urlscan.io logo urlscan.io
SecurityTrails logo

www.babla.vn Open in urlscan Pro
52.210.72.163  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.babla.vn/
Effective URL: https://www.babla.vn/
Submission: On August 31 via api from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 65 IPs in 10 countries across 47 domains to perform 154 HTTP transactions. The main IP is 52.210.72.163, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.babla.vn.
TLS certificate: Issued by SSL.com RSA SSL subCA on October 1st 2020. Valid for: a year.
This is the only time www.babla.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 52.210.72.163 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
3 142.250.185.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 52.218.92.67 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.10 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.93.105 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
1 14 172.67.71.185 13335 (CLOUDFLAR...)
1 92.122.26.214 16625 (AKAMAI-AS)
2 8 185.33.221.52 29990 (ASN-APPNEX)
4 18.156.195.47 16509 (AMAZON-02)
1 18.195.231.241 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
7 185.86.137.32 201081 (SMARTADSE...)
1 104.111.218.85 16625 (AKAMAI-AS)
1 7 34.98.64.218 15169 (GOOGLE)
4 69.173.144.141 26667 (RUBICONPR...)
1 178.250.2.131 44788 (ASN-CRITE...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.6 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 130.211.23.194 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 5 13.248.242.197 16509 (AMAZON-02)
1 151.101.13.108 54113 (FASTLY)
3 2.18.233.180 16625 (AKAMAI-AS)
2 7 76.223.111.18 16509 (AMAZON-02)
2 104.109.78.125 16625 (AKAMAI-AS)
4 11 2.18.234.21 16625 (AKAMAI-AS)
1 185.64.189.115 62713 (AS-PUBMATIC)
4 5 37.157.3.30 198622 (ADFORM)
2 2 213.155.156.165 1299 (TELIANET ...)
5 185.64.190.80 62713 (AS-PUBMATIC)
11 13 172.217.23.98 15169 (GOOGLE)
3 3 185.29.132.245 30419 (MEDIAMATH...)
1 185.64.189.114 62713 (AS-PUBMATIC)
2 2 51.222.80.231 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 159.253.128.188 36351 (SOFTLAYER)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
2 4 209.54.176.128 16509 (AMAZON-02)
1 1 70.42.32.127 13789 (INTERNAP-...)
2 2 185.86.138.143 201081 (SMARTADSE...)
2 2 3.66.71.220 16509 (AMAZON-02)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 1 50.16.141.46 14618 (AMAZON-AES)
1 1 3.209.222.165 14618 (AMAZON-AES)
2 2 185.94.180.126 35220 (SPOTX-AMS)
1 1 37.252.172.250 29990 (ASN-APPNEX)
1 185.255.84.153 200271 (IGUANE-)
1 1 185.183.112.155 60350 (VP)
1 37.252.161.190 29990 (ASN-APPNEX)
154 65
5    52.210.72.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-72-163.eu-west-1.compute.amazonaws.com
www.babla.vn
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
www.youtube.com
12    2606:4700:20::681a:70f (United States)

ASN13335 (CLOUDFLARENET, US)
static.bab.la
3    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    52.218.92.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
1    2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
7    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.224.93.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-105.zrh50.r.cloudfront.net
script.hotjar.com
1    2606:4700:10::ac43:1997 (United States)

ASN13335 (CLOUDFLARENET, US)
boot.pbstck.com
1    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
14    172.67.71.185 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
1    92.122.26.214 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-26-214.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
8    185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
4    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    18.195.231.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-231-241.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com
ad.yieldlab.net
7    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
idm-d.openx.net
eu-u.openx.net
us-u.openx.net
4    69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    18.66.97.6 (United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:803::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:10::6816:15d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pbstck.com
intake.pbstck.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
478c6b20ac91837adad39a855377bafa.safeframe.googlesyndication.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
11    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.165 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
5    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
13    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
cm.g.doubleclick.net
3    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh
pixel.onaudience.com
2    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
4    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    185.86.138.143 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    3.66.71.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-71-220.eu-central-1.compute.amazonaws.com
ice.360yield.com
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    50.16.141.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-141-46.compute-1.amazonaws.com
nep.advangelists.com
1    3.209.222.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-222-165.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    185.255.84.153 (Paris, France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    37.252.161.190 (Shepherds Bush, United Kingdom)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams1.adnexus.net
prebid.adnxs.com
Apex Domain
Subdomains		 Transfer
20 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
cm.g.doubleclick.net
143 KB
14 smilewanted.com
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
21 KB
12 bab.la
static.bab.la
232 KB
11 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
29 KB
11 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
prebid.adnxs.com
22 KB
10 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
10 KB
9 smartadserver.com
prg.smartadserver.com
sync.smartadserver.com
3 KB
9 youtube.com
www.youtube.com
670 KB
8 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
17 KB
8 3lift.com
tlx.3lift.com
eb2.3lift.com
3 KB
8 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
8 KB
7 openx.net
idm-d.openx.net
eu-u.openx.net
us-u.openx.net
1 KB
6 googlesyndication.com
478c6b20ac91837adad39a855377bafa.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
36 KB
5 adform.net
c1.adform.net
2 KB
5 adsrvr.org
match.adsrvr.org
2 KB
5 yahoo.com
c2shb.ssp.yahoo.com
pr-bh.ybp.yahoo.com
20 KB
5 babla.vn
www.babla.vn
127 KB
4 amazon-adsystem.com
s.amazon-adsystem.com
2 KB
4 amazonaws.com
s3-eu-west-1.amazonaws.com
61 KB
3 owneriq.net
px.owneriq.net
1 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 google.com
www.google.com
adservice.google.com
14 KB
3 pbstck.com
boot.pbstck.com
cdn.pbstck.com
intake.pbstck.com
52 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
62 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 360yield.com
ice.360yield.com
643 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
664 B
2 onaudience.com
pixel.onaudience.com
810 B
2 de17a.com
d5p.de17a.com
637 B
2 indexww.com
js-sec.indexww.com
2 KB
2 criteo.net
static.criteo.net
53 KB
2 btloader.com
btloader.com
api.btloader.com
5 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
17 KB
2 google-analytics.com
www.google-analytics.com
19 KB
1 adotmob.com
sync.adotmob.com
652 B
1 omnitagjs.com
visitor.omnitagjs.com
235 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
378 B
1 advangelists.com
nep.advangelists.com
232 B
1 zemanta.com
b1sync.zemanta.com
301 B
1 bing.com
c.bing.com
320 B
1 quantserve.com
pixel.quantserve.com
497 B
1 simpli.fi
um.simpli.fi
609 B
1 google.de
adservice.google.de
165 B
1 ytimg.com
i.ytimg.com
43 KB
1 ggpht.com
yt3.ggpht.com
3 KB
1 yieldlab.net
ad.yieldlab.net
760 B
1 googleapis.com
ajax.googleapis.com
30 KB
154 47
Domain Requested by
13 cm.g.doubleclick.net 11 redirects eu-u.openx.net
eb2.3lift.com
12 static.bab.la www.babla.vn
static.bab.la
9 csync.smilewanted.com 1 redirects static.bab.la
csync.smilewanted.com
9 www.youtube.com www.babla.vn
www.youtube.com
8 ib.adnxs.com 2 redirects static.bab.la
acdn.adnxs.com
eb2.3lift.com
ssum-sec.casalemedia.com
7 eb2.3lift.com 2 redirects static.bab.la
eb2.3lift.com
7 prg.smartadserver.com static.bab.la
5 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 match.adsrvr.org 1 redirects static.bab.la
eu-u.openx.net
eb2.3lift.com
ssum-sec.casalemedia.com
5 www.babla.vn 1 redirects www.babla.vn
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
ssum-sec.casalemedia.com
4 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 eu-u.openx.net 1 redirects static.bab.la
eu-u.openx.net
4 fastlane.rubiconproject.com static.bab.la
4 c2shb.ssp.yahoo.com static.bab.la
4 prebid.smilewanted.com static.bab.la
4 gum.criteo.com 2 redirects static.criteo.net
4 s3-eu-west-1.amazonaws.com www.babla.vn
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 sync.mathtag.com 3 redirects
3 image2.pubmatic.com ads.pubmatic.com
3 ads.pubmatic.com static.bab.la
ads.pubmatic.com
csync.smilewanted.com
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 mug.criteo.com www.babla.vn
3 securepubads.g.doubleclick.net www.babla.vn
securepubads.g.doubleclick.net
2 sync.search.spotxchange.com 2 redirects
2 ice.360yield.com 2 redirects
2 sync.smartadserver.com 2 redirects
2 us-u.openx.net eu-u.openx.net
2 simage2.pubmatic.com ads.pubmatic.com
2 pixel.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 js-sec.indexww.com static.bab.la
ssum-sec.casalemedia.com
2 eus.rubiconproject.com static.bab.la
eus.rubiconproject.com
2 static.criteo.net static.bab.la
static.criteo.net
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 www.google.com www.youtube.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.google-analytics.com www.babla.vn
1 prebid.adnxs.com csync.smilewanted.com
1 sync.adotmob.com 1 redirects
1 visitor.omnitagjs.com csync.smilewanted.com
1 secure.adnxs.com 1 redirects
1 pixel.rubiconproject.com csync.smilewanted.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 nep.advangelists.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 c.bing.com eb2.3lift.com
1 static.smilewanted.com csync.smilewanted.com
1 token.rubiconproject.com eus.rubiconproject.com
1 pixel.quantserve.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 acdn.adnxs.com static.bab.la
1 intake.pbstck.com www.babla.vn
1 www.gstatic.com www.youtube.com
1 478c6b20ac91837adad39a855377bafa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 cdn.pbstck.com boot.pbstck.com
1 api.btloader.com www.babla.vn
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 vars.hotjar.com static.hotjar.com
1 static.doubleclick.net www.youtube.com
1 bidder.criteo.com static.bab.la
1 idm-d.openx.net static.bab.la
1 ad.yieldlab.net static.bab.la
1 hbopenbid.pubmatic.com static.bab.la
1 tlx.3lift.com static.bab.la
1 htlb.casalemedia.com static.bab.la
1 btloader.com static.bab.la
1 boot.pbstck.com static.bab.la
1 script.hotjar.com static.hotjar.com
1 fonts.gstatic.com www.youtube.com
1 static.hotjar.com www.babla.vn
1 stats.g.doubleclick.net www.google-analytics.com
1 ajax.googleapis.com www.babla.vn
154 83
Subject Issuer Validity Valid
bab.la
SSL.com RSA SSL subCA		 2020-10-01 -
2021-10-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-17 -
2022-06-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.s3-eu-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
pbstck.com
Cloudflare Inc ECC CA-3		 2021-08-04 -
2022-08-03		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-30 -
2022-02-23		 6 months crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA		 2021-03-09 -
2022-03-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2021-08-28 -
2021-11-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2020-03-29 -
2022-03-29		 2 years crt.sh

