05 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9AA2
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1a4ff3a5-5629-4180-63a2-59891f08cd19%26reqId%3D1...
https://mwzeom.zeotap.com/mw?cid=536177cc-28b9-47af-b08e-8f615acda350&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829...

95 B
178 B

38ms
36ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=536177cc-28b9-47af-b08e-8f615acda350&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659d923e9bbddfbb-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a7659bb1a0000dfbb4c010000000001

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:05 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=536177cc-28b9-47af-b08e-8f615acda350&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 481

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame 9AA2 0
55 B 1833ms
101ms Image
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 68
date: Fri, 04 Jun 2021 02:01:06 GMT
via: 1.1 varnish
server: nginx
x-timer: S1622772067.728033,VS0,VE68
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11552-HHN

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 9AA2 0
361 B 301ms
96ms Image
text/html 2607:ae80:5::49
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:5::49 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:05 GMT
Cache-Control: no-store
Expires: 0
Content-Type: text/html
Content-Length: 0
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 9AA2 0
41 B 39ms
30ms Image
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1a4ff3a5-5629-4180-63a2-59891f08cd19%26reqId%3D15fb8f6c-55a6-4829-73c5-b62735f28fcc%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9AA2
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=136...
https://mwzeom.zeotap.com/mw?cid=c8079880-3736-41e4-8e20-71ab047a948a&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
178 B

33ms
32ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=c8079880-3736-41e4-8e20-71ab047a948a&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659d923f0c47dfbb-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a7659bb640000dfbb62309000000001

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:05 GMT
server: Apache-Coyote/1.1
location: https://mwzeom.zeotap.com/mw?cid=c8079880-3736-41e4-8e20-71ab047a948a&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9AA2
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=1a4ff3a5-5629-4180-63a2-59891f08cd19&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=1a4ff3a5-5629-4180-63a2-59891f08cd19&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=29802880632665058933582141027718999827&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-...

95 B
178 B

34ms
33ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=29802880632665058933582141027718999827&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659d925b8fdcdfbb-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a7659cd380000dfbbfb19d000000001

Redirect headers

DCS: dcs-prod-irl1-1-v008-053c4cf60.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: liEwiJhAQJg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=29802880632665058933582141027718999827&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame 9AA2 0
324 B 6122ms
33ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9AA2
Redirect Chain

https://bn01.er.bemail.it/zeotap.php?_bid=1a4ff3a5-5629-4180-63a2-59891f08cd19&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-...
https://mwzeom.zeotap.com/mw?cid=BE1-2021060404-65913-0.510130001622772068-021840a42fa65a44433f2f47a03d6bb2&zdid=533&env=mWeb

95 B
298 B

30ms
30ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=BE1-2021060404-65913-0.510130001622772068-021840a42fa65a44433f2f47a03d6bb2&zdid=533&env=mWeb
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659d926aadcfdfbb-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a7659d6a60000dfbb0a98b000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=BE1-2021060404-65913-0.510130001622772068-021840a42fa65a44433f2f47a03d6bb2&zdid=533&env=mWeb
Date: Fri, 04 Jun 2021 02:01:08 GMT
Server: nginx/1.10.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9AA2
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=6969752960922679444&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-...

95 B
201 B

32ms
31ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=6969752960922679444&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659d92515e3edfbb-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a7659c6d30000dfbbd6312000000001

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=6969752960922679444&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Date: Fri, 04 Jun 2021 02:01:08 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 9AA2
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=1a4ff3a5-5629-4180-63a2-59891f08cd19
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=1a4ff3a5-5629-4180-63a2-59891f08cd19

95 B
414 B

44ms
43ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=1a4ff3a5-5629-4180-63a2-59891f08cd19

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:08 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Fri, 04 Jun 2021 02:01:08 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=1a4ff3a5-5629-4180-63a2-59891f08cd19
alt-svc: clear
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9AA2
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1a4ff3a5-5629-4180-63a2-59891f08cd19&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1a4ff3a5-5629-4180-63a2-59891f08cd19&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=3EXDnMGoOyDgRwc656aA3e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-48...

95 B
178 B

32ms
31ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=3EXDnMGoOyDgRwc656aA3e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659d924bf982dfbb-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a7659c37a0000dfbb0111e000000001

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:07 GMT
via: 1.1 google
last-modified: Fri, 04 Jun 2021 02:01:07 GMT
server: nginx/1.12.0
location: https://mwzeom.zeotap.com/mw?webouuid=3EXDnMGoOyDgRwc656aA3e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 2.gif
dmp.theadex.com/d/949/i/ Frame 9AA2 36 B
378 B 96ms
29ms Image
image/gif 89.163.159.109
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=1a4ff3a5-5629-4180-63a2-59891f08cd19&axd_pid=175
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.163.159.109 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:05 GMT
server: nginx
p3p: CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 36
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9AA2
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=1a4ff3a5-5629-4180-63a2-59891f08cd19?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=1a4ff3a5-5629-4180-63a2-59891f08cd19?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=e3cbda4a3a0ae2318fc27d777e0b117c&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55...

95 B
281 B

30ms
30ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=e3cbda4a3a0ae2318fc27d777e0b117c&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659d9258fdaedfbb-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a7659cb9e0000dfbb01172000000001

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:09 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=e3cbda4a3a0ae2318fc27d777e0b117c&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
cache-control: no-cache
x-server: 10.45.1.155
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9AA2
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-oBmroA1E2oo3dWskrygQ0ztUvLJUwOyTCQ--~A&zpartnerid=570&env=mWeb

95 B
202 B

32ms
32ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-oBmroA1E2oo3dWskrygQ0ztUvLJUwOyTCQ--~A&zpartnerid=570&env=mWeb
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659d92474d36dfbb-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a7659c0910000dfbbba842000000001

Redirect headers

date: Fri, 04 Jun 2021 02:01:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-oBmroA1E2oo3dWskrygQ0ztUvLJUwOyTCQ--~A&zpartnerid=570&env=mWeb
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9AA2
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ff9l181Aflt0LHUgwPtf3%2F0%2FgUEbeQ6t%2BS41iYitP1U%3D

95 B
178 B

30ms
30ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ff9l181Aflt0LHUgwPtf3%2F0%2FgUEbeQ6t%2BS41iYitP1U%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659d92485e2cdfbb-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a7659c1350000dfbbce9c0000000001

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:06 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ff9l181Aflt0LHUgwPtf3%2F0%2FgUEbeQ6t%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame 9AA2 43 B
324 B 1148ms
52ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=1a4ff3a5-5629-4180-63a2-59891f08cd19&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:07 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 9AA2 0
337 B 165ms
54ms Image
text/plain 34.252.41.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.41.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-41-130.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:06 GMT
cache-control: private, no-cache, no-store
x-request-time: D=63 t=1622772066
x-served-by: beacon-n010-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 9AA2 95 B
358 B 39ms
34ms Image
image/png 168.119.146.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=1a4ff3a5-5629-4180-63a2-59891f08cd19&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.39.146.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
server: nginx/1.10.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9AA2
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YLmJXgABiB9EuQA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62...

95 B
178 B

30ms
29ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YLmJXgABiB9EuQA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659d923efc32dfbb-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a7659bb5c0000dfbb3a3f0000000001

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:05 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1622772065.003053,VS0,VE93
x-served-by: cache-fra19144-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YLmJXgABiB9EuQA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9AA2
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?cid=fd6260b9-895d-4c00-b58f-aab0a8711566&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6...

95 B
201 B

31ms
31ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=fd6260b9-895d-4c00-b58f-aab0a8711566&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 659d924b48bedfbb-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a7659c3090000dfbbbd10e000000001

Redirect headers

Date: Fri, 04 Jun 2021 02:01:07 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=fd6260b9-895d-4c00-b58f-aab0a8711566&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 04 Jun 2021 02:03:15 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 9AA2
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=OKQKyF1i&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=1a4ff3a5-5629-4180-63a2-59891f08cd19

0
335 B

55ms
54ms

Image
text/plain

34.252.41.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=1a4ff3a5-5629-4180-63a2-59891f08cd19
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.41.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-41-130.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:07 GMT
cache-control: private, no-cache, no-store
x-request-time: D=25 t=1622772067
x-served-by: beacon-n014-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Fri, 04 Jun 2021 02:01:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: https://spl.zeotap.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: text/html; charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=1a4ff3a5-5629-4180-63a2-59891f08cd19
access-control-allow-credentials: true
cf-ray: 659d924dbb28dfbb-FRA
access-control-allow-headers: *
cf-request-id: 0a7659c4960000dfbb6e0ab000000001

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 9AA2
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1a4ff3a5-5629-4180-63a2-59891f08cd19&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1a4ff3a5-5629-4180-63a2-59891f08cd19&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a...

43 B
433 B

54ms
53ms

Image
image/gif

52.95.123.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1a4ff3a5-5629-4180-63a2-59891f08cd19&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361&dcc=t
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:07 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:07 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=1a4ff3a5-5629-4180-63a2-59891f08cd19&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 87734
tags.bluekai.com/site/ Frame 9AA2 62 B
425 B 241ms
175ms Image
image/gif 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=1a4ff3a5-5629-4180-63a2-59891f08cd19&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:07 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 745f
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame 9AA2 0
38 B 167ms
51ms Image
text/plain 34.249.223.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1a4ff3a5-5629-4180-63a2-59891f08cd19%26reqId%3D15fb8f6c-55a6-4829-73c5-b62735f28fcc%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.223.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-223-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:07 GMT
content-length: 0

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 9AA2 557 B
516 B 45ms
42ms Script
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a38e017c53d62f8dadcdc3840e9f81b647845466c3f8326e3bd99fdae03c99b1

Request headers

Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 659d923e2b60dfbb-FRA
date: Fri, 04 Jun 2021 02:01:05 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 0a7659bad90000dfbb6e040000000001

GET
H2 204 cmp
spl.zeotap.com/ Frame 9AA2 0
0 39ms
39ms Document
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1a4ff3a5-5629-4180-63a2-59891f08cd19&reqId=15fb8f6c-55a6-4829-73c5-b62735f28fcc&zdid=1361&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=1a4ff3a5-5629-4180-63a2-59891f08cd19; zsc=%EFNm%80%E6%C9%FD%02%9E%D4%5DHRJ%DD%60%DD%99%AC%F3Hj%7D%EA%DF%05%8F%EA%22%87n%00%95g%E3%08%AA%12o%D34V%FFX%BCD%D7z%0A%8Bg%06%AF%12%2F%5B%0A%85%CAG%9D%28%9Bm%8C%C0%E6%D8Rs%C5%23%8E%D1%CC%C3%F8%3Ec%C6%940%F4%21%7F%BC55%A8%C2%C9_%FF%B1%3A%DC%A98TD%3DC%AC%1B%A7%EC%C0Fq%D02%CA%D5%3A%F0%8Az%7Cc4%C5%C1%E8%A5%82%C2X%E9%AF%1C%EE%D6%D5%3D%DEY%86%E9%84%9D%F8%2B%B0%D4%C6%29~%F9%B4%5D%FE%E7%CA%87%D1%1A%16t%19%B2%DB%C6%11%FAsG%D9%E4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 0a7659bb0c0000dfbb8219e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 659d923e7ba9dfbb-FRA

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0DA0 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101085
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FC71 44 KB
16 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:05 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame FC71 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2ED0 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101085
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5C18 44 KB
16 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:05 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5C18 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8721 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 385
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AC61 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 385
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C014 38 KB
14 KB 34ms
34ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=9791364A-5D70-4DE7-99E3-E3BC5164F339; chkChromeAb67Sec=1; DPSync3=1622851200%3A174%7C1623974400%3A197_219_201; SyncRTB3=1623974400%3A230_176_81_234_8_55_99_204_13_22_222_220_7_165_21_56_71_88_166_54_161_3_189%7C1625356800%3A203%7C1623369600%3A2_223_67_15%7C1623628800%3A63%7C1624060800%3A35; KRTBCOOKIE_218=22978-YLmJXgABiB9EuQA4&KRTB&23194-YLmJXgABiB9EuQA4&KRTB&23209-YLmJXgABiB9EuQA4&KRTB&23244-YLmJXgABiB9EuQA4; PUBMDCID=3; KRTBCOOKIE_391=22924-6354053604714367167&KRTB&23263-6354053604714367167; KRTBCOOKIE_22=14911-9088721734973394273; KRTBCOOKIE_27=16735-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&16736-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&23019-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&23114-uid:fd6260b9-895d-4c00-b58f-aab0a8711566; KRTBCOOKIE_377=6810-536177cc-28b9-47af-b08e-8f615acda350&KRTB&22918-536177cc-28b9-47af-b08e-8f615acda350&KRTB&23031-536177cc-28b9-47af-b08e-8f615acda350; PugT=1622772063; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=136619
expires: Sat, 05 Jun 2021 15:58:04 GMT
date: Fri, 04 Jun 2021 02:01:05 GMT
vary: Accept-Encoding

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0DA0 156 B
142 B 198ms
198ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4102935951977254&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3944310579&sdk_apis=2%2C8&sid=2BE1A240-450E-445A-A3D5-6F45E0C7E17B&eid=44737475&top=https%3A%2F%2Fvnexpress.net%2F&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772065219&cookie=ID%3D6858f3710ab6c25d%3AT%3D1622772059%3AS%3DALNI_MYirdMmQeB_a5GarT8LsCG4rIkAYw&scor=4120643957507512&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2ED0 156 B
142 B 181ms
180ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3993341797830981&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3734872174&sdk_apis=2%2C7%2C8&sid=18CF683D-C254-4C90-908A-C01F95B18A94&eid=44736271%2C44737473&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772065225&cookie=ID%3D6858f3710ab6c25d%3AT%3D1622772059%3AS%3DALNI_MYirdMmQeB_a5GarT8LsCG4rIkAYw&scor=680470578391778&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C014 2 KB
2 KB 31ms
31ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69447872&p=158804&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: fd4df3fcc3bdd407bcb2cfbe056d56494ca5fd8867c3cd6953c53868c14a345f

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:03 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/15238/ Frame 8EBD 38 KB
11 KB 1158ms
46ms Script
application/json 52.222.158.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.158.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-158-126.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 03 Jun 2021 14:40:20 GMT
content-encoding: gzip
last-modified: Thu, 02 Jul 2020 15:35:12 GMT
server: AmazonS3
age: 40847
etag: W/"2b2f816f40499d384e118ce88a266e02"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 3a8edddef426fa2ccd39a94df6457fee.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: CDG52-P2
x-amz-cf-id: 2vd-mJKBE1nYFPRb7mm9Lq7uNtWGOIzTSY5o6VEnNMWh_Q73nL1PCg==

GET
H2 200 sirdata_03022021.html Show response
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 5ECA 636 B
577 B 34ms
34ms Document
text/html 5.178.65.253
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: 14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method: GET
:authority: s.e-planning.net
:scheme: https
:path: /esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: E=AOkPQCHuLJHhD3UL
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

server: openresty
date: Fri, 04 Jun 2021 02:01:05 GMT
content-type: text/html
last-modified: Wed, 03 Feb 2021 21:18:20 GMT
etag: W/"601b131c-27c"
expires: Wed, 03 Jun 2026 02:01:05 GMT
cache-control: max-age=157680000
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 e-planning Show response
sync.quantumdex.io/usersync/ Frame 5274 3 KB
1 KB 193ms
171ms Document
text/html 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/e-planning
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd1c265048683ab1f28d4d7a062168b2c7c3859d3dee56fbecf3b35502bd47de

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/e-planning
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
content-type: text/html
set-cookie: uid=af138d11-7d69-4179-bb62-9633d92ee020; expires=Thu, 24 Jun 2021 02:01:05 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0a7659bbed00004ec7469fc000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Hm9tG%2FsA6vEmm7maKT4TrS71KjZHlUZhB4z6myfLXTW9VDWVl11Pm5RHkFoPxy9EbkPfZDj9vvH%2FJzZDuBJO0TXwtbLnDluhQdkFZ4mjm7z5gEneAfBxaqBQxm9fO7JLT6%2Bko3z%2Fa82oU%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 659d923feb194ec7-FRA
content-encoding: br

GET
H2

200

setuid Show response
rtb.adxpremium.services/ Frame 5B77
Redirect Chain

https://ads.us.e-planning.net/getuid/1/5a1ad71d2d53a0f5?https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=$UID
https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AOkPQCHuLJHhD3UL

0
1 KB

342ms
41ms

Document
text/plain

2606:4700:e6::ac40:c219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AOkPQCHuLJHhD3UL
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fads.us.e-planning.net%2Fgetuid%2F1%2F5a1ad71d2d53a0f5%3Fhttps%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: rtb.adxpremium.services
:scheme: https
:path: /setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AOkPQCHuLJHhD3UL
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.us.e-planning.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSCookie=1; uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJiNmFiODYxM2U2YTFhYzEwIiwiZXhwaXJlcyI6IjIwMjEtMDYtMThUMDQ6MDE6MDMuNjAyMzM1ODQrMDI6MDAifSwibWFyc21lZGlhIjp7InVpZCI6IjY1NTc5MTcyNjk0MzIxNjc2NyIsImV4cGlyZXMiOiIyMDIxLTA2LTE4VDA0OjAxOjA0LjU1NDQ0NjY5MyswMjowMCJ9fSwiYmRheSI6IjIwMjEtMDYtMDRUMDQ6MDE6MDMuNjAyMzI5NDg5KzAyOjAwIn0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.us.e-planning.net/