This page contains 28 frames:

Primary Page: https://www.babla.vn/
Frame ID: 4161FBE39B42AA95F4BEFBB3A67FD9CE
Requests: 69 HTTP requests in this frame

Frame: https://www.youtube.com/embed/n2m31w97A4Y
Frame ID: 354049CD90DAAE20B14C0E0F9F5134F2
Requests: 17 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 897045FA01381634829917DDE661EA6D
Requests: 1 HTTP requests in this frame

Frame: https://478c6b20ac91837adad39a855377bafa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 429A907A2896CFCDD7A4C1954E0A93DD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C93FA2C00DFA8748E5118899EBE118C4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5B95914EF48AE565E33346B34774A23C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.babla.vn
Frame ID: 05281615B9E8A5258C4C6AD4F57E80D4
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4316D3163060253D130BE5D4E799E930
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Frame ID: 44CEAA808522FCDE13130AD745FA6DF0
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 8176314963D645FDB85CDED1B3A67F4C
Requests: 11 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 24867C57BDE80635E2BD9B47D97D0BBE
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: ED7ED3E372DC76C429E19A3225B4FA4A
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e82f0d2f-844d-48b4-b914-3200df7a271e&gdpr=1
Frame ID: B157AE114E883F4A6F2D6E0421180201
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BB3DEAD9FB1E8CA8AB63CDCFA9503E73
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1F5CF7BF-A386-4D8F-B856-565BC78BCFB1
Frame ID: 796ACDE2CDB47E72E8FA148BEEC1B694
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4479911125874688779
Frame ID: 2E1C0F4892E06A6317ED5557D5E26D0E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.babla.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: F9AE727B4A6D56E08B3F057AA2A6ABC2
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 40A6ADD414B2AEB7B90AD15E55FC9DC6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/6206213745645891746
Frame ID: 25863AEB6A383194B08C4CF1B7962922
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/c01ed9f7-1747-4670-bdce-cba9becc908a&partner_id=1010
Frame ID: 08AF2B11C3E96BF3555EA956B4A186F5
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted
Frame ID: A8FF970DB16279829601EA8A56ED10D5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: FC71729E098130E447DA1CD3BB5BFC46
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YS4SQ97svH1SormronQjlgAA%261219
Frame ID: 2C86720654390C78E1F2BCFF2F375E6F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/81cbf587-0a4e-11ec-9d25-175bad840306
Frame ID: 61AAF74F20ADF2BF5639E5B60F0EA2B2
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/1892964107568595119
Frame ID: 847D148BC5928EE96ECD100BA0837165
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/bsync?uid=abf65ec65b3e06310c52d0850494081a&name=SMILE_WANTED&url=%20https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadyoulike%2F%5BBUYER_USERID%5D
Frame ID: 3072FEDA42F8BA7C2C693772598D36F6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adotmob/06a72204021b76eeed975cc0
Frame ID: FB9C6BDFCB948D728DD9F33811C97FCF
Requests: 1 HTTP requests in this frame

Frame: https://prebid.adnxs.com/pbs/v1/setuid?bidder=smilewanted&gdpr=1&gdpr_consent=&f=i&uid=cbd646fc74941c3911b4285814c464fe
Frame ID: BF95EE14BB5F5A08A10E4E04B9FAA094
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Từ điển online của bab.la - cộng đồng yêu ngôn ngữ

Page URL History Show full URLs

  1. http://www.babla.vn/ HTTP 301
    https://www.babla.vn/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

154
Requests

100 %
HTTPS

40 %
IPv6

47
Domains

83
Subdomains

65
IPs

10
Countries

1699 kB
Transfer

5014 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.babla.vn/ HTTP 301
    https://www.babla.vn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.babla.vn%2F&domain=www.babla.vn&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=kn6wn3xMOVV0SWxsN0lxV3JnSG9GQ2VUNUUxNy9hRE8zc0V0ZjJjTkQwSEF6ai81dFpHZXlaMktEdjRRaGQwSkM3UFNOU2NHemJSUFFjNHBWYVFFQy94SCtHNGdtVmdFazE5RklsZTg2RzhwclNHODRJdEYwem9sOGQwZmptZ0cxZTRPTVB6YjYrenVZbGxQOStIT2MzczZLczY0ZmhpOVE2dDIyNmZVSW9NSWRxbC9BREdDUkg0UnF1TVFOVFFNc3I0UVZLOXI1Y2VOUjNncjIrM3pDMmt4UXpHQ3BLdlZtTXdiMFREVXZoWmFiZlpvPXw&cppv=2
Request Chain 63
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 91
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=babla.vn&sn=ChromeSyncframe&so=1&topUrl=www.babla.vn&bundle=FWkE4191STdjY1hIJTJGTDdHUkpBc3VMZzN1M3p0SW5Bek00N0FoRG13emNadFRWeXlXaWZoaiUyQkNoTFh6dDJ4U2JESDRVcVRSRHZ0R0hZTmY4a2JGUnczRXRZY3FqMVpRQkx1aXBnZUYlMkZNaFZ0S3dTdUsxQkptS244UkJOJTJGc0pwMm9VTGI0&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=tLBUpnxqYXIyQWZWNHZwQ2hvUlFnWmpMMVd5U0dMNGZIZTE1S3RNeHMyUGVVc3ovRnFJVm14eWpVbFFxd2k3NEN1YXJyWWFEU3JzOXB5ekE5eUFDbVN1TjhUM0tvR1ZBSUphYXlEQVk1bUd3NGtaWEFBaTRNYitJWHZDMzdDMVFTbC9mR3haVExha2c5anArRFRiVERBNTJEWVJVNVRwTUlTWDFRNUp5ZkJMaCs3bGpLLzA2c0FLRGhlNk1Jb2VpQklBd1l5RitCTktFUGFTZVMwODgyeDNkNTl2WjVvTTJNdkhtUllBUmFMU2JlUWNpTGJ3RzhwVDNaYis0NUN0VE9EK2Zvc0FLazRwZHVZRUtyNW1Leko3WWhYQT09fA&cppv=2
Request Chain 96
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 99
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e82f0d2f-844d-48b4-b914-3200df7a271e&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e82f0d2f-844d-48b4-b914-3200df7a271e&gdpr=1
Request Chain 102
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 104
  • https://c1.adform.net/serving/cookie/match?party=14&cid=1F5CF7BF-A386-4D8F-B856-565BC78BCFB1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1F5CF7BF-A386-4D8F-B856-565BC78BCFB1
Request Chain 105
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4479911125874688779
Request Chain 106
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=H1z3v6OGTY-4VlZbx4vPsQ%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=H1z3v6OGTY-4VlZbx4vPsQ%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 107
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=47f5612e-1243-4b00-9ef0-056cadd72513
Request Chain 108
  • https://pixel.onaudience.com/?partner=214&mapped=1F5CF7BF-A386-4D8F-B856-565BC78BCFB1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=7eb53ffa-1db2-4e73-9059-7dcf39c08acd&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=557f12fe3a946432 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8f7213b0-505c-4e21-6565-68c2812c8fef&reqId=b2981db5-6547-4c22-4967-3c951b0fb352&zcluid=557f12fe3a946432&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGkj3XvOXr7IA-fitu8hB88&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8f7213b0-505c-4e21-6565-68c2812c8fef&reqId=b2981db5-6547-4c22-4967-3c951b0fb352&zcluid=557f12fe3a946432&zdid=1332
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUY1Q0Y3QkYtQTM4Ni00RDhGLUI4NTYtNTY1QkM3OEJDRkIx&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUY1Q0Y3QkYtQTM4Ni00RDhGLUI4NTYtNTY1QkM3OEJDRkIx&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 110
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEYHlMekKtgTAYF0GvtO5h0&google_cver=1
Request Chain 112
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7755732232632909883
Request Chain 113
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d060612e-1243-4000-9d4c-b6416327a77d&gdpr=0&gdpr_consent=
Request Chain 114
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=33fd612e-1243-4300-985f-1fec78baddb8
Request Chain 115
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=f1Ti9XhX5KNkBuOlcV39qHEG4fNkUej0cFRuyv8W
Request Chain 116
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1943750964246419725
Request Chain 119
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO0KbeeUlqPeNedNgi-XIZQ&google_cver=1
Request Chain 122
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.babla.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.babla.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 124
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOMVczwVsc7LpkH62IDG6Cg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 125
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY0NDc4OTc1NTI2MjIwOTYzMQ%3D%3D
Request Chain 127
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4644789755262209631?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-f6VGg7pE2oRFTRGmNXvOkZ8HDXEo6kxfKlImTNuQOA--~A&dongle=0883
Request Chain 128
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1892964107568595119&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 129
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4644789755262209631 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4644789755262209631&dcc=t
Request Chain 130
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 134
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/6206213745645891746
Request Chain 135
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/c01ed9f7-1747-4670-bdce-cba9becc908a&partner_id=1010
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS4SQ97svH1SormronQjlgAABMMAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEf66MwCxVy02abPtY17cCg&google_cver=1
Request Chain 137
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS4SQ97svH1SormronQjlgAABMMAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS4SQ97svH1SormronQjlgAABMMAAAAB&dcc=t
Request Chain 138
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS4SQ97svH1SormronQjlgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFnGX6qaLi_6prFdsM2GHc4&google_cver=1&gdpr=1
Request Chain 141
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6836956851923524715&uid=Q6836956851923524715&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 142
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d3b65cc7-de2d-4562-a1a6-60a41cb5cb86 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d3b65cc7-de2d-4562-a1a6-60a41cb5cb86&C=1
Request Chain 143
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=55bd9ecf-9b9c-423c-a372-32598d90bd39&expiration=1661945284
Request Chain 147
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YS4SQ97svH1SormronQjlgAA%261219
Request Chain 148
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=81cbf5da-0a4e-11ec-9d25-175bad840306 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/81cbf587-0a4e-11ec-9d25-175bad840306
Request Chain 149
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/1892964107568595119
Request Chain 151
  • https://sync.adotmob.com/cookie/smilewanted?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadotmob%2F{amob_user_id} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/adotmob/06a72204021b76eeed975cc0
Request Chain 152
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D1%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=smilewanted&gdpr=1&gdpr_consent=&f=i&uid=cbd646fc74941c3911b4285814c464fe

154 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.babla.vn/
Redirect Chain
  • http://www.babla.vn/
  • https://www.babla.vn/
58 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.babla.vn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.72.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-72-163.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
d505bfd770f1f0d12ded8e60b0f12ee535a69ab66fb609db4a6188321f7e8f13
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 max-age=15780000; includeSubDomains; preload