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: SSCookie=1; Path=/; Expires=Thu, 02 Sep 2021 02:01:05 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJiNmFiODYxM2U2YTFhYzEwIiwiZXhwaXJlcyI6IjIwMjEtMDYtMThUMDQ6MDE6MDMuNjAyMzM1ODQrMDI6MDAifSwiZXBsYW5uaW5nIjp7InVpZCI6IkFPa1BRQ0h1TEpIaEQzVUwiLCJleHBpcmVzIjoiMjAyMS0wNi0xOFQwNDowMTowNS41OTY2MTQ4NjcrMDI6MDAifSwibWFyc21lZGlhIjp7InVpZCI6IjY1NTc5MTcyNjk0MzIxNjc2NyIsImV4cGlyZXMiOiIyMDIxLTA2LTE4VDA0OjAxOjA0LjU1NDQ0NjY5MyswMjowMCJ9fSwiYmRheSI6IjIwMjEtMDYtMDRUMDQ6MDE6MDMuNjAyMzI5NDg5KzAyOjAwIn0=; Path=/; Domain=adxpremium.services; Expires=Thu, 02 Sep 2021 02:01:05 GMT; Secure; SameSite=None
vary: Origin
cf-cache-status: DYNAMIC
cf-request-id: 0a7659bd230000dfd38931c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TpjtzRtWsgLCAORsaYjtIemwrsaByikAshKYZi6%2BYJyyu5C%2BpQvYrwGop86xP5vsK2Fkwg5ijsZwr8ogDOZ6cKAwqhJYQ3fjplRAebHCS75kdBEmE0GG7sQti5F6AnulV3lCOlBUMovKHgoFB2hnfXg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 659d9241d98ddfd3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

server: openresty
date: Fri, 04 Jun 2021 02:01:05 GMT
content-type: text/html; charset=iso-8859-1
location: https://rtb.adxpremium.services/setuid?bidder=eplanning&gdpr=1&gdpr_consent=&uid=AOkPQCHuLJHhD3UL
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires: Fri, 04 Jun 2021 02:01:05 GMT
x-sid: AMS-746

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 62F1 0
44 B 1123ms
123ms Document
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Fri, 04 Jun 2021 02:01:06 GMT
server: b

GET
H2

200

check Show response
pixel.tapad.com/idsync/ex/receive/ Frame 5E95
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

95 B
165 B

43ms
43ms

Document
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.tapad.com
:scheme: https
:path: /idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TapAd_TS=1622772068327; TapAd_DID=0fc70080-124f-472c-8edd-8854364bcc09
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 04 Jun 2021 02:01:08 GMT
strict-transport-security: max-age=31536000
content-type: image/png
content-length: 95
server: Jetty(9.4.36.v20210114)
via: 1.1 google
alt-svc: clear

Redirect headers

date: Fri, 04 Jun 2021 02:01:08 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1622772068326;Expires=Tue, 03 Aug 2021 02:01:08 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=d756d393-b713-4479-9c1b-d2fc69533b75;Expires=Tue, 03 Aug 2021 02:01:08 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length: 0
server: Jetty(9.4.36.v20210114)
via: 1.1 google
alt-svc: clear

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4E82
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:p7ASOpuU1LOZ955&gdpr=0&gdpr_consent=

42 B
289 B

32ms
31ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:p7ASOpuU1LOZ955&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:p7ASOpuU1LOZ955&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; SPugT=1622772070
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 02:01:10 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_107=1471-uid:p7ASOpuU1LOZ955; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 02:01:10 GMT; path=/ PugT=1622772070; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Jul-2021 02:01:10 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 02:01:10 GMT; path=/
x-lat: amspug020:0:423
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Fri, 04 Jun 2021 02:01:11 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:p7ASOpuU1LOZ955&gdpr=0&gdpr_consent=
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma: no-cache
Server: PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-077182e85f3323570@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=p7ASOpuU1LOZ955; Domain=.w55c.net; Expires=Mon, 04-Jul-2022 02:01:12 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sun, 04-Jul-2021 02:01:12 GMT; Path=/; SameSite=None; Secure
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 85C3
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pxt1cxW2Q5JTcoo26BJvS8TwOaQ

42 B
372 B

32ms
32ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pxt1cxW2Q5JTcoo26BJvS8TwOaQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pxt1cxW2Q5JTcoo26BJvS8TwOaQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PUBMDCID=3; SPugT=1622772070; KRTBCOOKIE_107=1471-uid:p7ASOpuU1LOZ955; PugT=1622772070
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 02:01:11 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_860=16335-pxt1cxW2Q5JTcoo26BJvS8TwOaQ; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 02:01:11 GMT; path=/ PugT=1622772071; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Jul-2021 02:01:11 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 02:01:11 GMT; path=/
x-lat: amspug017:0:455
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Fri, 04 Jun 2021 02:01:12 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pxt1cxW2Q5JTcoo26BJvS8TwOaQ
Set-Cookie: sa-user-id=s%3A0-5707ef25-7f97-401e-6e2f-b397b3cf526b.46wLv45Pip9ZKuf8GA3q1ZaFEICwEfyC5Dcls6Nc16E; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-5707ef25-7f97-401e-6e2f-b397b3cf526b%24ip%24196.240.57.164.%2B1VwjXLbENpHzIYI67hvAmI635gGO6R%2ByTIXPgbXECs; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 159
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4B41
Redirect Chain

https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
https://match.bnmla.com/usersync?dspid=6&uuid=C6571DA7A18D4B97BB35BB88E030C2B9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=56dd738b-56ac-4170-9993-10100673625f

42 B
547 B

31ms
31ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=56dd738b-56ac-4170-9993-10100673625f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=56dd738b-56ac-4170-9993-10100673625f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 02:01:15 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_308=22925-56dd738b-56ac-4170-9993-10100673625f&KRTB&23158-56dd738b-56ac-4170-9993-10100673625f; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 02:01:15 GMT; path=/ PugT=1622772075; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 04-Jul-2021 02:01:15 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 02:01:15 GMT; path=/
x-lat: amspug017:0:279
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Fri, 04 Jun 2021 02:01:16 GMT
Content-Length: 0
Connection: keep-alive
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=56dd738b-56ac-4170-9993-10100673625f

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C6D6
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4CCDE0A0FAC94D62B005743F5EC7C30A

1 B
144 B

31ms
31ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4CCDE0A0FAC94D62B005743F5EC7C30A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4CCDE0A0FAC94D62B005743F5EC7C30A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Fri, 04 Jun 2021 02:01:10 GMT
content-type: text/html; charset=utf-8
content-length: 1
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 02-Sep-2021 02:01:10 GMT; path=/
x-lat: amspug016:0:384
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: nginx
date: Fri, 04 Jun 2021 02:01:10 GMT
content-type: text/html
content-length: 154
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4CCDE0A0FAC94D62B005743F5EC7C30A
set-cookie: suid=4CCDE0A0FAC94D62B005743F5EC7C30A; Path=/; domain=simpli.fi; Expires=Sun, 05-Jun-22 02:01:10 GMT; SameSite=none; Secure; suid_legacy=4CCDE0A0FAC94D62B005743F5EC7C30A; Path=/; domain=simpli.fi; Expires=Sun, 05-Jun-22 02:01:10 GMT; Secure;
expires: Thu, 03 Jun 2021 02:01:10 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame C014
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9791364A-5D70-4DE7-99E3-E3BC5164F339&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=9791364A-5D70-4DE7-99E3-E3BC5164F339&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=9791364A-5D70-4DE7-99E3-E3BC5164F339&addseg=19,36,42

7 B
78 B

113ms
39ms

Image
text/plain

185.64.190.87
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=9791364A-5D70-4DE7-99E3-E3BC5164F339&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:12 GMT
content-length: 7
content-type: text/plain; charset=utf-8

Redirect headers

date: Fri, 04 Jun 2021 02:01:12 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=9791364A-5D70-4DE7-99E3-E3BC5164F339&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame C014
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9791364A-5D70-4DE7-99E3-E3BC5164F339&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9791364A-5D70-4DE7-99E3-E3BC5164F339&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

43ms
42ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9791364A-5D70-4DE7-99E3-E3BC5164F339&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:11 GMT
frontend-id: 10
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:11 GMT
frontend-id: 0
location: /pubmatic/1/info2?sType=sync&sExtCookieId=9791364A-5D70-4DE7-99E3-E3BC5164F339&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame C014 95 B
196 B 37ms
35ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=9791364A-5D70-4DE7-99E3-E3BC5164F339
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 659d923fed3bdfbb-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a7659bbf50000dfbb10a2b000000001

GET
H2

204

/
loadm.exelator.com/load/ Frame C014
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=71&buid=9791364A-5D70-4DE7-99E3-E3BC5164F339&gdpr=0&gdpr_consent=&j=0
https://loadm.exelator.com/load/?p=204&g=71&buid=9791364A-5D70-4DE7-99E3-E3BC5164F339&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1

0
751 B

39ms
39ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=71&buid=9791364A-5D70-4DE7-99E3-E3BC5164F339&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Fri, 04 Jun 2021 02:01:16 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=71&buid=9791364A-5D70-4DE7-99E3-E3BC5164F339&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C014
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bfcb1713-c4d8-11eb-bdfa-8bc0de1c9fb7&gdpr=0&gdpr_consent=

1 B
235 B

31ms
31ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bfcb1713-c4d8-11eb-bdfa-8bc0de1c9fb7&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:15 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:366
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bfcb1713-c4d8-11eb-bdfa-8bc0de1c9fb7&gdpr=0&gdpr_consent=
Date: Fri, 04 Jun 2021 02:01:17 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: bfcb1714-c4d8-11eb-bdfa-8bc0de1c9fb7

GET
H2 200 GS.d Show response
js.cookieless-data.com/ Frame 5ECA 0
367 B 146ms
48ms Script
text/plain 51.158.28.83
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1622772065275

Requested by

Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.28.83 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-28-83.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Referer: https://s.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:05 GMT
server: nginx/1.11.3
strict-transport-security: max-age=15724800; includeSubDomains; preload
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-length: 0
x-xss-protection: 0
expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5274
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-GMHYAb9E2uFIl05DiWKmHSf2.r5SKHZfxIcsEyc-~A

43 B
356 B

134ms
134ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-GMHYAb9E2uFIl05DiWKmHSf2.r5SKHZfxIcsEyc-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CSljErWgIf%2FkAmSUkzGjeFME58%2BFdPPjBH7thd8OE%2F3lHjKdgMAusW1BTH7TLr09Ht%2BTcfFgrHJSZqClPcVeFmA%2BC3UtChgOlG0X8mBWb2IM53ZGYzdtCnA6y8wmNGAXbF9cOvnCEg0JtHs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659d92412d414ec7-FRA
content-length: 43
cf-request-id: 0a7659bcbd00004ec765074000000001

Redirect headers

Date: Fri, 04 Jun 2021 02:01:05 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-GMHYAb9E2uFIl05DiWKmHSf2.r5SKHZfxIcsEyc-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5274
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=655791726943216767

43 B
341 B

129ms
129ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=655791726943216767
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YAHC8PHUrh2YHiRVYY2rPLKwMIscL%2BNl2oCUEDEiur1wjAD2gLx5yWRubEsGqoGh7h6q3gIFL7XCF6sD22OgQKD1iBRxnWpxujt1oWaFihTf07TGQ3gUQ%2BhYmO1kRy%2B7Z3DRfozmQvHqdcg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659d92419dc54ec7-FRA
content-length: 43
cf-request-id: 0a7659bd0100004ec73f197000000001

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:05 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.46:80
AN-X-Request-Uuid: d1969a94-a318-4c0b-be17-cda8d2bc0a95
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=655791726943216767
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5274
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=655791726943216767

43 B
346 B

129ms
128ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=655791726943216767
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vQ3CJqYP7FGVAidx4XAa0EVah7Dh%2FkaGeieOEAUnj6v%2FS4fYgzQKYmyN6%2FONxVOOOZifz7M81Kck0jVrnmlH8%2BPLs5MYGlQpMrp%2BMITtY9ielrP6qrH6nzGIe1KRPYcYRKlpvvbQplsGn%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659d9241addf4ec7-FRA
content-length: 43
cf-request-id: 0a7659bd0900004ec773a08000000001

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:05 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.79:80
AN-X-Request-Uuid: 2afd4c0f-8c1b-4ad2-accc-45f3ecb8d973
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=655791726943216767
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5274
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=f453d049-cae5-529b-a628-57f0c691de98

43 B
510 B

133ms
133ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=f453d049-cae5-529b-a628-57f0c691de98
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:12 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3j%2FoHVw2ESSL2wHf%2Bu0n1SMSWMO%2Fy2UuUIanPTVig5JrDYoYhcq8BX6M%2FO6dF2i%2FnTjcf71wPLteWH%2Fe7DRx5pzbk6uIrToC77q9GMvZ19aQT8%2BSnIPLEE8x8YqegUkqyGEz9nm%2FFKDSYAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659d926f2a884ec7-FRA
content-length: 43
cf-request-id: 0a7659d97a00004ec738acd000000001

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=f453d049-cae5-529b-a628-57f0c691de98
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 5274 0
474 B 37ms
35ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:05 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5274
Redirect Chain

https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
https://sync.quantumdex.io/setuid?bidder=adman&uid=9a4adf7533dc217de2293d5fb76b49e49337c1c7

43 B
368 B

126ms
126ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=adman&uid=9a4adf7533dc217de2293d5fb76b49e49337c1c7
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yiC%2B72xaxmLmnUWRdgK1PmgfeVFFSrU%2FEe5MNhLHqCXfMLgBUZPjgZmqdGqujyTjfHwNKlT1OdKgsZoMYyrUCyHq1rUpgQJjO0WDIpb4KjpztIyy1gmaX6%2Fz3uOQHDTd%2F7Ch8ATlM4cMlwg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659d9256adc14ec7-FRA
content-length: 43
cf-request-id: 0a7659ca2800004ec7ff0c5000000001

Redirect headers

Location: https://sync.quantumdex.io/setuid?bidder=adman&uid=9a4adf7533dc217de2293d5fb76b49e49337c1c7
Date: Fri, 04 Jun 2021 02:01:08 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

setuid
sync.quantumdex.io/ Frame 5274
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=655791726943216767

43 B
341 B

124ms
123ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=655791726943216767
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6JXySQ9u3cdFsrZ19SfwY8NA0mYUT6H90nXNzHu7JUoUTGVlFfsaYvgcfDYi3cGOOIawrTAUNxOPm5aYJiD%2BTgyDd0i526mTmmEEw3xnGsZQPSR6Pr6mKY%2FD6HPRndADUEZwDuUDaWOKogA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659d9241ce204ec7-FRA
content-length: 43
cf-request-id: 0a7659bd2000004ec767263000000001

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:05 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.77:80
AN-X-Request-Uuid: 500955d5-2877-421a-9c88-f1994d6ebe16
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=655791726943216767
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 um
sync.e-planning.net/ Frame 5274 42 B
103 B 37ms
35ms Image
image/gif 46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=af138d11-7d69-4179-bb62-9633d92ee020
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
server: openresty
content-type: image/gif

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 0033 3 KB
1 KB 32ms
31ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

a58f914bec3355894155534218419c28daf3f972cf3a41449bf8318b91584d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OTP=6KAwdfX7Wwm6VRDxQQ9nuC4Q6kmlxM6cdtKAUbEEJU8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie: OTP=0sOJHKn1-NnkNZo73kE2J1gAeHZsE_bWGlnaL3EqPJ4; path=/; expires=Sun, 04 Jun 2023 02:01:05; domain=onetag-sys.com; SameSite=None; Secure
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 978A 0
0 3456ms
149ms Document
text/plain 67.202.110.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.23 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-110.static.steadfastdns.net
Software: 33XP003 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

x-33x-status: 2000208
server: 33XP003
date: Fri, 04 Jun 2021 02:01:08 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame A26B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

42ms
41ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9bf5f019522d7bade2a4451173bd58b8428994909ce229158ad9a12d6395d49c

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YLmJYtQ9GfbVtRnS2n9s8wAA; CMPS=5236
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|241|45|230|46|218|47|191
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1867
Expires: Fri, 04 Jun 2021 02:01:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:06 GMT
Connection: keep-alive
Set-Cookie: CMID=YLmJYtQ9GfbVtRnS2n9s8wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 04 Jun 2022 02:01:06 GMT CMPS=5236;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Sep 2021 02:01:06 GMT CMPRO=1185;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Sep 2021 02:01:06 GMT CMRUM3=2760b989620b40&2f60b9896205a0&da60b989622760&2d60b9896205a0&f160b9896205a0&bf60b9896205a0&e660b989622760&2e60b9896205a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 04 Jun 2022 02:01:06 GMT CMST=YLmJYmC5iWIA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 05 Jun 2021 02:01:06 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 04 Jun 2021 02:01:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:06 GMT
Connection: keep-alive
Set-Cookie: CMID=YLmJYtQ9GfbVtRnS2n9s8wAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 04 Jun 2022 02:01:06 GMT CMPS=5236;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Sep 2021 02:01:06 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame FD82 43 B
551 B 69ms
35ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Fri, 04 Jun 2021 02:01:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YLmJZ; path=/; domain=.go.sonobi.com

GET
H2

200

/
onetag-sys.com/sync/i,29/ Frame 0033
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/sync/i,29/?tdid=536177cc-28b9-47af-b08e-8f615acda350&ttl=1625364065

43 B
375 B

31ms
31ms

Image
image/gif

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,29/?tdid=536177cc-28b9-47af-b08e-8f615acda350&ttl=1625364065

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
cache-control: no-cache, no-transform
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:05 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/sync/i,29/?tdid=536177cc-28b9-47af-b08e-8f615acda350&ttl=1625364065
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 211

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 0033 42 B
720 B 32ms
31ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=6KAwdfX7Wwm6VRDxQQ9nuC4Q6kmlxM6cdtKAUbEEJU8
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

GET
H2 204 sync
pixel.advertising.com/ups/58198/ Frame 0033 0
124 B 33ms
32ms Image
text/plain 52.28.254.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.254.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 setuid
sync.quantumdex.io/ Frame 0033 43 B
343 B 131ms
130ms Image
image/gif 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=onetag&uid=6KAwdfX7Wwm6VRDxQQ9nuC4Q6kmlxM6cdtKAUbEEJU8
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5vZvXBAA163g%2Fw2oBkk9XtlAx2xiQrYWc4AX8xosj3YH1qjztftwrnpM5dZrY7yVEOPrjx%2BwZ17643wkekZOi54glcwRf7Pxgi4UJ3Ne8R0Gsx%2FsNkL0ZmIwKQzc0ImUGlcQE0UZi%2Fq39TY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659d92413d494ec7-FRA
content-length: 43
cf-request-id: 0a7659bcc100004ec73c908000000001

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 119ms
119ms XHR
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=72291&t=1622772060&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622772060819-969018789622-028301-005-006512&cha=0.7&cb=35270495957&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 02:01:05 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame A26B 70 B
264 B 54ms
53ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YLmJYtQ9GfbVtRnS2n9s8wAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame A26B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLmJYtQ9GfbVtRnS2n9s8wAABKEAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLmJYtQ9GfbVtRnS2n9s8wAABKEAAAIB&dcc=t

43 B
433 B

119ms
119ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLmJYtQ9GfbVtRnS2n9s8wAABKEAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:07 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:06 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLmJYtQ9GfbVtRnS2n9s8wAABKEAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A26B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLmJYtQ9GfbVtRnS2n9s8wAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBEjMl4hVM9AvT1dmVQWawg&google_cver=1&gdpr=1

43 B
1 KB

1173ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBEjMl4hVM9AvT1dmVQWawg&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 04 Jun 2021 02:01:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBEjMl4hVM9AvT1dmVQWawg&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame A26B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLmJYtQ9GfbVtRnS2n9s8wAABKEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIcyXoAcVc1dr8ukx1ERBIU&google_cver=1

43 B
315 B

51ms
51ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIcyXoAcVc1dr8ukx1ERBIU&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 04 Jun 2021 02:01:06 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIcyXoAcVc1dr8ukx1ERBIU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame A26B 0
0 37ms
35ms Image
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YLmJYtQ9GfbVtRnS2n9s8wAA%261185
dpm.demdex.net/ Frame A26B 0
0 2945ms
53ms Image
application/json 54.170.210.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YLmJYtQ9GfbVtRnS2n9s8wAA%261185?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.210.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-210-188.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A26B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bahfSC6J1LOZ965&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bahfSC6J1LOZ965&gdpr=1&C=1

43 B
1002 B

39ms
38ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bahfSC6J1LOZ965&gdpr=1&C=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 04 Jun 2021 02:01:13 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bahfSC6J1LOZ965&gdpr=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 290
Expires: Fri, 04 Jun 2021 02:01:13 GMT

GET
H2 200 index
dmp.brand-display.com/cm/api/ Frame A26B 43 B
253 B 3463ms
141ms Image
image/gif 35.241.40.233
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.40.241.35.bc.googleusercontent.com
Software: nginx/1.20.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:09 GMT
via: 1.1 google
last-modified: Fri, 04 Jun 2021 02:01:09 GMT
server: nginx/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 43
expires: Fri, 04 Jun 2021 02:01:10 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame A26B 43 B
367 B 242ms
241ms Image
image/gif 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YLmJYtQ9GfbVtRnS2n9s8wAABKEAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:06 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JCG4JUBTe8lQRdsDgniIQKAbt04HWRxcWXboHrap0fp3dClk1%2ByrH7wYLxn7D%2FbfesyZeasJ99JCHLh%2BV4PrrRQwrR36MvG1W%2BGdhQ28BJCPrp6jqQoaxDScAUPFkepHk4QE2VfT7PL%2FYXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 659d92484fda4ec7-FRA
content-length: 43
cf-request-id: 0a7659c12c00004ec7221f3000000001

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 6DB6 0
375 B 97ms
32ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection: close
date: Fri, 04 Jun 2021 02:01:05 GMT
content-encoding: gzip
server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache
content-type: text/plain; charset=utf-8

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C7AD 38 KB
14 KB 34ms
34ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/showad.js
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=9791364A-5D70-4DE7-99E3-E3BC5164F339; KRTBCOOKIE_218=22978-YLmJXgABiB9EuQA4&KRTB&23194-YLmJXgABiB9EuQA4&KRTB&23209-YLmJXgABiB9EuQA4&KRTB&23244-YLmJXgABiB9EuQA4; PUBMDCID=3; KRTBCOOKIE_391=22924-6354053604714367167&KRTB&23263-6354053604714367167; KRTBCOOKIE_22=14911-9088721734973394273; KRTBCOOKIE_27=16735-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&16736-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&23019-uid:fd6260b9-895d-4c00-b58f-aab0a8711566&KRTB&23114-uid:fd6260b9-895d-4c00-b58f-aab0a8711566; KRTBCOOKIE_377=6810-536177cc-28b9-47af-b08e-8f615acda350&KRTB&22918-536177cc-28b9-47af-b08e-8f615acda350&KRTB&23031-536177cc-28b9-47af-b08e-8f615acda350; repi=1; chkChromeAb67Sec=2; DPSync3=1623974400%3A197_219_201_221_226_227_232%7C1622851200%3A174; SyncRTB3=1627948800%3A69%7C1624060800%3A35%7C1623628800%3A63%7C1623974400%3A81_231_78_176_7_161_104_234_21_71_233_165_189_88_54_5_204_13_22_220_166_230_8_55_3_57_99_222_56%7C1625356800%3A203%7C1623369600%3A67_15_2_223; KRTBCOOKIE_57=22776-655791726943216767; KRTBCOOKIE_80=22987-CAESEEAgunsZe1UStbZDbewe4WU&KRTB&16514-CAESEEAgunsZe1UStbZDbewe4WU&KRTB&23025-CAESEEAgunsZe1UStbZDbewe4WU; KRTBCOOKIE_153=19420-3efawdPujZ3G44CaiuSVyNnmis3G4o6c3O7m16kQ&KRTB&22979-3efawdPujZ3G44CaiuSVyNnmis3G4o6c3O7m16kQ; KRTBCOOKIE_188=3189-no-consent; PugT=1622772066; KRTBCOOKIE_336=5844-3462424979472878295
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=136618
expires: Sat, 05 Jun 2021 15:58:04 GMT
date: Fri, 04 Jun 2021 02:01:06 GMT
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C7AD 182 B
405 B 31ms
31ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33378321&p=159760&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 7ca9f4cee2e6b7806786a2757541b2ede76d9ba0088ffe96530fc108adff1a3f

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 182
content-type: text/html; charset=UTF-8

GET
H2 200 setuid Show response
rtb.adxpremium.services/ Frame 2CCA 0
923 B 290ms
13ms Document
text/plain 2606:4700:e6::ac40:c219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=9791364A-5D70-4DE7-99E3-E3BC5164F339
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: rtb.adxpremium.services
:scheme: https
:path: /setuid?bidder=pubmatic&gdpr=1&gdpr_consent=&uid=9791364A-5D70-4DE7-99E3-E3BC5164F339
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSCookie=1; uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJiNmFiODYxM2U2YTFhYzEwIiwiZXhwaXJlcyI6IjIwMjEtMDYtMThUMDQ6MDE6MDMuNjAyMzM1ODQrMDI6MDAifSwiZXBsYW5uaW5nIjp7InVpZCI6IkFPa1BRQ0h1TEpIaEQzVUwiLCJleHBpcmVzIjoiMjAyMS0wNi0xOFQwNDowMTowNS41OTY2MTQ4NjcrMDI6MDAifSwibWFyc21lZGlhIjp7InVpZCI6IjY1NTc5MTcyNjk0MzIxNjc2NyIsImV4cGlyZXMiOiIyMDIxLTA2LTE4VDA0OjAxOjA0LjU1NDQ0NjY5MyswMjowMCJ9fSwiYmRheSI6IjIwMjEtMDYtMDRUMDQ6MDE6MDMuNjAyMzI5NDg5KzAyOjAwIn0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 04 Jun 2021 02:01:07 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: SSCookie=1; Path=/; Expires=Thu, 02 Sep 2021 02:01:07 GMT; Secure; SameSite=None uids=eyJ0ZW1wVUlEcyI6eyJhZHRlbGxpZ2VudCI6eyJ1aWQiOiJiNmFiODYxM2U2YTFhYzEwIiwiZXhwaXJlcyI6IjIwMjEtMDYtMThUMDQ6MDE6MDMuNjAyMzM1ODQrMDI6MDAifSwiZXBsYW5uaW5nIjp7InVpZCI6IkFPa1BRQ0h1TEpIaEQzVUwiLCJleHBpcmVzIjoiMjAyMS0wNi0xOFQwNDowMTowNS41OTY2MTQ4NjcrMDI6MDAifSwibWFyc21lZGlhIjp7InVpZCI6IjY1NTc5MTcyNjk0MzIxNjc2NyIsImV4cGlyZXMiOiIyMDIxLTA2LTE4VDA0OjAxOjA0LjU1NDQ0NjY5MyswMjowMCJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiI5NzkxMzY0QS01RDcwLTRERTctOTlFMy1FM0JDNTE2NEYzMzkiLCJleHBpcmVzIjoiMjAyMS0wNi0xOFQwNDowMTowNy4yOTk1NTAyNDQrMDI6MDAifX0sImJkYXkiOiIyMDIxLTA2LTA0VDA0OjAxOjAzLjYwMjMyOTQ4OSswMjowMCJ9; Path=/; Domain=adxpremium.services; Expires=Thu, 02 Sep 2021 02:01:07 GMT; Secure; SameSite=None
vary: Origin
cf-cache-status: DYNAMIC
cf-request-id: 0a7659c3da0000dfd39c3a9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mDcPiA1lkEhymr78K0WyCayzce6zmH7JYWkKSCX%2Bosg38pR2t%2FiKaZAT%2FXe1HdvHerxWs6AeHmDmGJ4OFWLheNpLTnCksXyvjHIpFAhWspyHnZK7jxj%2BhvgJgK7dj1hLxTG6IwEc5d8uEa9dWjpjgmw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 659d924c8b15dfd3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1

200

p
a.audrte.com/ Frame C7AD
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=9791364A-5D70-4DE7-99E3-E3BC5164F339
https://a.audrte.com/p

68 B
805 B

120ms
120ms

Image
image/png

34.193.191.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.191.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:01:10 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Fri, 04 Jun 2021 02:01:10 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame C014 0
154 B 32ms
32ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158804&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:06 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 YLmJZNspkxR_NUKkLj-b1QAABKEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 44D2 43 B
192 B 34ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YLmJZNspkxR_NUKkLj-b1QAABKEAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4654c36c83c62387%26uid%3D&s=190243&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 44D2
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADYBE7BcxMAADLZlL-lkQ&expiration=1623981669&gdpr=1

43 B
1 KB

39ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADYBE7BcxMAADLZlL-lkQ&expiration=1623981669&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4654c36c83c62387%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 04 Jun 2021 02:01:09 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADYBE7BcxMAADLZlL-lkQ&expiration=1623981669&gdpr=1
Date: Fri, 04 Jun 2021 02:01:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 44D2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fd6260b9-895d-4c00-b58f-aab0a8711566&gdpr=1&gdpr_consent=

43 B
1 KB

183ms
36ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fd6260b9-895d-4c00-b58f-aab0a8711566&gdpr=1&gdpr_consent=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4654c36c83c62387%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 04 Jun 2021 02:01:08 GMT

Redirect headers

Date: Fri, 04 Jun 2021 02:01:00 GMT
Server: MT3 3759 5f8f15b master zrh-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fd6260b9-895d-4c00-b58f-aab0a8711566&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 04 Jun 2021 02:00:59 GMT

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame 44D2 0
234 B 36ms
35ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YLmJZNspkxR_NUKkLj-b1QAABKEAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4654c36c83c62387%26uid%3D&s=190243&C=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:01:08 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 44D2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLmJZNspkxR-NUKkLj.b1QAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBEjMl4hVM9AvT1dmVQWawg&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

51ms
36ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBEjMl4hVM9AvT1dmVQWawg&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4654c36c83c62387%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 04 Jun 2021 02:01:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBEjMl4hVM9AvT1dmVQWawg&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 44D2 43 B
408 B 714ms
36ms Image
image/gif 72.251.241.204
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4654c36c83c62387%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:08 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-6
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 44D2
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9088721734973394273

43 B
1 KB

166ms
36ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9088721734973394273
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4654c36c83c62387%26uid%3D&s=190243&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 04 Jun 2021 02:01:08 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9088721734973394273
pragma: no-cache
date: Fri, 04 Jun 2021 02:01:07 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 um
u-ams02.e-planning.net/ Frame 44D2 42 B
103 B 37ms
37ms Image
image/gif 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=4654c36c83c62387&uid=YLmJZNspkxR-NUKkLj.b1QAA%261185
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4654c36c83c62387%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:08 GMT
server: openresty
content-type: image/gif

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame B444
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

118ms
118ms

Document
text/html

54.204.142.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4654c36c83c62387%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.142.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-142-198.compute-1.amazonaws.com
Software: /
Resource Hash: d5d87e149d1866d49426522b649401871330e868810ff315d0b25c9943102687

Request headers

:method: GET
:authority: um2.eqads.com
:scheme: https
:path: /um/cs&eq_cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssum.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EQUser=UID=cc08ff4c-88b6-44a9-b74b-78fa22822333
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssum.casalemedia.com/

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Fri, 04 Jun 2021 02:01:09 GMT
pragma: no-cache

Redirect headers

date: Fri, 04 Jun 2021 02:01:09 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1
set-cookie: EQUser=UID=cc08ff4c-88b6-44a9-b74b-78fa22822333; Path=/; Domain=eqads.com; Expires=Sat, 04 Sep 2021 02:01:09 GMT; Secure; SameSite=None

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=72291&t=1622772060&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622772060819-969018789622-028301-005-006512&cha=0.7&cb=35270495957&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&copid=5e4d2a2d2a62e7166c1db7a5&nid=59c9148628a0612da3689288&cocid=5e97fece3706f1266619c969&ncid=5ea84900c94b8975a9508d38&coasid=5ea84ae409a41a723a209314&e=bid&cb=1622772069364&asid=60802fa7bda96b4f7761daec%2C60938ff57621683c2c6776a3%2C5e5e346c28a0613c6a54f5b4&ofpr=%2C%2C&fpo=%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame 8C6F 15 KB
7 KB 155ms
52ms Script
application/javascript 52.48.131.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1245982&orgId=23089&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=http%3A%2F%2Fvnexpress.net&vrid=e10f7624-7ab1-4512-acf0-12bfac6aaf68&pblob=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.131.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-131-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9e9ed2cc2926ccebd564aa7c858d9ec3caae8dfab26e9252bbd139140e015238

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6634

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0F49 338 KB
116 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:09 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 43D0 338 KB
116 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:09 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9D46 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101089
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 43D0 44 KB
16 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:09 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 43D0 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A828 575 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101089
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 0F49 44 KB
16 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:09 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0F49 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 20D9 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 389
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5BDF 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 389
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/ Frame 8C6F 317 KB
102 KB 30ms
6ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Requested by

Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1245982&orgId=23089&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=http%3A%2F%2Fvnexpress.net&vrid=e10f7624-7ab1-4512-acf0-12bfac6aaf68&pblob=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 02 Jun 2021 13:45:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130554
x-amz-server-side-encryption: AES256
x-amz-storage-class: STANDARD_IA
vary: Accept-Encoding
content-length: 104243
x-amz-id-2: cEt0oOK/aLb2WMn33nTwvcMwrEK3ao9e92CWjv+wzLBXvHR58byl1JqXDTaG/WGi4z6alkEt8xs=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 31 Mar 2021 05:09:03 GMT
server: ATS
etag: "ce274b08c0547a727a3ff76c208f4a16-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: SE9JFZ4QRMA96KBF
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame 8C6F 43 B
246 B 101ms
31ms Image
image/gif 18.185.190.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=59ae8acf7cdce04271395139&s=true&pv=10.2.63&ifr=true&cb=0.7394530771164118&pt=o2unit&sid=33cc87c2-ab4e-43bb-8104-1bcbfe9353fc&r=https%3A%2F%2Fvnexpress.net%2F
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Fri, 04 Jun 2021 02:01:09 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 9D46 156 B
142 B 199ms
199ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107863627%2FANI-vnexpress.net-web&description_url=http%3A%2F%2Fvnexpress.net&tfcd=0&npa=0&sz=400x300%7C640x360%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=183206048462754&nofb=1&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2089706068&sdk_apis=2%2C8&sid=9C483AD8-A7C9-40FF-AE2C-FDC9823D1985&eid=210640812&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772069636&cookie=ID%3D6858f3710ab6c25d%3AT%3D1622772059%3AS%3DALNI_MYirdMmQeB_a5GarT8LsCG4rIkAYw&scor=1379813536914520&ged=ve4_td1_tt0_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame B444 43 B
1 KB 37ms
36ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=cc08ff4c-88b6-44a9-b74b-78fa22822333&expiration=1630720869
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 04 Jun 2021 02:01:09 GMT

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ 133 KB
44 KB 1107ms
32ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:10 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 323F191B2EF28804
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=26829
accept-ranges: bytes
content-length: 44266
x-amz-id-2: w1vBWHvJ9SRbTv6kBUzFv3+JSN3a/Rn6XLROBEKaUemhdjhQ2HcKwcNvnRLQiZ2qBEcwDFhSxhs=

GET
H2 200 local-storage.html Show response
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame BC0E 2 KB
781 B 7ms
6ms Document
text/html 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn-ssl.vidible.tv
:scheme: https
:path: /prod/player/ad-time/local-storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

x-amz-id-2: F8WiGMGCkbkHh0BYm/PJNraotFAZyyavWlOMaXrjib6+P+JLMP04+ahKhLmXEo7NexjJAn1mRcM=
x-amz-request-id: 296RWXDH630DQD6W
date: Fri, 21 May 2021 03:02:07 GMT
last-modified: Wed, 19 Feb 2020 12:29:18 GMT
etag: "3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=1209600
age: 1205943
ats-carp-promotion: 1
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-length: 557
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1

200
OK

0SzYvAqqJfH4Pvhp5l0RGQ== Show response
ads-eu.v.ssp.yahoo.com/a/h/ Frame 8C6F
Redirect Chain

https://ads.adaptv.advertising.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=2772061224&gdpr=1&gdpr_consent=&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=196.240.57.164&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3...
https://ads-eu.v.ssp.yahoo.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=2772061224&gdpr=1&gdpr_consent=&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=196.240.57.164&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20...