Request headers

Host
www.babla.vn
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 11:27:59 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
AWSALB=AFQ6iVkuDhPN5JZAnNZRGV5WvhEw9HfnV5KUfybpXZ25+GnC2U4e++Xk3QsVrWhcqxpsLLV0mIEfPXa4fJqT8u5qNBJdntoRgrmqS9YysLwUvgn6AVE/MpgyldOh; Expires=Tue, 07 Sep 2021 11:27:59 GMT; Path=/ AWSALBCORS=AFQ6iVkuDhPN5JZAnNZRGV5WvhEw9HfnV5KUfybpXZ25+GnC2U4e++Xk3QsVrWhcqxpsLLV0mIEfPXa4fJqT8u5qNBJdntoRgrmqS9YysLwUvgn6AVE/MpgyldOh; Expires=Tue, 07 Sep 2021 11:27:59 GMT; Path=/; SameSite=None; Secure PHPSESSID=v2kiie2ji1pbeftn24mvi39l94; path=/; domain=.babla.vn; secure; HttpOnly languages=vi.deen.de.en.0..; expires=Thu, 09-Dec-2021 11:27:59 GMT; Max-Age=8640000; path=/; domain=.babla.vn; secure; HttpOnly
Server
Apache
Strict-Transport-Security
max-age=15768000 max-age=15780000; includeSubDomains; preload
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-store,no-cache,must-revalidate post-check=0,pre-check=0
Pragma
no-cache
Last-Modified
Tue, 31 Aug 2021 11:27:59 GMT
Content-Language
vi
P3P
CP="CAO DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Link
<https://bab.la/>; rel="alternate"; hreflang="x-default" <https://www.babla.co.id/>; rel="alternate"; hreflang="id" <https://www.babla.cn/>; rel="alternate"; hreflang="zh-Hans" <https://cs.bab.la/>; rel="alternate"; hreflang="cs" <https://da.bab.la/>; rel="alternate"; hreflang="da" <https://de.bab.la/>; rel="alternate"; hreflang="de" <https://www.babla.gr/>; rel="alternate"; hreflang="el" <https://en.bab.la/>; rel="alternate"; hreflang="en" <https://es.bab.la/>; rel="alternate"; hreflang="es" <https://fr.bab.la/>; rel="alternate"; hreflang="fr" <https://it.bab.la/>; rel="alternate"; hreflang="it" <https://ja.bab.la/>; rel="alternate"; hreflang="ja" <https://www.babla.kr/>; rel="alternate"; hreflang="ko" <https://hu.bab.la/>; rel="alternate"; hreflang="hu" <https://nl.bab.la/>; rel="alternate"; hreflang="nl" <https://www.babla.no/>; rel="alternate"; hreflang="no" <https://pl.bab.la/>; rel="alternate"; hreflang="pl" <https://pt.bab.la/>; rel="alternate"; hreflang="pt" <https://ro.bab.la/>; rel="alternate"; hreflang="ro" <https://www.babla.ru/>; rel="alternate"; hreflang="ru" <https://fi.bab.la/>; rel="alternate"; hreflang="fi" <https://sv.bab.la/>; rel="alternate"; hreflang="sv" <https://www.babla.co.th/>; rel="alternate"; hreflang="th" <https://tr.bab.la/>; rel="alternate"; hreflang="tr"
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Date
Tue, 31 Aug 2021 11:27:59 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
229
Connection
keep-alive
Server
Apache
Location
https://www.babla.vn/
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6940
date
Tue, 31 Aug 2021 09:32:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 31 Aug 2021 11:32:19 GMT
Cookie set Material_Icons-400-fallback1.woff2
www.babla.vn/fonts/google/ 		106 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.babla.vn/fonts/google/Material_Icons-400-fallback1.woff2
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.72.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-72-163.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
1e90fbaad03f8ad346cac42c97defe25abd61ce4c67cf0e6d1d53f8c31b7bbae
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.babla.vn
Accept-Encoding
gzip, deflate, br
Host
www.babla.vn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.babla.vn/
Cookie
AWSALB=AFQ6iVkuDhPN5JZAnNZRGV5WvhEw9HfnV5KUfybpXZ25+GnC2U4e++Xk3QsVrWhcqxpsLLV0mIEfPXa4fJqT8u5qNBJdntoRgrmqS9YysLwUvgn6AVE/MpgyldOh; AWSALBCORS=AFQ6iVkuDhPN5JZAnNZRGV5WvhEw9HfnV5KUfybpXZ25+GnC2U4e++Xk3QsVrWhcqxpsLLV0mIEfPXa4fJqT8u5qNBJdntoRgrmqS9YysLwUvgn6AVE/MpgyldOh; PHPSESSID=v2kiie2ji1pbeftn24mvi39l94; languages=vi.deen.de.en.0..
Connection
keep-alive
Origin
https://www.babla.vn
Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 11:28:00 GMT
Last-Modified
Thu, 05 Aug 2021 13:41:17 GMT
Server
Apache
ETag
"1a674-5c8d012c9d386"
Strict-Transport-Security
max-age=15768000
Set-Cookie
AWSALB=zKy0JLA0qe1WUbJ3VqkfbDk8yMZZ0k5kBj1HhWpXweO2C0TRjK9aWYXYyktpA9YTs88RH6r1W8OcHZPC4tSdO+Y9nIVbcApsRfcwzRJjTaPJmcW6jVlsWifAzeSR; Expires=Tue, 07 Sep 2021 11:28:00 GMT; Path=/ AWSALBCORS=zKy0JLA0qe1WUbJ3VqkfbDk8yMZZ0k5kBj1HhWpXweO2C0TRjK9aWYXYyktpA9YTs88RH6r1W8OcHZPC4tSdO+Y9nIVbcApsRfcwzRJjTaPJmcW6jVlsWifAzeSR; Expires=Tue, 07 Sep 2021 11:28:00 GMT; Path=/; SameSite=None; Secure
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108148
Cookie set icomoon.ttf
www.babla.vn/fonts/icomoon/ 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.babla.vn/fonts/icomoon/icomoon.ttf?gex2r4
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.72.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-72-163.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
d6d3d0e52df21431faa9ce892825477821ea7a61c557b21900319c2660941311
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.babla.vn
Accept-Encoding
gzip, deflate, br
Host
www.babla.vn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.babla.vn/
Cookie
AWSALB=AFQ6iVkuDhPN5JZAnNZRGV5WvhEw9HfnV5KUfybpXZ25+GnC2U4e++Xk3QsVrWhcqxpsLLV0mIEfPXa4fJqT8u5qNBJdntoRgrmqS9YysLwUvgn6AVE/MpgyldOh; AWSALBCORS=AFQ6iVkuDhPN5JZAnNZRGV5WvhEw9HfnV5KUfybpXZ25+GnC2U4e++Xk3QsVrWhcqxpsLLV0mIEfPXa4fJqT8u5qNBJdntoRgrmqS9YysLwUvgn6AVE/MpgyldOh; PHPSESSID=v2kiie2ji1pbeftn24mvi39l94; languages=vi.deen.de.en.0..
Connection
keep-alive
Origin
https://www.babla.vn
Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 11:28:00 GMT
Last-Modified
Fri, 21 May 2021 08:40:38 GMT
Server
Apache
ETag
"dc4-5c2d303a4123c"
Strict-Transport-Security
max-age=15768000
Content-Type
application/font-sfnt
Set-Cookie
AWSALB=LJyKJ45yUoisAaArJa56BvWqqS/2avbFq0TgeHYyxKm49ugt8YaVlBccrSuZNBOfVy/ieKr5VTuqeM1oQLObWr+QSvr5TX1AAE/h3BZBT/3r21PTTnoza7x4CyqG; Expires=Tue, 07 Sep 2021 11:28:00 GMT; Path=/ AWSALBCORS=LJyKJ45yUoisAaArJa56BvWqqS/2avbFq0TgeHYyxKm49ugt8YaVlBccrSuZNBOfVy/ieKr5VTuqeM1oQLObWr+QSvr5TX1AAE/h3BZBT/3r21PTTnoza7x4CyqG; Expires=Tue, 07 Sep 2021 11:28:00 GMT; Path=/; SameSite=None; Secure
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3524
Cookie set fonts.css
www.babla.vn/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.babla.vn/css/fonts.css?v=1628170878
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.72.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-72-163.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3f8e703556ed5844d21cb430a071e95ceaf2c0eb60255979bb4e872da0916fc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.babla.vn
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.babla.vn/
Cookie
AWSALB=AFQ6iVkuDhPN5JZAnNZRGV5WvhEw9HfnV5KUfybpXZ25+GnC2U4e++Xk3QsVrWhcqxpsLLV0mIEfPXa4fJqT8u5qNBJdntoRgrmqS9YysLwUvgn6AVE/MpgyldOh; AWSALBCORS=AFQ6iVkuDhPN5JZAnNZRGV5WvhEw9HfnV5KUfybpXZ25+GnC2U4e++Xk3QsVrWhcqxpsLLV0mIEfPXa4fJqT8u5qNBJdntoRgrmqS9YysLwUvgn6AVE/MpgyldOh; PHPSESSID=v2kiie2ji1pbeftn24mvi39l94; languages=vi.deen.de.en.0..
Connection
keep-alive
Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 11:27:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Aug 2021 13:41:19 GMT
Server
Apache
ETag
"7ee-5c8d012e6b23c-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Set-Cookie
AWSALB=QI93XPql0Wrn4VGVJJ4U2JMox2O+w4dV51EGDXIKJY7aB18SbdKRtGu2duLWi+hHtsP89eMDrZq7tNk2X9EpfodD+xxtS/IrLrQg307wKfG6h8NLCwLgLNn0Qncg; Expires=Tue, 07 Sep 2021 11:27:59 GMT; Path=/ AWSALBCORS=QI93XPql0Wrn4VGVJJ4U2JMox2O+w4dV51EGDXIKJY7aB18SbdKRtGu2duLWi+hHtsP89eMDrZq7tNk2X9EpfodD+xxtS/IrLrQg307wKfG6h8NLCwLgLNn0Qncg; Expires=Tue, 07 Sep 2021 11:27:59 GMT; Path=/; SameSite=None; Secure
Connection
keep-alive
Strict-Transport-Security
max-age=15768000
Accept-Ranges
bytes
Content-Length
667
extra.css
static.bab.la/css/ 		82 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.bab.la/css/extra.css?v=1628170878
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0dec25a8d52c447360be4f69ce3057126f71852fb3ec2ca79a4d51b10b95931

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Aug 2021 13:39:11 GMT
server
cloudflare
etag
W/"14864-5c8d00b4d7ffa-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQtBrmx%2FmdFY9%2Fwa6XaDd7OgWzoaa4GHrSz3BxwTrfIC%2Bf5eBzdi1Pcst21cLG2yaOH4wdfvXFGOhVSBKHRPRHSWf7f5TnNqd4u1DqIeYDHxFlyaakxOdRz%2F1zRzCLN39udYgeqIVmt%2FOIs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6875e9afdcaddfef-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
71bf24e55df00ade430e45aa96f2d03ce5f05623f64dd7abef0bedf9c413bfbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"974 / 473 of 1000 / last-modified: 1630407035"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24947
x-xss-protection
0
expires
Tue, 31 Aug 2021 11:28:00 GMT
pb-babla.min.js
static.bab.la/js/vendor/ 		313 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ab920eb96c434d1fff60e1dbc52ab9b4296dd5991fe9accc174ebb13a2c17b8

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Aug 2021 13:39:36 GMT
server
cloudflare
etag
W/"4e309-5c8d00cc3ea19-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFflUEwYe48BFUx5EdwXQVo5GFXlV%2BBZ7PvuDYPQAyadWelTKwuh%2BKpkRPu8CYzscbwe64tNEuM%2F632AHojijv3qeNGlNdUIFD%2FkEkmnWGWpeP%2BP4YX3ZmesjTPKKap%2BEepB7Mzfg3qPJ78%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6875e9b0bdeedfef-FRA
iaw-babla.min.js
static.bab.la/js/vendor/ 		151 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bab.la/js/vendor/iaw-babla.min.js?v=1628170878
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22dbe3c978a9b5b38ed1a0a1343a675c39c9a5b2281248c74d6a08719968906

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Aug 2021 13:39:36 GMT
server
cloudflare
etag
W/"25a95-5c8d00cc3ea19-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jt8G8685M%2BKEtIe6qDJwLm4q45TOoTkDFI117ykbyGtO0Ir2cJ5Lp4IoPZEnPoQFWlWca7CoC75bphVhks%2F%2FwKi4%2Fz4pJqKBxxsAutd3CciyTuGewJ1tdvz0UoPqBtw4N6nTOXXbyCc05DY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6875e9b0bdefdfef-FRA
basic.css
static.bab.la/css/ 		90 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.bab.la/css/basic.css?v=1628170878
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
423de8098aebeba62bf253addb95ff66d5b35d4f3ae0882f045c8bca700d8fc7