249 B
529 B

302ms
208ms

XHR
text/xml

52.29.32.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=2772061224&gdpr=1&gdpr_consent=&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=196.240.57.164&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lat=52.46350&lon=13.37920&us_privacy=1---&scpid=5e4d2a2d2a62e7166c1db7a5&eov=eov&hp=1&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fvnexpress.net%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=225&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=2&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=https%3A%2F%2Fvnexpress.net%2F&width=400&a.y_rid=7afc725d-4e70-4afd-b869-ebf5a23bffc4&a.is_yahoo=3&redirect_y=dHM9MTYyMjc3MjA2OTc1Ny43NTgzMDE6YXBpZD1VUGI2YTUyYmJkLWM0ZDgtMTFlYi04Y2RiLTAyNzcwZWFjNmE1MjpyZXF1ZXN0X2lkPTdhZmM3MjVkLTRlNzAtNGFmZC1iODY5LWViZjVhMjNiZmZjNA==
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.32.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-32-79.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:10 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://vnexpress.net
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/0SzYvAqqJfH4Pvhp5l0RGQ==?cb=2772061224&gdpr=1&gdpr_consent=&pageUrl=http%3A%2F%2Fvnexpress.net&a.ip=196.240.57.164&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lat=52.46350&lon=13.37920&us_privacy=1---&scpid=5e4d2a2d2a62e7166c1db7a5&eov=eov&hp=1&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fvnexpress.net%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=225&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=2&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=https%3A%2F%2Fvnexpress.net%2F&width=400&a.y_rid=7afc725d-4e70-4afd-b869-ebf5a23bffc4&a.is_yahoo=3&redirect_y=dHM9MTYyMjc3MjA2OTc1Ny43NTgzMDE6YXBpZD1VUGI2YTUyYmJkLWM0ZDgtMTFlYi04Y2RiLTAyNzcwZWFjNmE1MjpyZXF1ZXN0X2lkPTdhZmM3MjVkLTRlNzAtNGFmZC1iODY5LWViZjVhMjNiZmZjNA==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame 8C6F 43 B
245 B 31ms
31ms Image
image/gif 18.185.190.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=59ae8acf7cdce04271395139&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fvnexpress.net%2F&s=true&sid=33cc87c2-ab4e-43bb-8104-1bcbfe9353fc&vvuid=e9951fd6-bdb0-47b7-b12a-30fa0d76a600&orgId=23089&plcid=1245982&vrid=e10f7624-7ab1-4512-acf0-12bfac6aaf68&ab=0&dt=113&h=225&spaceid=793604934&w=400&cb=0.12254510605052271
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Fri, 04 Jun 2021 02:01:09 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame 8C6F 43 B
245 B 32ms
32ms Image
image/gif 18.185.190.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=59ae8acf7cdce04271395139&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fvnexpress.net%2F&s=true&sid=33cc87c2-ab4e-43bb-8104-1bcbfe9353fc&vvuid=e9951fd6-bdb0-47b7-b12a-30fa0d76a600&orgId=23089&plcid=1245982&vrid=e10f7624-7ab1-4512-acf0-12bfac6aaf68&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.7368449168814057
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Fri, 04 Jun 2021 02:01:09 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame 8C6F 43 B
245 B 32ms
32ms Image
image/gif 18.185.190.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=59ae8acf7cdce04271395139&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fvnexpress.net%2F&s=true&sid=33cc87c2-ab4e-43bb-8104-1bcbfe9353fc&vvuid=e9951fd6-bdb0-47b7-b12a-30fa0d76a600&orgId=23089&plcid=1245982&vrid=e10f7624-7ab1-4512-acf0-12bfac6aaf68&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=400&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=225&cb=0.25864325546879696
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.8
content-type: image/gif
content-length: 43
expires: Fri, 04 Jun 2021 02:01:09 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame A828 156 B
142 B 265ms
264ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21871596757%2FANI-vnexpress.net-Web&description_url=vnexpress.net&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3850334283083335&nofb=1&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3982581209&sdk_apis=2%2C8&sid=31EA1311-957C-42DA-83E5-FAA6A1BD3499&eid=40819805&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772069695&cookie=ID%3D6858f3710ab6c25d%3AT%3D1622772059%3AS%3DALNI_MYirdMmQeB_a5GarT8LsCG4rIkAYw&scor=1015597196623262&ged=ve4_td1_tt0_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 124ms
124ms XHR
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 02:01:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3333 281 B
554 B 1097ms
32ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: pux=1512%3D100131%262249%3D100131%262307%3D100131%262974%3D100131%263778%3D100131%26goog%3D100131%262249-DV360-Hosted%3D100131%26brx%3D100131%26; khaos=KPHOL4K3-6-43Q0; audit=1|i2LGsMLRd+CKTgL+xgTavtpPex04LS5tW6YwxxuVNQDPHaQ0M+WGolbpy0mGAXSujvTII3NVl8xCqQ3+tQhlLHMDvubSxZCGZ+mZHK3G62/Ik/Pf2oPXod1ZF9szPzrl0A+VO7RH1E0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 04 Jun 2021 02:01:10 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B8A8 52 KB
17 KB 1107ms
47ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=655791726943216767; anj=dTM7k!M4/8CxrEQF']wIg2GU$q)_I4!A#Ed.CK$wNya!tNhTox+`NN+; icu=ChgI2ZJgEAoYBSAFKAUw4JLmhQY4BUAFSAUKGAi4p3MQChgCIAIoAjDdkuaFBjgCQAJIAhDgkuaFBhgG
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sat, 05 Jun 2021 02:01:12 GMT
Date: Fri, 04 Jun 2021 02:01:10 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CD01 52 KB
17 KB 1111ms
48ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://vnexpress.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=655791726943216767; anj=dTM7k!M4/8CxrEQF']wIg2GU$q)_I4!A#Ed.CK$wNya!tNhTox+`NN+; icu=ChgI2ZJgEAoYBSAFKAUw4JLmhQY4BUAFSAUKGAi4p3MQChgCIAIoAjDdkuaFBjgCQAJIAhDgkuaFBhgG
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sat, 05 Jun 2021 02:01:12 GMT
Date: Fri, 04 Jun 2021 02:01:10 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 ad-engine-response.gif
trk.vidible.tv/trk/ Frame 8C6F 43 B
245 B 32ms
31ms Image
image/gif 18.185.190.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=59ae8acf7cdce04271395139&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fvnexpress.net%2F&s=true&sid=33cc87c2-ab4e-43bb-8104-1bcbfe9353fc&vvuid=e9951fd6-bdb0-47b7-b12a-30fa0d76a600&orgId=23089&plcid=1245982&vrid=e10f7624-7ab1-4512-acf0-12bfac6aaf68&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=400&aert=399&ar=no&fo=0&ft=0&h=225&cb=0.3519106677285997
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:10 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Fri, 04 Jun 2021 02:01:10 GMT

GET vast2
tag.targeting.unrulymedia.com/rmp/212158/0/ 0
0

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ 27 B
1 KB 40ms
40ms XHR
application/xml 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=20544214&cbb=2772070087

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:10 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.43:80
AN-X-Request-Uuid: 3951aca6-ae60-4e49-85f5-7d7dc7ab06fc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
120ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=72291&t=1622772060&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622772060819-969018789622-028301-005-006512&cha=0.7&cb=35270495957&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622772070088&asid=603f38f09b9e2133d66bc06b%2C5f0e87a3db73b9083a397ae5%2C603f3845a58ab3069815987b%2C5fb766e909e8a7781132bf27%2C60506bdaaf1c271e961fe515%2C6050a53041a04e37862d1575%2C603f39fdf8b9bb72a801f4d4&ofpr=1%2C%2C1%2C3%2C%2C1.5%2C1&fpo=%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 89ms
89ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 323674f1d4499c3b6949000ea9bb84f23d82a7ee8023315da105fa966c2b38f4

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:10 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST mvo
tag.1rx.io/rmp/211377/0/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 442ms
43ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

245673ed9818c97a01129bfbdab0ffe664ce21a3fa127a7646d0e59c40c609a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:10 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.123:80
AN-X-Request-Uuid: 0ec902fe-2ef5-4905-af5c-d9c3a2fc65c2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 95ms
94ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8ad7653fa98ecddfbf684d622756071186255f2086db07b9eb0c5f7069163703

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:10 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 112ms
111ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b4c2e1a3ef272d799a679373bff377eaa6c113c579edbd7429f27f7c60de02a8

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:10 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 113ms
44ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772070424

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:10 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.121:80
AN-X-Request-Uuid: 75b5db07-2112-417c-9b82-2c5d213d8211
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 155ms
42ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772070424

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:10 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.111:80
AN-X-Request-Uuid: 31c25e66-773c-45c5-bff7-f00777b1bf81
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772070425&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 118ms
59ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 80ms
80ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: aec2ee165a34c110dca711c4178d4d8eb93196ab987ea047c7b76f9cd10de10e

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:10 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 102ms
102ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPTNlMGQ5ZjY4LTU1MDItNGFiMy05NTcxLTRkNTUxODhkZGY0Zg%3D%3D&pt=net&stid=7c2258f5-f3a3-402d-b27e-7df706a17012&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 41ms
41ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:10 GMT
X-SpotX-Timing-Transform: 0.000256
X-SpotX-Timing-SpotMarket: 0.003814
X-SpotX-Timing-Page-Mux: 0.000962
X-SpotX-Timing-Page-Require: 0.000304
X-fe: 131
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.007472
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000280
Last-Modified: Fri, 04 Jun 2021 02:01:10 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003814
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.001844
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 81ms
81ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2a4a7cc5675ee83148b3825a6ad567c398e9728bd1f41bae7446ce786ed61d01

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:10 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 120ms
59ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 41ms
40ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:10 GMT
X-SpotX-Timing-Transform: 0.000491
X-SpotX-Timing-SpotMarket: 0.003796
X-SpotX-Timing-Page-Mux: 0.001178
X-SpotX-Timing-Page-Require: 0.000566
X-fe: 083
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.008596
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000293
Last-Modified: Fri, 04 Jun 2021 02:01:10 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003796
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002258
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 147ms
146ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772070581&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 93A0 338 KB
116 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:10 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6179 338 KB
116 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:10 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 496B 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101090
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6179 44 KB
16 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6179 107 B
165 B 31ms
27ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0ED6 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101090
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 93A0 44 KB
16 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 93A0 107 B
165 B 28ms
27ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4B2F 36 KB
12 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 390
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 30BC 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 390
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
DATA 200
OK truncated
/ Frame 496B 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 33ms
31ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1622772070893&de=839536360286&d=229%3A-%3A-%3A-&bo=vnexpress.net&bd=vnexpress.net&f=0&cs=0
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Jun 2021 02:01:10 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 496B 0
20 B 27ms
26ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?mode=2&lid=41&sdkv=h.3.463.0&id=ima_html5&c=1561069720797885&domain=vnexpress.net

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 496B 0
20 B 27ms
27ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=xfp&ctv=0&lid=6&sdkv=h.3.463.0&e=420706097%2C44725356&id=ima_html5&c=1561069720797885&domain=vnexpress.net

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 496B 0
20 B 28ms
28ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.22409038075993482&time=1622772070818&lid=43&sdkv=h.3.463.0&e=420706097%2C44725356&id=ima_html5&c=1561069720797885&domain=vnexpress.net

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 496B 156 B
287 B 202ms
200ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=525617813365188&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3587609979&sdk_apis=2%2C8&sid=3FC756CA-5D2E-40FF-A0A8-8F2A31324F0F&eid=420706097%2C44725356&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772070920&cookie_enabled=1&scor=2622388458935380&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 496B 0
20 B 27ms
26ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1622772070919&timeout=f&logid=0.22409038075993482&timediff=101&lid=43&sdkv=h.3.463.0&e=420706097%2C44725356&id=ima_html5&c=1561069720797885&domain=vnexpress.net

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 496B 0
20 B 28ms
27ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.463.0&e=420706097%2C44725356&id=ima_html5&c=1561069720797885&domain=vnexpress.net

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 496B 0
20 B 28ms
27ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?catu=f&cookiesen=t&doesgdpr=f&gdprapp&gdprcmpapp&gdprload=t&idlsena=f&rt=xfp&storallow=t&tcstr&hpadid=f&hpaid=f&hpatt=f&hpcke=f&hpckvalue=f&hpgapp1=f&hpidtype=f&hpilat=f&hprdid=f&lid=137&sdkv=h.3.463.0&e=420706097%2C44725356&id=ima_html5&c=1561069720797885&domain=vnexpress.net

Requested by

Host: vnexpress.net
URL: https://vnexpress.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0ED6 156 B
287 B 168ms
168ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3113147304941506&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2183157649&sdk_apis=2%2C8&sid=3B46850C-E4B2-41A1-AF82-73E59DEE6DA4&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772070935&cookie_enabled=1&scor=1895625580949140&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3333 31 KB
9 KB 32ms
31ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:01:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 21:11:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9861
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9301
Expires: Fri, 04 Jun 2021 04:45:31 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B8A8 0
750 B 34ms
34ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:11 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.47:80
AN-X-Request-Uuid: 14f8152e-e5e8-461b-9e85-736ab74517ce
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CD01 0
750 B 34ms
34ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:11 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.43:80
AN-X-Request-Uuid: 4be2719a-4808-47ac-a268-3513a12d392d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 49ms
49ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772071131

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:11 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.42:80
AN-X-Request-Uuid: 312cc9f7-54bf-4d94-bfe9-e00e2c37e4ea
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 41ms
40ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772071131

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:11 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.241:80
AN-X-Request-Uuid: 183cd1ef-d25a-4a1a-97a1-8b4222c785dc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
119ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772071132&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 41ms
40ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:11 GMT
X-SpotX-Timing-Transform: 0.000288
X-SpotX-Timing-SpotMarket: 0.004378
X-SpotX-Timing-Page-Mux: 0.000890
X-SpotX-Timing-Page-Require: 0.000335
X-fe: 045
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.008099
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000280
Last-Modified: Fri, 04 Jun 2021 02:01:11 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004378
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.001910
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000014
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
389 B 95ms
94ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c17e41f084aee62866ca316b2d30e9f0c25d375fb5068eb08e7ca89bf1d82c87

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 177
expires: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 98ms
98ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPWRjMTkzMzFhLWJlOTgtNDBkZC1hZTkxLTI2NzEzYzA3OTU3Yw%3D%3D&pt=net&stid=c21d9374-0e59-49e0-b278-d23c9fdd26aa&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:11 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 47ms
47ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:11 GMT
X-SpotX-Timing-Transform: 0.000264
X-SpotX-Timing-SpotMarket: 0.004958
X-SpotX-Timing-Page-Mux: 0.001105
X-SpotX-Timing-Page-Require: 0.000388
X-fe: 101
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.013340
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000327
Last-Modified: Fri, 04 Jun 2021 02:01:11 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004958
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.006284
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 61ms
61ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 59ms
59ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 98ms
98ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5e5af65b190d021ff972dc334e98ee005eb765895f9a27f564f0fad78a239e91

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772071239&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B3BF 338 KB
116 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:11 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5E40 338 KB
116 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:11 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F3A8 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101091
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5E40 44 KB
16 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:11 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5E40 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame DDD4 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101091
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B3BF 44 KB
16 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:11 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame B3BF 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 208C 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 391
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4CD2 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 391
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame F3A8 156 B
144 B 196ms
195ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=619279720628348&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2317486991&sdk_apis=2%2C8&sid=E6FF44BA-4BE4-49E5-B4B9-802A7B939434&eid=44731467&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772071495&cookie_enabled=1&scor=1232602911081853&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DDD4 156 B
144 B 188ms
188ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3251352377435620&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=4275458296&sdk_apis=2%2C8&sid=DDB8923F-221F-4FCD-8409-653E6EAA3079&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772071502&cookie_enabled=1&scor=3264661968011104&ged=ve4_td1_tt1_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 44ms
43ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772071704

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:11 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.140:80
AN-X-Request-Uuid: cb3537d1-9479-4ee9-9748-02e4561cad68
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 40ms
40ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772071704

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:11 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.133:80
AN-X-Request-Uuid: b9e147d9-f5a1-4eb1-b4b8-8ca73cd59192
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 118ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772071705&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 59ms
59ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 69ms
69ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 98ms
98ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPWNmZjc2YzJkLTZkNTQtNDRjMy1hZWUwLTk0OTZmYjM1Zjk3Ng%3D%3D&pt=net&stid=1b02742e-1fa5-45b0-b84d-ad849131de7f&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:11 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 41ms
41ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:11 GMT
X-SpotX-Timing-Transform: 0.000251
X-SpotX-Timing-SpotMarket: 0.003748
X-SpotX-Timing-Page-Mux: 0.000727
X-SpotX-Timing-Page-Require: 0.000320
X-fe: 103
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.007457
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000386
Last-Modified: Fri, 04 Jun 2021 02:01:11 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003748
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002009
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 84ms
84ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 77d5da62110972a0a576647ab75feabb17ab062dba8e047691fef1e3c80ebc3a

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 43ms
43ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:11 GMT
X-SpotX-Timing-Transform: 0.000300
X-SpotX-Timing-SpotMarket: 0.004279
X-SpotX-Timing-Page-Mux: 0.000914
X-SpotX-Timing-Page-Require: 0.000362
X-fe: 063
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.010821
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000296
Last-Modified: Fri, 04 Jun 2021 02:01:11 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004279
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.004654
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
385 B 87ms
86ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a6e0cd2058335597e3f68ecb975494b712b66b6b224bc1e180012dcf77b82837

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 173ms
173ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772071813&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 163ms
162ms XHR
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 02:01:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 11A2 338 KB
116 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:11 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6862 338 KB
116 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:11 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C465 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101091
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6862 44 KB
16 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:11 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6862 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame AE18 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101091
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 11A2 44 KB
16 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:11 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 11A2 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9715 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 391
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F8BE 36 KB
12 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 391
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B8A8 0
751 B 35ms
34ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:12 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.155:80
AN-X-Request-Uuid: 1c6a831d-f9ab-42f7-a35e-4ef8e45a8519
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CD01 0
751 B 34ms
34ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:12 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.132:80
AN-X-Request-Uuid: bd5f28cb-9baf-4e33-b161-79d3bd96e262
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C465 156 B
142 B 195ms
195ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1611784429402684&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=4045352411&sdk_apis=2%2C8&sid=4085FB2F-2798-4278-8123-D85842C3445F&eid=44731465&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772072100&cookie_enabled=1&scor=3277284924538883&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame AE18 156 B
142 B 288ms
288ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=228518601638205&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=1981209409&sdk_apis=2%2C8&sid=162DBAF4-CC9B-45E4-A7F5-B0C8F132B4A8&eid=44725356%2C44730896&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772072107&cookie_enabled=1&scor=2178226909828121&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK syncuser Show response
adp.vnecdn.net/ 110 B
886 B 675ms
225ms XHR
application/json 111.65.249.227
FPTONLINE-AS-VN F...

General

Check archive.org

Show headers Download Go to

Full URL: https://adp.vnecdn.net/syncuser?fosp_aid=d4m74kwhd97ui1st.1622772057.des&orig_aid=d4m74kwhd97ui1st.1622772057.des&myvne_user_id=0
Requested by: Host: s1cdn.vnecdn.net
URL: https://s1cdn.vnecdn.net/vnexpress/restruct/j/v1270/eclick/ea3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 111.65.249.227 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 179eb59a05741f19c91f25c503fbb3d6927c82424a63afce8e04d49422f14690

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 02:01:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 04 Jun 2021 09:01:12 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vnexpress.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 41ms
41ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772072402

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:12 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.149:80
AN-X-Request-Uuid: e11f9800-cbb0-42f0-820d-48ce30ce5de0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 40ms
40ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772072402

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:12 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.81:80
AN-X-Request-Uuid: bafe8a5c-4f16-4780-bfe8-5d19c5d3b9c7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 118ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772072403&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:12 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 98ms
98ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPTJjZTdiNzVmLTA0MmItNDE2YS05OTBmLWIzMGU0ZjZjMjEzNg%3D%3D&pt=net&stid=97f94467-23e4-4769-b1b4-440628c7f99c&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:12 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
385 B 101ms
101ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: babc395940a3a3b20b79433bf5d321cc7a97b12753689f5f5f2222d529d27c29

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:12 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 116ms
58ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 93ms
92ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8078b0dc202af773af4a2a21f1f55892a4ce68d4286427a17640c9350ed382b2

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:12 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 175ms
60ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 40ms
40ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:12 GMT
X-SpotX-Timing-Transform: 0.000512
X-SpotX-Timing-SpotMarket: 0.003866
X-SpotX-Timing-Page-Mux: 0.000831
X-SpotX-Timing-Page-Require: 0.000398
X-fe: 086
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.008289
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000427
Last-Modified: Fri, 04 Jun 2021 02:01:12 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003866
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002239
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 42ms
42ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:12 GMT
X-SpotX-Timing-Transform: 0.000284
X-SpotX-Timing-SpotMarket: 0.004064
X-SpotX-Timing-Page-Mux: 0.000987
X-SpotX-Timing-Page-Require: 0.000300
X-fe: 128
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.008351
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000264
Last-Modified: Fri, 04 Jun 2021 02:01:12 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004064
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002437
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
120ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772072585&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:12 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5518 338 KB
116 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:12 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 406E 338 KB
116 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:12 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 18FC 575 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101092
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5518 44 KB
16 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:12 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5518 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 09C3 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101092
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 406E 44 KB
16 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:12 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 406E 107 B
122 B 31ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9DAA 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 392
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B541 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 392
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 18FC 156 B
142 B 201ms
201ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1884691758524610&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=301788202&sdk_apis=2%2C8&sid=9B79F25F-CDDA-41C7-BE2B-5E125BFBF5F2&eid=44741356&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772072979&cookie_enabled=1&scor=1826734692826085&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 09C3 156 B
142 B 253ms
253ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3358397865587002&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=309823704&sdk_apis=2%2C8&sid=23AB5478-9FEE-4532-8D18-0EB0E73CB83A&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772073006&cookie_enabled=1&scor=2456754106585450&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 41ms
41ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772073266

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:13 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid: f2b6df72-c64b-44a0-b879-81dc6e892496
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 44ms
44ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772073267

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:13 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.154:80
AN-X-Request-Uuid: f9d9a722-40e7-41e9-8e00-614053e62155
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 118ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772073267&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:13 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 99ms
99ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPTdlMTNiOWE0LTg4OTMtNGJlMi05ZTk2LWVjNzlmMDJmNmI4Mg%3D%3D&pt=net&stid=0221f232-e230-477c-92bb-1a1533e1692d&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:13 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 116ms
58ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 42ms
42ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:13 GMT
X-SpotX-Timing-Transform: 0.000254
X-SpotX-Timing-SpotMarket: 0.004170
X-SpotX-Timing-Page-Mux: 0.000873
X-SpotX-Timing-Page-Require: 0.000341
X-fe: 033
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.008374
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000493
Last-Modified: Fri, 04 Jun 2021 02:01:13 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004170
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002225
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000014
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 124ms
62ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
387 B 81ms
81ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 24b808dbf18b0f2ee58b004496a81cb71047c99c48277398c0f3df3eb84bbb5c

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:13 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 85ms
84ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9a9fa3c49e9cc8f927d41f5a49bddcb38106d3a8f1d41d87954c2279bfd380c8

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:13 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 41ms
41ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:13 GMT
X-SpotX-Timing-Transform: 0.000320
X-SpotX-Timing-SpotMarket: 0.004152
X-SpotX-Timing-Page-Mux: 0.000980
X-SpotX-Timing-Page-Require: 0.000269
X-fe: 056
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.008819
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000252
Last-Modified: Fri, 04 Jun 2021 02:01:13 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004152
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002831
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772073398&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:13 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C1F0 338 KB
116 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:13 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3C92 338 KB
116 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:13 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D992 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101093
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 3C92 44 KB
16 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:13 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3C92 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8BEE 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101093
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C1F0 44 KB
16 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:13 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame C1F0 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E7B2 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 393
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 89E6 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 393
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D992 156 B
142 B 197ms
197ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3890640983880219&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2466647103&sdk_apis=2%2C8&sid=11E16B41-8EFC-4004-9935-9D2751BF0EED&eid=44726392&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772073685&cookie_enabled=1&scor=1202515831742988&ged=ve4_td1_tt0_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8BEE 156 B
142 B 178ms
177ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=591961964812511&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3308733228&sdk_apis=2%2C8&sid=0E9D321F-849E-4048-8BDC-CA1F12EA5081&eid=44736285&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772073691&cookie_enabled=1&scor=946532833042441&ged=ve4_td1_tt0_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 123ms
123ms XHR
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 02:01:13 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 41ms
40ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772073889

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:13 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.53:80
AN-X-Request-Uuid: 131e7592-1fe4-4a17-9022-6fc862e2aa48
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 41ms
40ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772073889

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:13 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.179:80
AN-X-Request-Uuid: 9fc67045-9d32-4129-ae9b-f321e0b71dea
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772073889&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:13 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
387 B 87ms
87ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ad0f4ec2a9418f1f83f58b69c8340d4d0f5f887b5f4c84a526db3c0eb2f67f3e

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:13 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 68ms
68ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 40ms
40ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:13 GMT
X-SpotX-Timing-Transform: 0.000270
X-SpotX-Timing-SpotMarket: 0.004184
X-SpotX-Timing-Page-Mux: 0.000861
X-SpotX-Timing-Page-Require: 0.000306
X-fe: 030
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.007846
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000267
Last-Modified: Fri, 04 Jun 2021 02:01:13 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004184
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.001940
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000014
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 101ms
101ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPTkzZjI3ZDJmLWZmNTYtNGI0NS1hNTE2LWZiZjA2MGU0YTQzOQ%3D%3D&pt=net&stid=cd681c44-9c80-43ec-a6e2-53e0d3dca8be&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:13 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
389 B 78ms
78ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3648f9986a816d3066974a0f36793d4c50f0ae150a9daf640ae9a154603d6553

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:13 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 177
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 57ms
57ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 44ms
43ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:13 GMT
X-SpotX-Timing-Transform: 0.000263
X-SpotX-Timing-SpotMarket: 0.004451
X-SpotX-Timing-Page-Mux: 0.001015
X-SpotX-Timing-Page-Require: 0.000363
X-fe: 066
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000024
X-SpotX-Timing-Page: 0.009549
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000324
Last-Modified: Fri, 04 Jun 2021 02:01:13 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004451
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.003095
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000014
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772073998&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F5DF 338 KB
116 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:14 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame CAF3 338 KB
116 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:14 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 029C 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101094
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame CAF3 44 KB
16 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:14 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame CAF3 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0F63 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101094
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame F5DF 44 KB
16 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:14 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame F5DF 107 B
122 B 27ms
26ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 42F6 36 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 394
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DFB2 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 394
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 029C 156 B
142 B 184ms
183ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=136728626652087&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2466647103&sdk_apis=2%2C8&sid=2C8A4B1B-0E8F-4AEC-B922-93CEA7E41327&eid=44741234&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772074254&cookie_enabled=1&scor=4333453604288012&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0F63 156 B
142 B 197ms
196ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=18925085194778&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3308733228&sdk_apis=2%2C8&sid=F2188424-7DB2-4017-9D03-2EB4BDD8CD73&eid=44741357&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772074258&cookie_enabled=1&scor=79361713932074&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 125ms
124ms XHR
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=72291&t=1622772060&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622772060819-969018789622-028301-005-006512&cha=0.7&cb=35270495957&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 02:01:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET vast2
tag.targeting.unrulymedia.com/rmp/212158/0/ 0
0

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ 27 B
1 KB 39ms
38ms XHR
application/xml 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=20544214&cbb=2772078098

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:18 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.90:80
AN-X-Request-Uuid: 4ac9676a-5c33-4541-8df7-3ed54e9f75ed
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
119ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=72291&t=1622772060&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622772060819-969018789622-028301-005-006512&cha=0.7&cb=35270495957&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622772078098&asid=603f38f09b9e2133d66bc06b%2C5f0e87a3db73b9083a397ae5%2C603f3845a58ab3069815987b%2C5fb766e909e8a7781132bf27%2C60506bdaaf1c271e961fe515%2C6050a53041a04e37862d1575%2C603f39fdf8b9bb72a801f4d4&ofpr=1%2C%2C1%2C3%2C%2C1.5%2C1&fpo=%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:18 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
119ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=72291&t=1622772060&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622772060819-969018789622-028301-005-006512&cha=0.7&cb=35270495957&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&copid=5e4d2a2d2a62e7166c1db7a5&nid=59c9148628a0612da3689288&cocid=5e97fece3706f1266619c969&ncid=5ea84900c94b8975a9508d38&coasid=5ea84ae409a41a723a209314&e=request&cb=1622772078099&asid=5f4f9c3d23b3f315675708b0&ofpr=0.5&fpo=
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:18 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
837 B 34ms
34ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

fafaba8af4114341c56d4cc72376c6d52d6d52df553f0ec3df7a700fca8bcb24

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:18 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.235:80
AN-X-Request-Uuid: 2ec5b69c-8b14-4fef-a94f-1c48990b645a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 89ms
89ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bc34a13df37d3bce41bce90a366e4a53c88dc431535b0a3b1d0b89cf8f6f2504

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:18 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST mvo
tag.1rx.io/rmp/211377/0/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 41ms
41ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

051cbf660b6f1d0485221626e6c4203e04fb38de66b318a82d98b8c694fecf31

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:18 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.48:80
AN-X-Request-Uuid: ca038aaa-0835-42f4-9d07-56d80ddd4c08
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 81ms
81ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 357fbb5d95403cffcc519104b9c32af74707a5874a282c9be8d7825a2666da92

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:18 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
389 B 95ms
94ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2b762dbf4315611b6453264432a200d0b26b909011313abfa1e230efb5491523

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:18 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 177
expires: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 119ms
118ms XHR
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 02:01:18 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 41ms
40ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772079466

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:19 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.140:80
AN-X-Request-Uuid: c353f4a3-a5f0-4fb2-9895-124e8058d599
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 42ms
41ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772079466

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:19 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.41:80
AN-X-Request-Uuid: 3a9f5c2f-0b9b-45a4-a4e7-553ee6f9c565
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 118ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772079466&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:19 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 95ms
95ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3065f4f1fcada7d837c7def14c85a446db68b981c0637601699b59f3a07e56f6

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:19 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 127ms
62ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 130ms
64ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 92ms
92ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPTA2MzU4ZTYxLTcyZGUtNDQzNC05ZTE1LWJkNTAwYzViNjczMw%3D%3D&pt=net&stid=6f8c5d39-77da-4f34-bd65-7b4722e1be00&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 90ms
89ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: af6fcda191c31f38127a98387cefcc89461024bd2cc47b55a25596ebe01f9830

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:19 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 43ms
43ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:19 GMT
X-SpotX-Timing-Transform: 0.000283
X-SpotX-Timing-SpotMarket: 0.004510
X-SpotX-Timing-Page-Mux: 0.000918
X-SpotX-Timing-Page-Require: 0.000402
X-fe: 015
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000029
X-SpotX-Timing-Page: 0.009046
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000307
Last-Modified: Fri, 04 Jun 2021 02:01:19 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004510
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002583
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000014
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 42ms
42ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:19 GMT
X-SpotX-Timing-Transform: 0.000318
X-SpotX-Timing-SpotMarket: 0.006046
X-SpotX-Timing-Page-Mux: 0.000955
X-SpotX-Timing-Page-Require: 0.000346
X-fe: 045
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.009906
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000303
Last-Modified: Fri, 04 Jun 2021 02:01:19 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.006046
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.001921
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772079603&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:19 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E36B 338 KB
116 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:19 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 124A 338 KB
116 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:19 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 37DE 575 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101099
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame E36B 44 KB
16 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:19 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame E36B 107 B
165 B 27ms
27ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C281 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101099
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 124A 44 KB
16 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:19 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 124A 107 B
122 B 30ms
26ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FAC7 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 399
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BA15 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 399
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 37DE 156 B
287 B 223ms
222ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3459871029682344&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2183157649&sdk_apis=2%2C8&sid=CF0B4931-7096-49D1-BB36-EC9E0CD63E4F&eid=44736153&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772079929&cookie_enabled=1&scor=2923231526860533&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C281 156 B
287 B 234ms
234ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3756175504255414&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3587609979&sdk_apis=2%2C8&sid=96B0AE29-E641-4161-BD35-26C8D73CB40E&eid=21064201&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772079940&cookie_enabled=1&scor=1017467546580082&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 41ms
40ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772080183

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:20 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.90:80
AN-X-Request-Uuid: d470003a-201e-42d0-85d0-1444707c401d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 41ms
41ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772080183

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:20 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.78:80
AN-X-Request-Uuid: 50348c87-5f3e-47b4-bd64-bf5c80fc29d9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772080184&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 43ms
42ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:20 GMT
X-SpotX-Timing-Transform: 0.000284
X-SpotX-Timing-SpotMarket: 0.003813
X-SpotX-Timing-Page-Mux: 0.000862
X-SpotX-Timing-Page-Require: 0.000319
X-fe: 143
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.008397
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000277
Last-Modified: Fri, 04 Jun 2021 02:01:20 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003813
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002825
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 62ms
62ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 96ms
95ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 79f2211bafd377f5e172d7cd1cdacd76c5dfb79317914ba9dc3467259ada26c8