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Aug 2021 13:39:43 GMT
server
cloudflare
etag
W/"168e3-5c8d00d303113-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTNQZKsZm2iEkQl8teXEhyaBlcKZ11AmItkiovwMVPMineZjJIQUJq91cR%2B9XoV847fd0oC4V%2FN3xvD%2BYF3Y4lfpDAG02q%2FA3UVsDVzBKins7HFMorK3QL2uRmC6wi3lmlg%2BXbiWDXyoFcs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6875e9afdcafdfef-FRA
adserver.css
static.bab.la/css/ 		658 B
898 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.bab.la/css/adserver.css?v=1628170878
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
801614a3f72e3f9ad54aff8a1736c757039a9c0607886c17fe926f06071f623e

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Aug 2021 13:39:43 GMT
server
cloudflare
etag
W/"292-5c8d00d2dfe92-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bke0OUNida%2F1jX0gJH8R85GhVA9pZXL46vPe7Qq3GKYam2zYQsTg6ShhTHq0FlxKRqHWC4QLCe%2BrtNTtfTvDhB7ON3KfH9sn2PPn%2B9BMi36sfVmNMdUCvvQX2DgnZ8sl7HdmYcm436Esho0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6875e9afdcb1dfef-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 10:47:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 10:47:44 GMT
bootstrap.min.js
static.bab.la/js/vendor/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bab.la/js/vendor/bootstrap.min.js
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 10 May 2021 08:10:14 GMT
server
cloudflare
etag
W/"9b00-5c1f54ea5cbac-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iht9%2FUSe9gEDUC9qAUp45n8kRVX1KQNZqNI9yV47iqnRwsi8xOT88%2BLexOeXHuzAqvrK%2BdJy9EhNOYRZmmJ29Asy4hPjCNeXm2vS5vcVPQ%2FbM67BSDni8dx8LvkAsUBoAyHXTNXuraxkwsI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6875e9b0bdf1dfef-FRA
scrollFixedTypeahead.min.js
static.bab.la/js/vendor/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bab.la/js/vendor/scrollFixedTypeahead.min.js
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63884073c630b7bdab4841eccb77662d05bfe036e441a4e4e8753a647e44ce0a

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 10 May 2021 08:10:14 GMT
server
cloudflare
etag
W/"b2d6-5c1f54ea5cbac-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUeoBZUw3QcD2erdrlFeOt5s%2FEw91mLulYwTK%2BddWLRHU5%2F%2FA4ONgwBQ5%2BO7yFPBNA%2FVe4UpBdIWrCEFAS28AazdH%2B%2Bfq8TR9gaYpJxpooe8H80xNcbDz%2BXhAFppv%2B0XqqAPrFHP1XGowJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6875e9b0bdf3dfef-FRA
babla.js
static.bab.la/js/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bab.la/js/babla.js?v=1628170878
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
915d91337f65f3385ad6d9e0a867ae9563dbc87985eced8a266d89a6e6fbd1d3

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Aug 2021 13:39:50 GMT
server
cloudflare
etag
W/"a5e4-5c8d00d943aa8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clI0FjcKTMjraGAUgjSQOOBtquq0RAkB18bk9ZCHA0XYpZv62i1hfg0YWCuBhpjXo8%2B56GQ79S1IAPRnJIS7VUkCjN1bPGgXp5dkqZu%2B5xJNJL2Dl4hxkqgCocLMW5S011u4D5uVOtorG9w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6875e9b0bdf5dfef-FRA
babla-logo-white.svg
static.bab.la/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bab.la/img/babla-logo-white.svg
Requested by
Host: static.bab.la
URL: https://static.bab.la/css/basic.css?v=1628170878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94059e53a13ebb0d9bca105db7af3d6187d1080fd3507764efdce2e0557fe420

Request headers

Referer
https://static.bab.la/css/basic.css?v=1628170878
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 10 May 2021 08:10:13 GMT
server
cloudflare
etag
W/"1087-5c1f54ea27fe4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWXZ%2B%2B%2BmRpDNF42JWYaAvyT7WxK7lsi2pTpCmXlD3Jz4EsRv6Jf9CaUdYwG%2FZijAnr48YFvn6FW3ZoM3gaPKBCr1knVWLUULb2Arb2%2BST1%2FHZJIrYXEUtqGBgxuEUJX5%2F26MZovS6fpwGs4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6875e9b0bdfddfef-FRA
babla-worldmap.png
s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/babla-worldmap.png
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.92.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4a4234471086d353f77ef66c3b210f66be7ca9cf3f39c801cb4b10fb4a412e5e

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 11:28:01 GMT
Last-Modified
Thu, 27 May 2021 09:29:13 GMT
Server
AmazonS3
x-amz-request-id
Z4Y2FH63SAB1HPDS
ETag
"faef6eb2761dc4ea99350cf2d6f5cc20"
x-amz-version-id
6EJYH8hOG82P0jpuw.60K2KYUFut09t4
Cache-Control
max-age=86400,public
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
38591
x-amz-id-2
hD9jqr0FwNM+8FVoRudZv8mSPVVeaWWJJpEAjVi+eVYJrw6EJbBd4e3qzv2gSB30yup3jNZBkpQ=
babla-logo.svg
static.bab.la/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bab.la/img/babla-logo.svg
Requested by
Host: static.bab.la
URL: https://static.bab.la/css/basic.css?v=1628170878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca3f6d64956475bf9563c55e5c8afb1156bf568e2b2c7a80d72a4a0235b7bf3

Request headers

Referer
https://static.bab.la/css/basic.css?v=1628170878
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 10 May 2021 08:10:13 GMT
server
cloudflare
etag
W/"1072-5c1f54ea27fe4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlBmMSlntL631MHZy4BhUy5EJ%2FGtHW4Ht6mlg%2B1GGX5QimiaQ0Z3g3ipGfmOy4pv%2F%2BGosIqaxkjZDO3NqeM8%2Bj76ry7HROr%2FXVyJiHQ0b2krQwek6DwQQrTNkI2iTAVVNlGQfaTquWTWDcA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6875e9b0bdffdfef-FRA
flags-v7.gif
static.bab.la/img/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bab.la/img/flags-v7.gif
Requested by
Host: static.bab.la
URL: https://static.bab.la/css/basic.css?v=1628170878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e18548ee415ddcdf89c1d2c033cb8dc8d812e599a1a95fb7f34871d91a74d39c

Request headers

Referer
https://static.bab.la/css/basic.css?v=1628170878
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
cf-cache-status
BYPASS
last-modified
Mon, 10 May 2021 08:10:14 GMT
server
cloudflare
etag
"9b92-5c1f54ea58d2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBmvBeZd3qmSXEtJ6JSWG3HMxAxRq7CIgUPslyFB7qp9KAmca9LKRwvASrWAQtKbQAjT%2B6ITUd%2B1aNcUPoc1UJ%2BvKCMDUKWWGajkMfKe253kEFSRb6fWAwJoa%2FifO%2BDhTNWclOM75tuWqRk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6875e9b0be03dfef-FRA
content-length
39826
exchange.svg
static.bab.la/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bab.la/img/exchange.svg
Requested by
Host: static.bab.la
URL: https://static.bab.la/css/basic.css?v=1628170878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb5917fad36a8737b6aadd461a6c9c4052244472f68f7de691c8cfffce6651fd