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:20 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 104ms
103ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPThmYTIxZGE4LThmNjAtNGMzNS04NWMwLTI5MTk0ODk2YmY2Yg%3D%3D&pt=net&stid=b671b345-7529-4095-9de6-442a036f6469&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:20 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 41ms
40ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:20 GMT
X-SpotX-Timing-Transform: 0.000249
X-SpotX-Timing-SpotMarket: 0.003770
X-SpotX-Timing-Page-Mux: 0.001936
X-SpotX-Timing-Page-Require: 0.000342
X-fe: 086
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.008674
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000439
Last-Modified: Fri, 04 Jun 2021 02:01:20 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003770
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.001923
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 62ms
62ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 82ms
82ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4504d281a699574b9ea6c170c9c56f5b3e200037fe6b326c669da17560c38d04

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:20 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
120ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772080298&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 53A5 338 KB
116 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:20 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1427 338 KB
116 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:20 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame CA8A 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101100
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1427 44 KB
16 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:20 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1427 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F938 575 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101100
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 53A5 44 KB
16 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:20 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 53A5 107 B
122 B 34ms
31ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AA52 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 400
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B51E 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 400
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame CA8A 156 B
144 B 185ms
184ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1450477678628263&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2317486991&sdk_apis=2%2C8&sid=F8475592-672D-45F5-8049-61C0071ABDD0&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772080590&cookie_enabled=1&scor=3321494360052881&ged=ve4_td1_tt1_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame F938 156 B
144 B 239ms
239ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2903087732401380&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=4275458296&sdk_apis=2%2C8&sid=E6D4490A-FCA2-4E2D-A8E6-8F23884D132B&eid=44736153&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772080598&cookie_enabled=1&scor=4146373157760967&ged=ve4_td1_tt0_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 40ms
40ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772080847

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:20 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.149:80
AN-X-Request-Uuid: f8ef0cb9-fb25-4f0e-8915-f664a05fc4f2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 40ms
40ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772080848

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:20 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.36:80
AN-X-Request-Uuid: dfd3d513-5314-4342-8eab-d32f639602bb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 118ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772080848&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 63ms
63ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
389 B 104ms
104ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ed0fb43224d6ef5c14c630e025060cac2d688a489a97315357dec19412958ad4

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:20 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 177
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 63ms
62ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 105ms
104ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPWIwZTk3MjI2LWE4NWMtNDJhMy1hM2NlLWIxODY2OTZlYzk0NA%3D%3D&pt=net&stid=bad3e5ec-f716-4b2a-aa89-60e27ceb3c0c&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:20 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 42ms
42ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:20 GMT
X-SpotX-Timing-Transform: 0.000251
X-SpotX-Timing-SpotMarket: 0.004064
X-SpotX-Timing-Page-Mux: 0.000787
X-SpotX-Timing-Page-Require: 0.000399
X-fe: 092
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000001
X-SpotX-Timing-Page: 0.008120
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000432
Last-Modified: Fri, 04 Jun 2021 02:01:20 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004064
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002174
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 41ms
41ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:20 GMT
X-SpotX-Timing-Transform: 0.000309
X-SpotX-Timing-SpotMarket: 0.004028
X-SpotX-Timing-Page-Mux: 0.001201
X-SpotX-Timing-Page-Require: 0.000380
X-fe: 085
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.008777
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000296
Last-Modified: Fri, 04 Jun 2021 02:01:20 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004028
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002548
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 90ms
90ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 877ade4f381c197a1656de06170dd1c866dcebadae64e4e1c7cc9cfd62590dcb

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:20 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 118ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772080960&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:21 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 121ms
120ms XHR
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 02:01:21 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C14A 338 KB
116 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:20 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FE21 338 KB
116 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:20 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D306 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101101
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FE21 44 KB
16 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:21 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame FE21 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8579 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101101
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C14A 44 KB
16 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:21 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame C14A 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 456A 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 401
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8FE5 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 401
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D306 156 B
142 B 209ms
209ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2354793814690512&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=4045352411&sdk_apis=2%2C8&sid=8B62795C-33F2-4508-9036-143B395F9CD0&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772081218&cookie_enabled=1&scor=1153058145330132&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8579 156 B
142 B 225ms
225ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2438495454860332&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=1981209409&sdk_apis=2%2C8&sid=5225C9C8-B8B8-4B01-B8D6-09140345EE1C&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772081223&cookie_enabled=1&scor=702144751091409&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 50ms
49ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772081456

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:21 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.56:80
AN-X-Request-Uuid: 464bbb60-0d2e-4d5d-b669-8f7bf5ab9b1c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 40ms
40ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772081456

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:21 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid: 3dc0df1f-3244-4b99-9e66-e725e925dca4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 118ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772081457&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:21 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 44ms
44ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:21 GMT
X-SpotX-Timing-Transform: 0.000274
X-SpotX-Timing-SpotMarket: 0.004530
X-SpotX-Timing-Page-Mux: 0.001084
X-SpotX-Timing-Page-Require: 0.000378
X-fe: 006
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000023
X-SpotX-Timing-Page: 0.010186
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000309
Last-Modified: Fri, 04 Jun 2021 02:01:21 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004530
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.003572
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000015
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 40ms
40ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:21 GMT
X-SpotX-Timing-Transform: 0.000278
X-SpotX-Timing-SpotMarket: 0.004344
X-SpotX-Timing-Page-Mux: 0.000902
X-SpotX-Timing-Page-Require: 0.000321
X-fe: 072
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.008253
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000277
Last-Modified: Fri, 04 Jun 2021 02:01:21 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004344
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002114
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 62ms
62ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 101ms
101ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPWYwYWJiNTYxLTVkNDktNDhkZC05NjVlLTQ2YWFjMzJjZTVmZA%3D%3D&pt=net&stid=28b69d3d-f4bb-4ed5-a271-3695371cd079&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:21 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 123ms
122ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3331f6a915bc1bf565e60edea8ae77c9eeaefa4cfe4db27703bc0286491eb8a

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:21 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 64ms
64ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 108ms
108ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0a6207a54f6f5e3bf5145ff9442c48e3a8f76d5c8fb6132e349a8eefbabd2529

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:21 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=58300&t=1622772061&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772061149-967215516622-008534-012-006671&cha=0.7&cb=63915386686&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772081588&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:21 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame EC1F 338 KB
116 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:21 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 05C3 338 KB
116 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:21 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame AAFB 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101101
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 05C3 44 KB
16 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:21 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 05C3 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C207 575 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101101
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame EC1F 44 KB
16 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:21 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame EC1F 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A016 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 401
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0252 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 401
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame AAFB 156 B
142 B 222ms
222ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1805186092935402&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=309823704&sdk_apis=2%2C8&sid=663074C7-88BC-42E6-A4BD-4116EDF89DC3&eid=44741357&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772081925&cookie_enabled=1&scor=418132983467479&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C207 156 B
142 B 191ms
190ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1013112669719738&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=301788202&sdk_apis=2%2C8&sid=18E73BAB-5366-47BA-8A21-95708BD0FF66&eid=420706105&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772081946&cookie_enabled=1&scor=3739889876026385&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 18 KB
3 KB 137ms
136ms XHR
application/json 35.171.145.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fvnexpress.net%2F&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&AV_CHANNELID=5d81ed7928a06164620898f0&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=vnexpress.net&AV_DADPOS=3&AV_PLACEMENT=5&v=6.1.1.243&avtoken=61057&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1622772082152
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-49.compute-1.amazonaws.com
Software: /
Resource Hash: 36b11ca16a70d6612d14bd5b971709312fa22a096f7b0cce875353084f84d526

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:22 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache
access-control-allow-credentials: true
expires: Sun, 23 May 2021 12:14:42 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 41ms
40ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772082291

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:22 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.122:80
AN-X-Request-Uuid: a6459f3c-1440-4fe7-8f71-927648ff0474
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 45ms
44ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772082292

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:22 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.8:80
AN-X-Request-Uuid: 029cbe9b-a6d9-4359-8a06-8241f9c20b20
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 131ms
130ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=75707&t=1622772082&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772082214-949772263722-028580-007-001147&cha=0.7&cb=32112132115&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772082293&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 81ms
79ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 074cb4b5ca16c176b21133aada4cb744e306f30d2f521bcfe73cbd1a87deea3b

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:22 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 69ms
67ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 46ms
44ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:22 GMT
X-SpotX-Timing-Transform: 0.000368
X-SpotX-Timing-SpotMarket: 0.004454
X-SpotX-Timing-Page-Mux: 0.000880
X-SpotX-Timing-Page-Require: 0.000307
X-fe: 030
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000005
X-SpotX-Timing-Page: 0.009560
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000476
Last-Modified: Fri, 04 Jun 2021 02:01:22 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004454
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.003056
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 42ms
41ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:22 GMT
X-SpotX-Timing-Transform: 0.000241
X-SpotX-Timing-SpotMarket: 0.003739
X-SpotX-Timing-Page-Mux: 0.000947
X-SpotX-Timing-Page-Require: 0.000322
X-fe: 124
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000022
X-SpotX-Timing-Page: 0.008023
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000282
Last-Modified: Fri, 04 Jun 2021 02:01:22 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003739
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002457
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 86ms
85ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d196fe29b56799c03f2ac61ceea39b1d819e241826bf6007eb6a988cfae87e6c

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:22 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 108ms
107ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPTZkODZmNzBmLTMwN2UtNGNmZi05NGQ3LTljZjEwYTkzN2QzZg%3D%3D&pt=net&stid=a187ebb5-b89e-49ff-9971-d4d89bfd655b&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:22 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 65ms
65ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 track
track1.aniview.com/ 0
70 B 124ms
123ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=75707&t=1622772082&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772082214-949772263722-028580-007-001147&cha=0.7&cb=32112132115&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772082416&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D491 338 KB
116 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:22 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B0F7 338 KB
116 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:22 GMT

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 89F8 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101102
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B0F7 44 KB
16 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:22 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B0F7 107 B
165 B 30ms
27ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5E14 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101102
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame D491 44 KB
16 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:22 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame D491 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EE53 36 KB
12 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 402
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3B69 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 402
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 89F8 156 B
287 B 200ms
200ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1359947566530071&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2466647103&sdk_apis=2%2C8&sid=D5DA2999-152D-4691-8F6E-7A0DC9124C6B&eid=44730896&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772082717&cookie_enabled=1&scor=1250964470259568&ged=ve4_td1_tt0_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 5E14 156 B
287 B 186ms
186ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1907784896613049&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3308733228&sdk_apis=2%2C8&sid=6FEFE696-173D-4BDA-B72A-6331C552F054&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772082731&cookie_enabled=1&scor=999715624870372&ged=ve4_td1_tt0_pd1_la1000_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 120ms
120ms XHR
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=75707&t=1622772082&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772082214-949772263722-028580-007-001147&cha=0.7&cb=32112132115&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 02:01:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 41ms
41ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=20990096&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772082926

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:22 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.43:80
AN-X-Request-Uuid: ed1c5de7-a6ef-4d56-84d6-9f1fce8ad8d1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 42ms
41ms XHR
application/xml 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=17888101&referrer=https%3A%2F%2Fvnexpress.net%2F&us_privacy=1---&cbb=2772082926

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:22 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.56:80
AN-X-Request-Uuid: d839b0c4-bef5-41b9-9b9d-775295cc804d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=75707&t=1622772082&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772082214-949772263722-028580-007-001147&cha=0.7&cb=32112132115&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=request&cb=1622772082927&asid=60a6645ddf94a939a5712eb6%2C608eb992edae0405f53640d6%2C60992046312b2d48351007b4%2C607d5e70e3576c0da7460254%2C601c05f536274b0995743b75%2C5dda954f28a0615f596b401f%2C60b75f9c629df3021a4c0d08%2C605c81c875d0011dc80665cb%2C602a779413442c3f5013b60a%2C5dda8da528a06116f92530b3%2C5f15b06cadb22919b3263c04&ofpr=4.97%2C3.35%2C%2C%2C%2C%2C0.53%2C0.43%2C0.37%2C0.23%2C0.17&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 104ms
104ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bbdb14dc36cb810d804aeffe104de6a1652005dea1235602aa1517f22a9857aa

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:23 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 82ms
82ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
446 B 102ms
101ms XHR
application/json 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNTUyMjImcHJpY2VUeXBlPW5ldCZtaW5wPTAuNTMmY2RpbXM9NDAweDIyNSZ0cmFuc2FjdGlvbklkPTIwMWUwMTU4LWNlNDUtNDdjMC05NzI3LWJmMjgyZjIwOTVkNQ%3D%3D&pt=net&stid=dc62d956-fefd-430a-ae44-a96866312c1f&fd=1&url=https%3A%2F%2Fvnexpress.net%2F

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:23 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 43ms
42ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:22 GMT
X-SpotX-Timing-Transform: 0.000251
X-SpotX-Timing-SpotMarket: 0.003734
X-SpotX-Timing-Page-Mux: 0.000908
X-SpotX-Timing-Page-Require: 0.000315
X-fe: 093
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000002
X-SpotX-Timing-Page: 0.008407
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000395
Last-Modified: Fri, 04 Jun 2021 02:01:22 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003734
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.002792
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 272731 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
982 B 41ms
41ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/272731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Jun 2021 02:01:22 GMT
X-SpotX-Timing-Transform: 0.000281
X-SpotX-Timing-SpotMarket: 0.004553
X-SpotX-Timing-Page-Mux: 0.000994
X-SpotX-Timing-Page-Require: 0.000395
X-fe: 066
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page: 0.008520
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000342
Last-Modified: Fri, 04 Jun 2021 02:01:22 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004553
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://vnexpress.net
X-SpotX-Timing-Page-Misc: 0.001922
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000030
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 63ms
63ms XHR
application/json 52.29.183.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.183.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vnexpress.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
386 B 83ms
83ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0a108a3c73c125005ea667414f2442bf43719b372c30ca6ad2dd1df20030f2a6

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:23 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=75707&t=1622772082&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772082214-949772263722-028580-007-001147&cha=0.7&cb=32112132115&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5d81ec9228a0610a0033fe67&nid=59918a0e073ef4782e4e347f&pcid=5d81ed7928a06164620898f0&ncid=5d81ec9a28a061267a37a9bf&pasid=5d81ecbe28a0617fd145654a&e=bid&cb=1622772083036&asid=60992046312b2d48351007b4%2C607d5e70e3576c0da7460254&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:23 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BB75 338 KB
116 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:23 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5498 338 KB
116 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118295
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:23 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 121ms
121ms XHR
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=72291&t=1622772060&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622772060819-969018789622-028301-005-006512&cha=0.7&cb=35270495957&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 02:01:23 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 53E9 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101103
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame BB75 44 KB
16 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:23 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame BB75 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.463.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A6F0 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.463.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://vnexpress.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://vnexpress.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192673
date: Wed, 02 Jun 2021 21:56:20 GMT
expires: Thu, 02 Jun 2022 21:56:20 GMT
last-modified: Wed, 02 Jun 2021 21:48:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 101103
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5498 44 KB
16 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:01:23 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5498 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vnexpress.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Jun 2021 02:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5727 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 403
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E088 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 01:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 403
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 04 Jun 2021 02:54:40 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 53E9 156 B
144 B 209ms
208ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1513040001270403&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3308733228&sdk_apis=2%2C8&sid=07F95E8F-E857-4DCB-BE4A-348558093A62&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772083303&cookie_enabled=1&scor=3062310444723529&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame A6F0 156 B
144 B 184ms
184ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fvnexpress.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1947387797767149&sdkv=h.3.463.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2466647103&sdk_apis=2%2C8&sid=9FD1AEFA-E093-48F1-9B9F-96FF1F9C2A2A&url=https%3A%2F%2Fvnexpress.net%2F&dt=1622772083322&cookie_enabled=1&scor=2651462577312569&ged=ve4_td0_tt0_pd0_la0_er975.1200.1128.1500_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.463.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET vast2
tag.targeting.unrulymedia.com/rmp/212158/0/ 0
0

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ 27 B
1 KB 42ms
41ms XHR
application/xml 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=20544214&cbb=2772086112

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e63d10e28a0614d2b01395e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:26 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.82:80
AN-X-Request-Uuid: 2e209049-ce7a-4557-a933-edc83b9b7db4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
119ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=72291&t=1622772060&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622772060819-969018789622-028301-005-006512&cha=0.7&cb=35270495957&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e63d10e28a0614d2b01395e&nid=5e4d2a2d2a62e7166c1db7a5&pcid=5ea26963e792ea55c7264da7&ncid=5e97fece3706f1266619c969&pasid=5ea2693a68117d1c3c154dc6&e=request&cb=1622772086113&asid=603f38f09b9e2133d66bc06b%2C5f0e87a3db73b9083a397ae5%2C603f3845a58ab3069815987b%2C5fb766e909e8a7781132bf27%2C60506bdaaf1c271e961fe515%2C6050a53041a04e37862d1575%2C603f39fdf8b9bb72a801f4d4&ofpr=1%2C%2C1%2C3%2C%2C1.5%2C1&fpo=%2C%2C%2C%2C%2C%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:26 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
118ms Image
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=72291&t=1622772060&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e63d10e28a0614d2b01395e&test=&aafaid=&proto=https&uid=1622772060819-969018789622-028301-005-006512&cha=0.7&cb=35270495957&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&copid=5e4d2a2d2a62e7166c1db7a5&nid=59c9148628a0612da3689288&cocid=5e97fece3706f1266619c969&ncid=5ea84900c94b8975a9508d38&coasid=5ea84ae409a41a723a209314&e=request&cb=1622772086113&asid=60802fa7bda96b4f7761daec%2C60938ff57621683c2c6776a3&ofpr=%2C&fpo=%2C
Requested by: Host: vnexpress.net
URL: https://vnexpress.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 02:01:26 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST mvo
tag.1rx.io/rmp/211377/0/ 0
0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
389 B 87ms
87ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5ea91eaaeb37e82372c50c06b673eaa05f50109c447c9a29bd77ad4719ae5c2b

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:26 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 177
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 41ms
40ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

fc6219dbf8e4948fe34cbbd129c028d4efc48ff9c19d2ea632bb0b6a38677515

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 04 Jun 2021 02:01:26 GMT
X-Proxy-Origin: 196.240.57.164; 196.240.57.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.42:80
AN-X-Request-Uuid: 94414674-71f5-46b3-8337-49ee7e74d4b9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vnexpress.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 187 B
388 B 90ms
90ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 421a729d5f96ea8cd7a96adf45f2ad53e1854aaf2477b607a72ede9df666e823

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:26 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
387 B 91ms
91ms XHR
application/json 18.185.190.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.190.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 63a8c4b62173e200fe296e271f09e16ee5905046bc384f2dbe61e5f81d951cd5

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Jun 2021 02:01:26 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://vnexpress.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
expires: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 119ms
118ms XHR
text/plain 52.70.33.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=vnexpress.net&rs=vnexpress.net&sid=75707&t=1622772082&cip=196.240.57.164&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5d81ec9228a0610a0033fe67&test=&aafaid=&proto=https&uid=1622772082214-949772263722-028580-007-001147&cha=0.7&cb=32112132115&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d81ec9228a0610a0033fe67
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-33-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vnexpress.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 04 Jun 2021 02:01:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.eclick.vn
URL: https://s.eclick.vn/delivery/eclick.js

Domain: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/dfpbrand.js

Domain: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/prebid.js

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Domain: s.eclick.vn
URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js

Domain: s1.vnecdn.net
URL: https://s1.vnecdn.net/vnexpress/restruct/j/v1732/v3/production/blocks/site/1000000.js

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3FNJF

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: logperf.vnexpress.net
URL: https://logperf.vnexpress.net/perf?lt=0&dclt=0&sr=0&url=vne_reload&iscache=0&device_env=4&domain=vnexpress.net&timeserver=1622772000000&timecookie=&timeclient=1622790056000

Domain: ureka-d.openx.net
URL: https://ureka-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fvnexpress.net%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5f57138a-68f4-4ada-ae6d-a72da171e2df%2C23b3d77b-fa59-4749-aad8-e2b39c9210b2%2C164a3687-c663-4ae5-a5e1-0cafd83b800d%2C1060d482-80b5-4ad7-aa25-d1fb2d5872b4%2C07a84e25-c4d0-4d96-9ad7-a04fe16e30a0%2Cfdb0e115-fb3f-4e71-9311-0f09cd6108dd%2C74574986-7d9b-4594-877b-f5b7952081a4%2C4d9cc1a2-bd3c-4e82-9d77-91942d01e9aa&nocache=1622772058477&aus=1920x270%2C970x250%7C300x250%2C300x600%7C300x250%7C300x250%2C300x600%7C728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250&divIds=%252F27973503%252FOV.Vnexpress%252FDesktop%252FMasthead%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FLarge1%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FLarge2%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FLarge3%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FBreakpage1%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FBreakpage2%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FBreakpage3%252FHome%2C%252F27973503%252FOV.Vnexpress%252FDesktop%252FBreakpage4%252FHome&auid=541183412%2C541183412%2C541183412%2C541183412%2C541183412%2C541183412%2C541183412%2C541183412

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1622772060819-969018789622-028301-005-006512%26biddername%3D200%26key%3D%5BRX_UUID%5D

Domain: tag.targeting.unrulymedia.com
URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622772060&cbb=2772061218

Domain: tag.1rx.io
URL: https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=4.25,2.1

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/eplanning

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=

Domain: tag.targeting.unrulymedia.com
URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622772060&cbb=2772070087

Domain: tag.1rx.io
URL: https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=4.25,2.1

Domain: tag.targeting.unrulymedia.com
URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622772060&cbb=2772078097

Domain: tag.1rx.io
URL: https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=4.25,2.1

Domain: tag.targeting.unrulymedia.com
URL: https://tag.targeting.unrulymedia.com/rmp/212158/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fvnexpress.net%2F&w=400&h=225&time=1622772060&cbb=2772086111