Request headers

Referer
https://static.bab.la/css/basic.css?v=1628170878
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 10 May 2021 08:10:14 GMT
server
cloudflare
etag
W/"61c-5c1f54ea57d8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cG5HfUv4USVTEzb50Bm%2B9Zpigb%2FCHctWaHH2SDyjpuf%2FtGl6SEBpUPlI%2FbUi9wXEt6cvFIEepz1G2hZLgA7g4cf6%2F9k1nQhscJdUBsAVltmkPfuNWKaxr1hoAG9hDbkOuhllMaqIrmJkQek%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6875e9b0be04dfef-FRA
collect
stats.g.doubleclick.net/j/ 		1 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-149407836-1&cid=467946044.1630409280&jid=321928334&gjid=97062496&_gid=1987344879.1630409280&_u=YGBAgAABAAAAAE~&z=797394291
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 31 Aug 2021 11:28:00 GMT
content-type
text/plain
access-control-allow-origin
https://www.babla.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=652124566&t=pageview&_s=1&dl=https%3A%2F%2Fwww.babla.vn%2F&ul=en-us&de=UTF-8&dt=T%E1%BB%AB%20%C4%91i%E1%BB%83n%20online%20c%E1%BB%A7a%20bab.la%20-%20c%E1%BB%99ng%20%C4%91%E1%BB%93ng%20y%C3%AAu%20ng%C3%B4n%20ng%E1%BB%AF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=321928334&gjid=97062496&cid=467946044.1630409280&tid=UA-149407836-1&_gid=1987344879.1630409280&cd1=languages&cd2=index&z=1744053208
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 02:20:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32843
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
n2m31w97A4Y
www.youtube.com/embed/ Frame 3540 		55 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/n2m31w97A4Y
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5adeda14420c23ed1adffabf5c4e900e4d91aae258613f6e178afdddf328f81e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/n2m31w97A4Y
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.babla.vn/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.babla.vn/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 31 Aug 2021 11:28:00 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime
2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=VmA76pLvbKY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=Tn7QsB26WYU; Domain=.youtube.com; Expires=Sun, 27-Feb-2022 11:28:00 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+956; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hotjar-1695067.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1695067.js?sv=6
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
63906a87b384e8116d64107cd09d85cff696ea6ff425449f66703bc2a823046b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:27:35 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
48
etag
W/0ec1f1d19d980c293aa472980b24bca7
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
FRA56-P2
content-length
1896
via
1.1 5d5481cfa85227a3fdd5ff0b03093c63.cloudfront.net (CloudFront)
x-amz-cf-id
sVme19IQQvCsVbYkGyWFym2XqE4z7_BcDTxv-5CC3ffQl3uiiV0isA==
teaser-hangman.jpg
s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/teasers/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/teasers/teaser-hangman.jpg
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.92.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8a3daa73d43573ccfda4487c997b7beded0c201a4ea2166dced366fa0397fd19

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 11:28:01 GMT
Last-Modified
Thu, 27 May 2021 09:29:26 GMT
Server
AmazonS3
x-amz-request-id
Z4Y22XRKNS231SZE
ETag
"525bdb19a1263e8cc00f2511e5e886fb"
x-amz-version-id
LUHqFzd00vvkYVooG9fQ_BEWdzOTKosT
Cache-Control
max-age=86400,public
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
4788
x-amz-id-2
nzGNRJyukwTseOfSxWrp2tZSq2/k6hFaRT7/JAMyGaYTLGG3ZGEKP6R+SdLkycNpnKb2kLuxFFA=
teaser-conjugations.jpg
s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/teasers/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/teasers/teaser-conjugations.jpg
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.92.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
fde4430ecdd92d7a0a565d5116726168db33892a9330d64b4c6b850e459c71c9

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 11:28:01 GMT
Last-Modified
Thu, 27 May 2021 09:29:26 GMT
Server
AmazonS3
x-amz-request-id
Z4YFFTEMH6QBEEDS
ETag
"54a23b459bc701a9e2882903ac06db2f"
x-amz-version-id
l4mJKPPZXgQVrPFMpaOSYVTOwGXjj2pe
Cache-Control
max-age=86400,public
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
6619
x-amz-id-2
sOND38PgGHH5C0xWFEmwfAMvKYRfmQIX2D7Gyjg6VMbJxbGZhtyrR14ioBlB3MFTN7XHmI/NkaE=
teaser-company.jpg
s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/teasers/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/com.idmgroup.lab.images.prod/img/teasers/teaser-company.jpg
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.92.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6cd5a659a5752962df95614f110e81dcaa701b3f0cad5ab69629fe04771bd605

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 11:28:01 GMT
Last-Modified
Thu, 27 May 2021 09:29:26 GMT
Server
AmazonS3
x-amz-request-id
Z4YAN6W3TVJXF45S
ETag
"edf14a805f7db4f6b8976f8a47d4e3fb"
x-amz-version-id
ZyCoqnt6Awo916CSvJodr10PbZSCOTXL
Cache-Control
max-age=86400,public
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
10269
x-amz-id-2
Bsd+Hay3zSHfgYXm5cryj+DvkWlIVaVwJz3pU47jUqJKrPvIX/PppSfX2FnHyr71uIb8/+i3xn0=
pubads_impl_2021083001.js
securepubads.g.doubleclick.net/gpt/ 		333 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
46ac864eaef04f0b4124dd8bda16a352d8287c4a9a8fa66bba86f5def26b3037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 08:40:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119248
x-xss-protection
0
expires
Tue, 31 Aug 2021 11:28:00 GMT
www-player-webp.css
www.youtube.com/s/player/c29c59cf/ Frame 3540 		329 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c29c59cf/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/n2m31w97A4Y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e68989f82549929bc73187be7a746aa6e76da689496596eea814bd740846a92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/n2m31w97A4Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 13:36:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 00:16:12 GMT
server
sffe
age
78706
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46223
x-xss-protection
0
expires
Tue, 30 Aug 2022 13:36:14 GMT
www-embed-player.js
www.youtube.com/s/player/c29c59cf/www-embed-player.vflset/ Frame 3540 		194 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c29c59cf/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/n2m31w97A4Y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df15cf4481e505bc8c584dd98860101d285ddf9c0f3ce05f5f650b54cd81335a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/n2m31w97A4Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 13:36:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 00:16:12 GMT
server
sffe
age
78706
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65420
x-xss-protection
0
expires
Tue, 30 Aug 2022 13:36:14 GMT
base.js
www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/ Frame 3540 		2 MB
499 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/n2m31w97A4Y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bf5690bfc2df1a7da94594930825059f27949af60ec76b44b404e68d70b6806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/n2m31w97A4Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 13:36:35 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 00:16:12 GMT
server
sffe
age
78685
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
510544
x-xss-protection
0
expires
Tue, 30 Aug 2022 13:36:35 GMT
fetch-polyfill.js
www.youtube.com/s/player/c29c59cf/fetch-polyfill.vflset/ Frame 3540 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c29c59cf/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/n2m31w97A4Y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/n2m31w97A4Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 13:36:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 00:16:12 GMT
server
sffe
age
78706
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Tue, 30 Aug 2022 13:36:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3540 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/n2m31w97A4Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 18:18:02 GMT
x-content-type-options
nosniff
age
580198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:18:02 GMT
modules.189ddfe225c89657c20d.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.189ddfe225c89657c20d.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1695067.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.93.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-93-105.zrh50.r.cloudfront.net
Software
/
Resource Hash
789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 08:57:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
354655
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59569
access-control-allow-origin
*
last-modified
Fri, 27 Aug 2021 08:56:36 GMT
etag
"00ab92e1048f75ffd0466b24cae7a3f0"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
tVp3QCJWx2dKkazcU7kZi0e3A031OetxEOZp9ydKHLXm2gpfe1P_9w==
f18c027f-eefb-48c2-b89a-f013e1828e06
boot.pbstck.com/v1/tag/ 		1 KB
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://boot.pbstck.com/v1/tag/f18c027f-eefb-48c2-b89a-f013e1828e06
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/iaw-babla.min.js?v=1628170878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c777adaf791edc66b0b5977e73a42bc4eb0ca552ca03c7af2174f122b8625a3

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
private,max-age=120
cf-ray
6875e9b22e76d729-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
tag
btloader.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5750296052498432&upapi=true
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/iaw-babla.min.js?v=1628170878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ded7cde584b8ec1d4c94c3e5f72453a16688fca601f4247946b68013aee977