Domain: tag.1rx.io
URL: https://tag.1rx.io/rmp/211377/0/mvo?z=1r&hbv=4.25,2.1

Verdicts & Comments Add Verdict or Comment

378 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://storage.googleapis.com/adasia-ad-network-origin/atm/library/avmLibrary.js(Line 29) Message: -- ATM info -- Performance check: 798.39208984375 ms
console-api	log	URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js(Line 19) Message: /27973503/OV.Vnexpress/Desktop/Richmedia/Home is Empty: false
console-api	log	URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js(Line 19) Message: /27973503/OV.Vnexpress/Desktop/Masthead/Home is Empty: false
console-api	log	URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js(Line 19) Message: /27973503/OV.Vnexpress/Desktop/Large1/Home is Empty: false
console-api	log	URL: https://s.eclick.vn/delivery/dfp/ov_pc_vne_home_home.js(Line 19) Message: /27973503/OV.Vnexpress/Desktop/Large2/Home is Empty: false
console-api	info	URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105242203000 https://vnexpress.net/
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 04:01:10.078 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 04:01:10.079 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6a5f99c19352bb293dfbeba2e59e3d28.safeframe.googlesyndication.com
8655318f2fd3e667e7734813d1df2227.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
acds.prod.vidible.tv
ad.360yield.com
ad.turn.com
ad4m.at
adp.vnecdn.net
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.adpone.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
analytics.google.com
api.ipify.org
aud.pubmatic.com
bcp.crwdcntrl.net
bd.urekamedia.com
be9aa53dc887d61241faa8d2b9b10cec.safeframe.googlesyndication.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bn01.er.bemail.it
c1.adform.net
cdn-ssl.vidible.tv
cdn.ampproject.org
cdn.connectad.io
cdn.fuseplatform.net
cdn.hbplatform.com
ced.sascdn.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cs.admanmedia.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dmp.rtbsrv.com
dmp.theadex.com
dmp.urekamedia.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eu-ads.adpone.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.eclick.vn
go1.aniview.com
green.erne.co
gw.vnexpress.net
hbopenbid.pubmatic.com
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js.cookieless-data.com
la.vnecdn.net
la2.vnecdn.net
loadeu.exelator.com
loadm.exelator.com
logperf.vnexpress.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mc.yandex.com
mc.yandex.ru
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
octopus-stream01-cads.fpt.vn
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
player.aniview.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.moatads.com
rtb-csync.smartadserver.com
rtb.adpone.com
rtb.adxpremium.services
rtb.gamoshi.io
rtb.gumgum.com
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.e-planning.net
s.eclick.vn
s.tribalfusion.com
s0.2mdn.net
s1.vnecdn.net
s1cdn.vnecdn.net
scdn.eclick.vn
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
solution.urekamedia.com
spl.zeotap.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
static.eclick.vn
stats.g.doubleclick.net
storage.googleapis.com
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.aniview.com
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.technoratimedia.com
sync.tidaltv.com
tag.1rx.io
tag.navdmp.com
tag.targeting.unrulymedia.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
trk.vidible.tv
u-ams02.e-planning.net
u.openx.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
ureka-d.openx.net
us-u.openx.net
user-sync.adxpremium.services
usermatch.krxd.net
usi-saas.vnexpress.net
vcdn1-giadinh.vnecdn.net
vcdn1-giaitri.vnecdn.net
vcdn1-kinhdoanh.vnecdn.net
vcdn1-suckhoe.vnecdn.net
vcdn1-thethao.vnecdn.net
vcdn1-vnexpress.vnecdn.net
visitor.fiftyt.com
vnexpress.net
ws.rqtrk.eu
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.moatads.com
logperf.vnexpress.net
s.eclick.vn
s1.vnecdn.net
securepubads.g.doubleclick.net
sync.1rx.io
tag.1rx.io
tag.targeting.unrulymedia.com
ureka-d.openx.net
www.google-analytics.com
www.googletagmanager.com
1.55.119.34
103.132.192.30
104.111.230.142
111.65.248.197
111.65.249.130
111.65.249.131
111.65.249.227
111.65.250.2
111.65.251.2
125.212.217.46
13.248.242.197
13.58.174.102
142.250.181.226
142.250.185.162
150.136.156.92
151.1.205.165
151.101.14.49
159.253.128.188
159.65.197.210
162.55.6.212
168.119.146.39
178.162.133.149
178.250.0.163
178.250.0.165
18.132.239.61
18.156.99.44
18.185.190.161
18.185.190.87
18.198.69.109
180.148.129.21
180.148.132.197
180.148.132.75
180.148.141.233
185.29.133.58
185.33.221.14
185.33.221.90
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.64.190.87
185.86.139.113
185.94.180.124
185.94.180.125
188.42.191.196
198.148.27.139
199.232.137.44
2.16.186.105
2.18.232.130
2.18.233.180
2.18.233.201
2.18.234.21
2.18.235.40
2.19.35.65
2001:678:cb4:bbbb::11
212.82.100.182
213.155.156.168
23.45.99.241
2600:1901:0:14e5::
2600:1901:0:98f7::
2606:4700:10::6816:36ce
2606:4700:10::ac43:db6
2606:4700:20::681a:ad1
2606:4700:20::681a:b19
2606:4700:20::ac43:47f1
2606:4700:3030::ac43:a1fd
2606:4700:3033::ac43:dcda
2606:4700::6810:cf3
2606:4700::6812:c05
2606:4700:e6::ac40:c219
2607:ae80:5::49
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1288:80:800::7001
2a00:1450:4001:800::2001
2a00:1450:4001:800::200e
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:803::2010
2a00:1450:4001:809::2004
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c0a::9c
2a00:1450:400c:c0a::9d
2a02:2638::3
2a02:26f0:6c00:2ab::2c79
2a02:6b8::1:119
2a02:fa8:8806:20::2040
2a05:d018:24:b002:28a5:2c7e:9fea:57ab
2a0b:4d07:101::1
2a0b:4d07:102::1
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.126.56.137
3.210.3.115
34.193.191.157
34.196.50.33
34.249.223.226
34.251.173.19
34.252.41.130
34.98.107.212
34.98.64.218
34.98.67.61
35.170.116.13
35.171.145.49
35.186.253.211
35.201.81.244
35.201.96.126
35.227.248.159
35.241.40.233
37.157.2.236
37.157.6.253
38.27.122.158
38.91.45.7
46.249.52.249
5.178.65.246
5.178.65.253
51.158.28.83
51.222.80.231
51.75.146.159
51.89.9.251
52.222.158.126
52.28.254.214
52.29.183.32
52.29.32.79
52.44.53.247
52.48.131.173
52.49.183.138
52.57.110.162
52.58.102.227
52.70.33.53
52.95.123.41
54.170.210.188
54.194.226.253
54.204.142.198
54.235.175.90
54.239.17.112
62.149.0.72
66.155.71.150
66.155.71.25
67.202.110.23
69.173.144.139
69.173.144.165
72.251.241.204
77.243.60.138
85.114.159.93
88.214.206.142
89.163.159.109
94.23.73.243
02e89ae04433ec2555f27e543f23ba9361c23a8ad89d357ba5f8b40c83c6a231
04829f1cbe8df0d9cbd1245bcb3e02392318944f2dda5c129ebb409c77b21f89
051cbf660b6f1d0485221626e6c4203e04fb38de66b318a82d98b8c694fecf31
05cc1aa08b9e7e07d3a98acd57698be692fc80cf208fae141b4f337675e12c8b
060e8ad9dd20a0f83f8de271f91b3086a052a82a4cfd95110c1a77d6b3e52cfe
074cb4b5ca16c176b21133aada4cb744e306f30d2f521bcfe73cbd1a87deea3b
0789f4caa22fe3c39c102d0cba22b16523310c77f14f2e9de365f4f61f588274
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0933d1110d994d65b6d6190f9f9db8752fd254008e0bfa453aea02f035811af4
0a108a3c73c125005ea667414f2442bf43719b372c30ca6ad2dd1df20030f2a6
0a162d588c639f6f399c5d776c59dbe5fe170ad8fcc8ab15a92fbf02f4c5634b
0a6207a54f6f5e3bf5145ff9442c48e3a8f76d5c8fb6132e349a8eefbabd2529
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c84cf92322d1cced22a12ae95bb96fb0758c950f9fde7476934ec5915787005
119ec1d9a42611e9ff521ffd50a5a8b85df6006c9c19ce856ebcef1ea373f506
11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3
12993a139a46e15abb56308ef8656d80812fb748dfa88116ee6e20ad3494ae98
12f5465e08ecbb8770021ca9c0a37f9ee634fde502504259ec9dba4e813be768
12f6f96d79bcdc3c4926f3acab7fc6ac0baa6d30c58310c08d8556a055bb2615
13791f74085348e02137240ad8a3fa0f5b85c92c2b04867b064f2e8bda4733a0
1406d6721214263c0df42d8a2be9ec16531dacc36403dc3054997ea856dabab7
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
1601c1cfc82d718d46138f6a4205cae60449697b94e6abf7586735ec2e05c3d0
16b203e6be5e0bb9ddc011e2f93bdf899f96ac24fa4bb0d20d3891e226bd691f
179eb59a05741f19c91f25c503fbb3d6927c82424a63afce8e04d49422f14690
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
1a9c89cce1f5995855be9200eb022128b2ba8790712317c5a801fd5c5971da24
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1e53b8865f7f1e34e44d14f6ff8789dd7f421e7d3c69e48dab33188ff4d99f4e
1f66620f7dae42af4a6a3d1217e1e15a05090cac7bba5828b69e6d3321e5f924
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
2158f6295fd6de1f85e8230b955e5707d717af210d28722ba3f194e9a07f5b12
225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2
229f44de90bd40b9a749b0843eccf5d3a941ae77f80edfd28ca06ce24faef165
22b0c06ca3204a0bf76269d925cfce0a352fbe431f437045cbb42f53fdd76aab
2380f180199a4e2e4f231e34f97ac82949a84042e792ef5532be2956b99f563d
23c1f17c29f9c7ae5dc0ff54fb68e92d3e71ea82923a325399ad462f377f2a82
245673ed9818c97a01129bfbdab0ffe664ce21a3fa127a7646d0e59c40c609a8
24b808dbf18b0f2ee58b004496a81cb71047c99c48277398c0f3df3eb84bbb5c
25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c
27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c
28c34d137ec2cc383f7177e97e1d0d1855ec48e45536b9ae395b6ac1f26ee3f5
2a4a7cc5675ee83148b3825a6ad567c398e9728bd1f41bae7446ce786ed61d01
2a7ca6113d143571cedcd8beae3d86613d34f6b545d9b85627a968f0bb756bbd
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aa8d95323b55e841fd9dcb2b8989f31389601780cece276acb938d8fe7ff92e
2b762dbf4315611b6453264432a200d0b26b909011313abfa1e230efb5491523
2bcfd666de44d15622d077fdb8bafb5bc9d44bf361734774517a0b645845b7d2
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7ae6289dfbf2885e9c9c1cbb52561c6fbb7952367ebb5d0b09da49abdd650f
2e9abe448f1a4ff0e018253e47fb78ad2a3304c2bfb4011d55d2ecdb40a1eba2
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
30171987564e142125ac9af58ed43a651a77d07fc90d47f462105811b4863792
3065f4f1fcada7d837c7def14c85a446db68b981c0637601699b59f3a07e56f6
323674f1d4499c3b6949000ea9bb84f23d82a7ee8023315da105fa966c2b38f4
357fbb5d95403cffcc519104b9c32af74707a5874a282c9be8d7825a2666da92
3632cc8c8b9e1ee351b99cda2c28fd1b81ae8c81985d77ed95edc31bef8963cf
3648f9986a816d3066974a0f36793d4c50f0ae150a9daf640ae9a154603d6553
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36b11ca16a70d6612d14bd5b971709312fa22a096f7b0cce875353084f84d526
38bee29d3b11bfdcfbd9e82a3c07af13d601671065c1206788f0bf8b76f63ec0
390d8a86421da62be624e58d3f3267953fd7652c89cbbdbb37b437c286b25e20
3b90f60459b17f2ddf447768e249c21c662e70bde6148deff13643982f93f9a6
3bccc3b4ae50c42fb624ad6deee20bf32edff96d7d67c4ae539027a9c343a089
3bd2e20de74b3a8d7e3102b88803d9c7d12929bd9a75ebe7536b7116b721f778
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f5e7fd2bfca920e7b07f4d5e62d28dc83d793c49bfff13bc0bbf17ce2873018
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
421a729d5f96ea8cd7a96adf45f2ad53e1854aaf2477b607a72ede9df666e823
434762a76dfd6af3bdeeb1f2de8dad923633467deb93e7c15ac71cd87e5b99df
43a6e9ce8a31de206a899ea59db703a5234809e45529daee5460388a71910fcf
448bbb82769ac61ff51ab6584fce6baf1cd44e60927c21a35106b2fb8c48475b
4504d281a699574b9ea6c170c9c56f5b3e200037fe6b326c669da17560c38d04
45b83f6b6a8fc5a941655b074f10b26bc4dfca4035c372326e1dba7307c82c43
464afcd8128470af2c00e32101a2df60a792586747321dd5afa9a21816a385ba
472c14b69dab114052924354027353019f4c1e5372c1c28be768be17b227192e
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
475fd1a78944ac73e9ece5602bb458b085ccc5455fe0d5113a055dfd848085cc
47f377c3555535581c28d43c044f2b5395b53273142b865b7f1e1fc0dc4e17c9
489a4bc87a34468a78ae982263ae283b8c38ba1c69701936652e89332cab50f0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6
4b9567f947e6f537c8c6858b78d5f31598d63aeb8e9013709494ce3a22fca803
4c97bb1b8d9a289797ea829fb051f61eec75c51791a470920ef8cc40f0c6246b
4cd5b2f45611b3d5d531af9937c7bec0a64c9f1f4f84e54638807e1376a984e8
4d7bc2e5c2959435469986ff3eb98d158edf428ed8eeccb0e8ffe31d3336c9ac
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4ff9ae43607c6d9dea5f78955fdb7371eb44017ea614f06c3e79ae2dd0727d94
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
50f279761c523938ab4343556f143bb1ac4bd3874aa2c4e95b6d3b4ae5f5fab6
514d9a42497314d8f7ce718a13459f57d3a65869023fc978201d53b0ccd1ea2e
52c93e3062d05ac961d93f0dcb33e826673778109ee29bb1c3ec82e3ccddcde3
5303ddad0cd0c909de5b2781a7a62d221ddb3db9aaac191eaefa3aa2c05010e2
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5429c9d50e6222c5a8082411c59146871a585b8eadc84a9d7843ec0953274ef3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f23a327ccea764cf2374d3caf851abd5be1b79b4b82c86591d7b45f5fdbe50
55b51af344219b7d1b0813b886d1eb2cbcd1caae2abb1d735050fe2e35ae7313
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
57072bc9b9f3f9c3a450e9701b0b93b0673050f0b5f39d74d6021dd54504a29b
57b34107b8f7999e55b91489c92d84cb8b966dc48efaf173ea6e3333b39ef1c9
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5a7360ce5db7ebcecb6a673d3a64c46fd55d474486ce305119c9a126bfb26ed7
5beed63a77f6566c47da15e7dcc102fb079050189d85303fecccfeddc7bc6ec1
5c35528d112989ddac3e41810014e5329aa55a517f17b7e546080db6465a75e2
5e5af65b190d021ff972dc334e98ee005eb765895f9a27f564f0fad78a239e91
5ea91eaaeb37e82372c50c06b673eaa05f50109c447c9a29bd77ad4719ae5c2b
63a8c4b62173e200fe296e271f09e16ee5905046bc384f2dbe61e5f81d951cd5
6419c8923bcd1a5e445edcbc8b321f47851f1df786aae1b8a337d75d47c79702
652bb335df1e33ff4fd0b6074178418269034187f2a32af8b0420d1e116e53cd
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68d2cc4486c92a0541f96c95d990873464c25dfc943cc9eb573b60b32044f673
693fbd0ab5fc53069137459b79a060d087dc2a1ce0c5e13277297799a38ce621
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba54b0d518a916eb45f571557bc19a2ec243a2f33fa44ea9976b9ee2304266b
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6df3484a221ebccda6a7ad021b3cfe9f61f35c1309ac6fe9d50ba454a2d71b5d
6e9ba83b2bd5084c4abd482e0f02a87263a5eda40fd28039a9fa5184ca9cf06e
6f95aa4d0f7e2770465337f912f435d712d620a0b4458d2c0afb3f1644ca72ba
713aa0cabaa57ebe333b3069a6975bd48987b8f3d1fe7da9f5fd52b5b626b017
7308a2c8fc393c0af6acae7a1069ddb3e8a80439658d2eb130da76aaae010291
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73e238598643008c98bdb27247a2901458663b72c751a8c79487eddf812c9247
747163455190e84b87c56b3d381fa90c287880248c78ca43c8fb6596c30ee341
7569a8524b46bc6108ff1dd540acd43120db3e6623d1ee15e182748b2057d876
757319d72d19e7b6cb63668eae4b99a71034b21823786c4efce125f8de370b5d
765afd4fecb7007452c0ca77ea09b9c06da6b5ca5717025d7fd3ade66affb18d
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77d5da62110972a0a576647ab75feabb17ab062dba8e047691fef1e3c80ebc3a
790f85ca7548f0fe9199730f8d8c9c1b4ffa239d4e9440937ffd69ac2f5788bc
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
79f2211bafd377f5e172d7cd1cdacd76c5dfb79317914ba9dc3467259ada26c8
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7afd6543fabc6f6921b857d6fa6c4c4a864a20d91ba1dbb964034c228a89a419
7ca63979e3ac62dfe4aad1448c693793fc58a88b2cde0887985a4c6a59cbe9ec
7ca9f4cee2e6b7806786a2757541b2ede76d9ba0088ffe96530fc108adff1a3f
7df8e16e05f158deda0c99f04a990865d04ad82ac582fb851754f4f30d8783a5
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
8078b0dc202af773af4a2a21f1f55892a4ce68d4286427a17640c9350ed382b2
81309cd747361ca3e364f13173e7f29b533febe65d486ec2fb630e9e2377c073
81fe9a946760a9f9d2eca616813e56efd907416d3d45971a28794b905adf84ea
82164fb5aefd701319705aaf466529fb2ac1a91e6219bced5c1d02b594efba75
8327b8e8cf877b87688ffc35ac6117b1632c0916e128ee022a8a97a8f53017b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8374e6b757753b8997151eaba0f58b2759b36d9a75ce6b5fdf522465a8f32284
83943b7860887d42283f38d38ba313f207ec1c32b3fd45fd89d08507f17c50bc
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965
86e5bdbcdf90f8736528e3838379f3462afac9e7e2e1ff8cb3f531f95e53e60c
877ade4f381c197a1656de06170dd1c866dcebadae64e4e1c7cc9cfd62590dcb
88ba1ec1c35d45569dd9802acf2c5b3a59423df4e8a04c705fd2118e986f55bd
88dbe7e935f9e48702c4102247bf35c0e12c5e4dc91539c0a4141cb930c6d708
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ad7653fa98ecddfbf684d622756071186255f2086db07b9eb0c5f7069163703
8c52a6da6158f68f15b9999674f9eafab30415be6bd61cda75c3f1f14b61d200
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f1310c655588faf022662db268ce663d4e320266162b2f8bc84a687a91232f1
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046
92482f69cf8b488f4e0364ce1ead48d89a0bac67ae2d147e7028fd14afb42aae
9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4
9742ad08db82dedf33acd2fe9bea9390d6197e672ccc2a6d3f40d87ed964824c
98299e7fdaea04de37a4a123fd9cef3055d82d786c7d1b31aac0f5d695c81143
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee
98a986209246c743d834a74adfead2d99ac784c668fc698baf7a435f45a9bf00
99329996a19d8a59a41e8f7478ef9d81801a9a860a5f51c4a3bdc34d87740d88
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9fa3c49e9cc8f927d41f5a49bddcb38106d3a8f1d41d87954c2279bfd380c8
9bf5f019522d7bade2a4451173bd58b8428994909ce229158ad9a12d6395d49c
9de4196056e2ffb92e9e6eb78502d3ed77f71a1e8045434a907251ff0b998357
9e9ed2cc2926ccebd564aa7c858d9ec3caae8dfab26e9252bbd139140e015238
9f3764506bba3aa1730a202fe7194468bab3dd7c15dbd5ea1ad09e0f7e146cf0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a2bf413a5adb51c52006e6a575a731bf180710de5c378d2e4895465bf81280a6
a3331f6a915bc1bf565e60edea8ae77c9eeaefa4cfe4db27703bc0286491eb8a
a38e017c53d62f8dadcdc3840e9f81b647845466c3f8326e3bd99fdae03c99b1
a3f65edb7684964432e320fcbaaacc65e023e109fe0aa77f72cad6ff5fe385b9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58f914bec3355894155534218419c28daf3f972cf3a41449bf8318b91584d06
a5dc9a93a935c64dde549286b5f51bcd0f0605c5da6595f1dd2302536072d38a
a6e0cd2058335597e3f68ecb975494b712b66b6b224bc1e180012dcf77b82837
a6fd348793c16aaf8ad37966e528325582aad94ffbe93729bc6ab51fe9c639f5
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a987d4a7fad370da78c13d91823f1f293bc24598593e877f988777718c4c4376
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac528d24c6c9f20c4c653a289c3225e472aca25d952913ddd8c0464c4c1ce0e8
aca4f78f6565cf5c888ff9101625789895680f616dd9c2daf62f8396c54a5152
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad0f4ec2a9418f1f83f58b69c8340d4d0f5f887b5f4c84a526db3c0eb2f67f3e
ad29f2f1dd0f3e65be64c8c50673b20671760d7251811b8362da31193aba7625
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b
ae9e5f6c587f2beab7dbcb43ea5fb9a3d6f5c406f5aeafe46a3fdd934307a4ad
aec2ee165a34c110dca711c4178d4d8eb93196ab987ea047c7b76f9cd10de10e
af6fcda191c31f38127a98387cefcc89461024bd2cc47b55a25596ebe01f9830
b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b210746f3af2466e7dfa40e9f0472ba8d6779131adf856792002d857cea0b7
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b4c2e1a3ef272d799a679373bff377eaa6c113c579edbd7429f27f7c60de02a8
b5fce10e0443380c6013d29e801d27663abae16fc3bd50afde9c77853456169e
b6703d2f4290eb2658f3ca9376a3aeaab873e65f418f95ff57815aaef3d57528
b6eebda53c72a8cda49e643744f2dfc40dbc44b0f32cb7e7fc14ab5ae0ab6470
b8de063d7075aa9a9a68120f3eb37178e85777138d4154903a2d4b187b4a893d
ba91f081d4c70ee96086d00a05bf4e9425135d5d1a634bc70c5c46ce00ae3b13
babc395940a3a3b20b79433bf5d321cc7a97b12753689f5f5f2222d529d27c29
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbdb14dc36cb810d804aeffe104de6a1652005dea1235602aa1517f22a9857aa
bbfab80d791a853415a874777184fa442df7d5f61e4da3171bfb5278e16cc6bf
bc0ea5d322c94735f125d9179d90fa61b1d5811c70cd6920a1294806bb65ca9c
bc34a13df37d3bce41bce90a366e4a53c88dc431535b0a3b1d0b89cf8f6f2504
bc9d5e09558279565ec0682c25b6e19e7ba308333de0d5f4b50ca21e8dc6ce83
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bdd709f7fb02fa27877750e6ce270df56d154bd188541e7f2bd5bf149c7fb0f2
bf316506fb90f67fece74479180127637aceca949be0f49251686e8092df7ac2
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
bfd4123ab2a2a83c90fd333cd848570b353105c9764cfdecb729db92849fe21b
c09e31e9d07beac1beb12ac3157fbde930dc29587309b27b49a0f9645e07e610
c17e41f084aee62866ca316b2d30e9f0c25d375fb5068eb08e7ca89bf1d82c87
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ed4ecefc330034306015d331ef8c362cad5198df653f7e323966e1b329043
c45fafce6dae94d7e3f34a89ba7bc05be83abd4e000e5b08688cbcb583383431
c4d10214d66669b2cc88ea8affa688376b10bce29d513a0401f4e44b3b187710
c5ac127b876503dce9b17a1e623175e1d3eb6da1f291171435b4675fe8b33033
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c74b979842d9bb6049f755063f0e2215ba29dadf82e477165ee0fc81495368e8
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cbdcdb280e6b8e7fbf5221ee29740aa7014e17e2958cb0e6ca1b362aaecbed38
cce58d4c04c5bc1c3c6cf3687222a843bc8f65c7425d10cb3ade72a7912e49c8
cd1c265048683ab1f28d4d7a062168b2c7c3859d3dee56fbecf3b35502bd47de
cd456e897b78da5e11de8896786c7224774c71b21f46d04bc65ee6f32b040958
cd7f7ccc5bd9430069c8ab0ee21279ef536cd7a6f25f266fec86655468393280
cf1248f78e9ad948b18a84ed85d2f8299b63b5257e7bb3f76b97bd9baa6becad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d11f0c702a9f0b8f681764eca8e98b41d27034eaaf10f6d12de481ebfc5cd37c
d196fe29b56799c03f2ac61ceea39b1d819e241826bf6007eb6a988cfae87e6c
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d370bbe41b6e836475161c7f224bfb16a6c4db8c319c9dd989b382866eec28ac
d395ee2e916086cf5f43cc4b48c1c56e20d528d829acdc936299054033dcd118
d4b62b3ba022e4982d1669e1c929e9c0edb1d07b38626116a85930eefff59342
d4de22a5d521718837004cdc0d570b54356517dc851c85f226a42194627c829c
d54b99754769e4c871583c276d4fae52d6fe493fa188ac09027a9deec6c46c7c
d5d87e149d1866d49426522b649401871330e868810ff315d0b25c9943102687
d6e3b5703ddd016c902373aed3e30d9532fc56bb712addc7365664d73e02d584
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7a18af60149d105e1df041653f4306ba534e6d39ec10c1886ee31644e9306a6
d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f
da08e3c9ffa013580c65b3b8da2f39f3f866a96408b3df35e7d343d149899847
daae586e476019614a7bf9686809ed591b8ade87c2d696f38a35c6f6a322b6e8
dab395a64d1a6cba64d52ecd6524989fe041021e28556459c01bdad4123ce60f
defa7ae751a2f1290038f323467789b9a1e945922b7a0d90132ee0ecdf3898af
e10faa505799b7d62e8257fb54d8ed8beeb9faf7e80ede0c0ff88f3f326c9d2b
e31abfba9498eb99c83e4d738058db4f316f1a3ef6d33e8dbb2cd5cf077096cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c2942ec5aff9cfe2554a28ed1d06c7848cdcb5332a1d0b1c1bbf1172ec6c83
e5235b9bab8f3e03517428422f94e0cfc8f356ce0089cfc60a0a7032af1825c2
e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e8c2704c1eb432ddd45ecf302b32b2a751d52cd11ca09e929146d7b5b4b20ed9
eaf07343ef9dcfdee52dfb633e8fb3deac8acbbbc662bc224fe33700e1e5029e
ed0fb43224d6ef5c14c630e025060cac2d688a489a97315357dec19412958ad4
ed4ef2139cd317225ee317868a334ddb6218915eeb808fa9d8017ab6e9dbabdc
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eebaba3fcdcc127b8e84a3d2fdc534620cc8b056f8824726b010bf12491cd7b3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09769d783a6f6cd0be02b874c4b7fedfbafbc50b7bfc3438725c459cb127961
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f0f5c51e90ebb613731aac48a4d44a624aa2f0c9cc140b08c2da6a774bfecaa1
f1ec354b805ad520082c3b2f746892e5d2fbae1d98ce92d06cea57698a1b7dca
f289b1642c507482b511e6d15bff320b297bd7b5170d7ff4b504b6dda59147e1
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f3af0ba0d7d48e5fbc68a8f8d28b1c0752694e36d4b01a882411acfe352be816
f4a1f2dfe79b751c36aca5e01379145e3842614d4363b6384267f0b514abd133
f81f9a0f42f6075c6441391c0f4836a6bd0338e864207586b5cb0ddb76df461f
f862ae973799aed4a7332794809feb0046b5bb1847f9423fcfdf37bad77a7ff2
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
fa3daf367a655a3b1c520dc6248a72aa43f06eba40a533ae53abd3127207b99a
fafaba8af4114341c56d4cc72376c6d52d6d52df553f0ec3df7a700fca8bcb24
fb26ed6dfce4f0c58e608c259f43edec9608e5e0672d2e64259acf06f49e6b97
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5
fc4bd29fa52db20b2dbb9d2675d00d98d5d3965fb5dcc333dda4d23b3c8c07ed
fc6219dbf8e4948fe34cbbd129c028d4efc48ff9c19d2ea632bb0b6a38677515
fca14968ca5382c3e433ed5c47991c16d1a29b84f702559539b40d263b1fffb2
fd3b05c9c943a441df8bda9385bed8121c061feab23d9a0bbfeb57f1a85040b1
fd4df3fcc3bdd407bcb2cfbe056d56494ca5fd8867c3cd6953c53868c14a345f
fdde09ec902ff630c0ee1f01f78665b4da34a828bf30c70e6dc85cd23cb20fc1
fdef617a43d55e729cf502763d6f83b4db3e916ef26999422227c2564a30c9e6

vnexpress.net Open in urlscan Pro 111.65.250.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

961 Requests

98 %HTTPS

32 %IPv6

108 Domains

197 Subdomains

131 IPs

18 Countries

17262 kBTransfer

48975 kBSize

0 Cookies

46 Outgoing links

Page URL History

Redirected requests

961 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vnexpress.net Open in urlscan Pro
111.65.250.2 Public Scan

Screenshot
Live screenshot

Full Image

961
Requests

98 %
HTTPS

32 %
IPv6

108
Domains

197
Subdomains

131
IPs

18
Countries

17262 kB
Transfer

48975 kB
Size

0
Cookies

961 HTTP transactions
17 data transactions