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cf-ray
6875e9b21e4a4eb0-FRA
date
Tue, 31 Aug 2021 11:28:00 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2973
etag
W/"3d8d9b98f71fbd19e96083029117ec66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRpASbo0b5dg2LwIk%2FsJ9u2zTg3wZoxt2QrIlRCNe2iqEze0upWUgOq2F6hhq7jhkmZHzhrWYtZ3Lvs3HZTqsD9JluQF4dhHf5sb69z%2Feyq8lbBWWpPhuC775dKejxL62HbuCT1wWanwbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
content-encoding
br
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.babla.vn%2F&domain=www.babla.vn&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.babla.vn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.babla.vn
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1792
date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.babla.vn%2F&domain=www.babla.vn&cw=1
  • https://mug.criteo.com/sid?cpp=kn6wn3xMOVV0SWxsN0lxV3JnSG9GQ2VUNUUxNy9hRE8zc0V0ZjJjTkQwSEF6ai81dFpHZXlaMktEdjRRaGQwSkM3UFNOU2NHemJSUFFjNHBWYVFFQy94SCtHNGdtVmdFazE5RklsZTg2RzhwclNHODRJdEYwem9sOGQwZm...
347 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=kn6wn3xMOVV0SWxsN0lxV3JnSG9GQ2VUNUUxNy9hRE8zc0V0ZjJjTkQwSEF6ai81dFpHZXlaMktEdjRRaGQwSkM3UFNOU2NHemJSUFFjNHBWYVFFQy94SCtHNGdtVmdFazE5RklsZTg2RzhwclNHODRJdEYwem9sOGQwZmptZ0cxZTRPTVB6YjYrenVZbGxQOStIT2MzczZLczY0ZmhpOVE2dDIyNmZVSW9NSWRxbC9BREdDUkg0UnF1TVFOVFFNc3I0UVZLOXI1Y2VOUjNncjIrM3pDMmt4UXpHQ3BLdlZtTXdiMFREVXZoWmFiZlpvPXw&cppv=2
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e87a6143b6d7c1c84b132ec34682c36bbfb92be274b63a8bf2486d553675a5e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 31 Aug 2021 11:28:01 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3042
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 31 Aug 2021 11:27:59 GMT
location
https://mug.criteo.com/sid?cpp=kn6wn3xMOVV0SWxsN0lxV3JnSG9GQ2VUNUUxNy9hRE8zc0V0ZjJjTkQwSEF6ai81dFpHZXlaMktEdjRRaGQwSkM3UFNOU2NHemJSUFFjNHBWYVFFQy94SCtHNGdtVmdFazE5RklsZTg2RzhwclNHODRJdEYwem9sOGQwZmptZ0cxZTRPTVB6YjYrenVZbGxQOStIT2MzczZLczY0ZmhpOVE2dDIyNmZVSW9NSWRxbC9BREdDUkg0UnF1TVFOVFFNc3I0UVZLOXI1Y2VOUjNncjIrM3pDMmt4UXpHQ3BLdlZtTXdiMFREVXZoWmFiZlpvPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.babla.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2256
content-length
482
expires
0
/
prebid.smilewanted.com/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://www.babla.vn
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQt3ifGFVjWzij2bgvr7%2BguWNB%2F9CCiAvKv3cCt%2BiOva4LtTdWBHnyMq2M0kavpy9HTGbnK50A88CajEbDQgCjBriT3aNgcLLH0GVssAmc2WtG9IKe9LP0S5%2BCtCaj1tOAPYbYaofTw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6875e9b289c34069-CDG
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://www.babla.vn
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZuInBHsHtzlJleV1BGQ9tXyr8L7NGFsZWaiXUQ3oHZ7KgD%2BYO89QIhABfocT8VAcx4dAiZCM0U3UXdG5Fl2kMQ1j0H6fwd%2B7fXq8AWHj%2FQ9EgT4sZh5r0KC0Sey4E5qI2pilWEvsKU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6875e9b289c74069-CDG
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://www.babla.vn
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FIUCLnSb%2FEfXB8wE3PDA%2F8Cz%2BhLIVULUZQDXnvevPr7IhRWWQVSCzW%2BAuwdo7eg1RkrMdXrTwQuVJkPGzgIZ1mbVxzF6REpXMVRbrrj2elkTDyrGgy%2Bqm9UOed0ijZZ%2BYpTWNdf2tE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6875e9b289c44069-CDG
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://www.babla.vn
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPSVymLXKdPESGb%2FE7uXh35ctxSwFuAD9dpMW5YPLa6YR3F3nrRpJ0hJ81FF%2BO5uYYEN8%2FZkhqjtvauHx4OYMciRpRmwQy%2BsZjbpmoXE2W2MaCrR8Nn%2FXXPo1ECkMDHKPey1Xuyy2js%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6875e9b289c54069-CDG
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cygnus
htlb.casalemedia.com/ 		24 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=421252&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%226761b9845909fa%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.babla.vn%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%225.7.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227fc814e14cfd6e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22421252%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22421252%22%2C%22sid%22%3A%22750x100%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22421252%22%2C%22sid%22%3A%22750x200%22%7D%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22421252%22%2C%22sid%22%3A%22950x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22421252%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22421252%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A980%2C%22h%22%3A120%2C%22ext%22%3A%7B%22siteID%22%3A%22421252%22%2C%22sid%22%3A%22980x120%22%7D%7D%2C%7B%22w%22%3A980%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22421252%22%2C%22sid%22%3A%22980x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2215a782b2a8738bc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22555371%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22555371%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A240%2C%22h%22%3A400%2C%22ext%22%3A%7B%22siteID%22%3A%22555371%22%2C%22sid%22%3A%22240x400%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A360%2C%22ext%22%3A%7B%22siteID%22%3A%22555371%22%2C%22sid%22%3A%22250x360%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22555371%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22555371%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%222138a45cdb5324e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22421251%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22421251%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A240%2C%22h%22%3A400%2C%22ext%22%3A%7B%22siteID%22%3A%22421251%22%2C%22sid%22%3A%22240x400%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A360%2C%22ext%22%3A%7B%22siteID%22%3A%22421251%22%2C%22sid%22%3A%22250x360%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22421251%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22421251%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2227a7973aeabc924%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22421222%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22421222%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%7D%5D%7D
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.26.214 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-26-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7895d55d11894a333af4ff24b833a9bc7c380022ca4b3cc7a3d74516370da383

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[89.249.64.171], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.babla.vn
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Tue, 31 Aug 2021 11:28:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:00 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e4f2c5e4-c9fb-4cc2-a17c-2257215c0e3a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.babla.vn
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690ab01717182962182bb48d60005&pos=8a9694390178783c4ccf4165ed9f0295&cmd=bid&secure=1
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
fe6c515919d58c3b22ea42d74ba7d858c0a10d2fd182832368e1ec51aeb27f2e

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 31 Aug 2021 11:28:00 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.babla.vn
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4704
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690ab01717182962182bb48d60005&pos=8a9694390178783c4ccf41650d920279&cmd=bid&secure=1
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
93ad1abfe8ffad1bb4d0ae19552722c495b6fa88e03b3521bbff9c02358c2a37

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 31 Aug 2021 11:28:00 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.babla.vn
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4693
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690ab01717182962182bb48d60005&pos=8a9699e70178783c43f94165106d0245&cmd=bid&secure=1
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
1caa4cad6f3186068b5c73697dc4ef7e3399afd207edfa2736664cb00aa3d77c

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 31 Aug 2021 11:28:00 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.babla.vn
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4693
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690ab01717182962182bb48d60005&pos=8a9699e70178783c43f941656fc20250&cmd=bid&secure=1
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
fb7c9be8484cc6355410f5d0ce78bb928f5bdbf9d53f5c17d14d5236d0ca171c

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 31 Aug 2021 11:28:00 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.babla.vn
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4650
auction
tlx.3lift.com/header/ 		19 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.7.0&referrer=https%3A%2F%2Fwww.babla.vn%2F&tmax=1300
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.231.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-231-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:00 GMT
x-auction-status
12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.babla.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.babla.vn
date
Tue, 31 Aug 2021 11:27:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:27:59 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.babla.vn
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:27:59 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.babla.vn
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:00 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.babla.vn
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:00 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.babla.vn
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:27:59 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.babla.vn
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:27:59 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.babla.vn
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:27:59 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.babla.vn
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
12215272,12215262,12215267,12215257
ad.yieldlab.net/yp/ 		2 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.yieldlab.net/yp/12215272,12215262,12215267,12215257?ts=1630409280350&json=true&ids=pubcid.org%3A6f7d6e95-251d-47ea-95a7-68b17ee21b43&pubref=https%3A%2F%2Fwww.babla.vn%2F
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:00 GMT
Content-Encoding
gzip
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa OUR IND COM NAV INT"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Language
en-US
Access-Control-Allow-Origin
https://www.babla.vn
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Content-Length
28
Expires
Mon, 30 Aug 2021 11:28:00 GMT
arj
idm-d.openx.net/w/1.0/ 		172 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idm-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.babla.vn%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4e54b5e4-dc19-4d64-9baf-d2f944a31efc%2C4e54b5e4-dc19-4d64-9baf-d2f944a31efc%2C3cf5ff47-7a28-49d2-86fb-34ca6e76f560%2C3cf5ff47-7a28-49d2-86fb-34ca6e76f560%2C01993b82-c6b5-4bbc-b09e-d039492c67cf%2C01993b82-c6b5-4bbc-b09e-d039492c67cf%2C43222d76-214a-44fd-8591-6ba948a6322d&nocache=1630409280351&pubcid=6f7d6e95-251d-47ea-95a7-68b17ee21b43&aus=728x90%2C750x100%2C750x200%2C950x90%2C970x250%2C970x90%2C980x120%2C980x90%7C728x90%2C750x100%2C750x200%2C950x90%2C970x250%2C970x90%2C980x120%2C980x90%7C120x600%2C160x600%2C240x400%2C250x360%2C300x250%2C300x600%7C120x600%2C160x600%2C240x400%2C250x360%2C300x250%2C300x600%7C120x600%2C160x600%2C240x400%2C250x360%2C300x250%2C300x600%7C120x600%2C160x600%2C240x400%2C250x360%2C300x250%2C300x600%7C300x250%2C336x280&divids=ad_topslot%2Cad_topslot%2Cad_leftslot%2Cad_leftslot%2Cad_rightslot%2Cad_rightslot%2Cad_btmslot&aucs=%2C%2C%2C%2C%2C%2C&auid=540874654%2C541047364%2C541035810%2C541047358%2C540874653%2C541047363%2C540874649
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
43527f0e5e74b8a3df9406da7a764a554feb616ecb9eb2fde1c3f5bc1869a0ad

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.babla.vn
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		272 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17282&site_id=287402&zone_id=1444176&size_id=2&alt_size_ids=31%2C39%2C40%2C55%2C57&p_pos=atf&eid_pubcid.org=6f7d6e95-251d-47ea-95a7-68b17ee21b43%5E1&rf=https%3A%2F%2Fwww.babla.vn%2F&tk_flint=pbjs_lite_v5.7.0&x_source.tid=4e54b5e4-dc19-4d64-9baf-d2f944a31efc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9665621577804715
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6b849f9654594434de6b8810a466fa1416a0365ced3a87ce4cacf3ac77d3729e

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:00 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.babla.vn
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
272
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		271 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17282&site_id=287402&zone_id=1657660&size_id=15&alt_size_ids=9%2C8%2C10%2C17%2C32&p_pos=atf&eid_pubcid.org=6f7d6e95-251d-47ea-95a7-68b17ee21b43%5E1&rf=https%3A%2F%2Fwww.babla.vn%2F&tk_flint=pbjs_lite_v5.7.0&x_source.tid=3cf5ff47-7a28-49d2-86fb-34ca6e76f560&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7790894835658597
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
746fc1b05a2c56a5b7bf5fd546e3ca1219193d1ae7e932aa912a4ee2a10b955d

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:00 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.babla.vn
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
271
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		271 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17282&site_id=287402&zone_id=1444174&size_id=15&alt_size_ids=9%2C8%2C10%2C17%2C32&p_pos=atf&eid_pubcid.org=6f7d6e95-251d-47ea-95a7-68b17ee21b43%5E1&rf=https%3A%2F%2Fwww.babla.vn%2F&tk_flint=pbjs_lite_v5.7.0&x_source.tid=01993b82-c6b5-4bbc-b09e-d039492c67cf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9838170762404927
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ef3f50c81f0e7c17cda9d1bbe286c9a6c0316e959d142071b608649662b8abb6

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:00 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.babla.vn
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
271
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17282&site_id=287402&zone_id=1444168&size_id=15&alt_size_ids=16&p_pos=btf&eid_pubcid.org=6f7d6e95-251d-47ea-95a7-68b17ee21b43%5E1&rf=https%3A%2F%2Fwww.babla.vn%2F&tk_flint=pbjs_lite_v5.7.0&x_source.tid=43222d76-214a-44fd-8591-6ba948a6322d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5859373404362325
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f161de538db293cd811def4d0bcac5762835d2502e53a1f5c86f45e4724c6a85

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:00 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.babla.vn
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		18 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.7.0&cb=54998420315
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Aug 2021 11:27:59 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.babla.vn
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
id
googleads.g.doubleclick.net/pagead/ Frame 3540
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/n2m31w97A4Y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
235fc676dc26ad1d957bab31ab407ac27b8bce5be5c18451cc83bca595398a1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 31 Aug 2021 11:28:00 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 3540 		29 B
112 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:27:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
2
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Tue, 31 Aug 2021 11:42:58 GMT
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 8970 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1695067.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.babla.vn/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.babla.vn/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
T2CVj1_xg5GH7GJeHGYwqMmICmraSRt9ZRhlBMNVwwyAEnjCKNPhlw==
age
3841890
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=kn6wn3xMOVV0SWxsN0lxV3JnSG9GQ2VUNUUxNy9hRE8zc0V0ZjJjTkQwSEF6ai81dFpHZXlaMktEdjRRaGQwSkM3UFNOU2NHemJSUFFjNHBWYVFFQy94SCtHNGdtVmdFazE5RklsZTg2RzhwclNHODRJdEYwem9sOGQwZmptZ0cxZTRPTVB6YjYrenVZbGxQOStIT2MzczZLczY0ZmhpOVE2dDIyNmZVSW9NSWRxbC9BREdDUkg0UnF1TVFOVFFNc3I0UVZLOXI1Y2VOUjNncjIrM3pDMmt4UXpHQ3BLdlZtTXdiMFREVXZoWmFiZlpvPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1031
date
Tue, 31 Aug 2021 11:27:59 GMT
content-encoding
gzip
vary
Accept-Encoding
remote.js
www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/ Frame 3540 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d011fec891e4e7af8c7901fd7c25f7831bfc0d931b6ac9754c1b214ab2ab39bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/n2m31w97A4Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 00:16:12 GMT
server
sffe
age
78684
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29767
x-xss-protection
0
expires
Tue, 30 Aug 2022 13:36:36 GMT
TfFoB2a7yVVGE2tGGw51LMET2bfVRgJEPfkhgeY_Qv4.js
www.google.com/js/th/ Frame 3540 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/TfFoB2a7yVVGE2tGGw51LMET2bfVRgJEPfkhgeY_Qv4.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4df1680766bbc95546136b461b0e752cc113d9b7d54602443df92181e63f42fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 05:16:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
540708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13387
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 09:00:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 05:16:12 GMT
embed.js
www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/ Frame 3540 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
937feed71ffd28d1ec7d206fb85a997faa808ea562dbdace67adb4f2e6f2cd12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/n2m31w97A4Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 00:16:12 GMT
server
sffe
age
78684
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7277
x-xss-protection
0
expires
Tue, 30 Aug 2022 13:36:36 GMT
truncated
/ Frame 3540 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
AKedOLSajIdz5aOWiTiBnNNOKL5lr5GIEYvGygNvpqO6KE8=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 3540 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLSajIdz5aOWiTiBnNNOKL5lr5GIEYvGygNvpqO6KE8=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/n2m31w97A4Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b473636cb1c10eee2ec98ad0ce8493fc7dca9259d2ff6d0669495f98e1f5d238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:24:32 GMT
x-content-type-options
nosniff
age
208
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3050
x-xss-protection
0
server
fife
etag
"v684d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 25 Aug 2021 13:44:52 GMT
sddefault.jpg
i.ytimg.com/vi/n2m31w97A4Y/ Frame 3540 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/n2m31w97A4Y/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/n2m31w97A4Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70a15aee8a3698f81baef5bb3ddad28c50bfa696c2906597df112b9874a0907c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:20:46 GMT
x-content-type-options
nosniff
server
sffe
age
434
etag
"1612069653"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44172
x-xss-protection
0
expires
Tue, 31 Aug 2021 13:20:46 GMT
l
api.btloader.com/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.btloader.com/l?event=unknownDomain&org=5750296052498432&domain=babla.vn
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
via
1.1 google
alt-svc
clear
vary
Origin
monitoring-b9c1383.js
cdn.pbstck.com/ 		177 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pbstck.com/monitoring-b9c1383.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/f18c027f-eefb-48c2-b89a-f013e1828e06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
016c1ffade85a4283b2422ea6a8efea381e3f590b61ece9a0edb3b86ec5273c4

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
br
cf-cache-status
HIT
age
337200
x-guploader-uploadid
ADPycdtUrd5oYEW9PkbPH7JH-19cp86Duvrq21TaQwmmIOha8GDp4UDm_bsbnTcOKlcdeqJ_3UxX0crnrncWzcTG-Q
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Fri, 27 Aug 2021 13:32:43 GMT
server
cloudflare
etag
W/"a29f8b294d9d2031a0b70bea249f56f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=2Rsqzw==, md5=op+LKU2dIDGgtwvqJJ9W8g==
x-goog-generation
1630071163851564
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, immutable
x-goog-stored-content-length
49940
cf-ray
6875e9b3baba4a7a-FRA
expires
Fri, 03 Sep 2021 13:32:49 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.babla.vn
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.babla.vn
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4072898523919555&correlator=403872531729164&output=ldjh&impl=fifs&eid=31062435%2C21068031%2C31062351%2C31062297&vrg=2021083001&ptt=17&sc=1&sfv=1-0-38&ecs=20210831&iu_parts=23202586%2Cbabla_topslot%2Cbabla_leftslot%2Cbabla_rightslot%2Cbabla_btmslot&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C750x100%7C750x200%7C950x90%7C970x250%7C970x90%7C980x120%7C980x90%2C120x600%7C160x600%7C240x400%7C250x360%7C300x250%7C300x600%2C120x600%7C160x600%7C240x400%7C250x360%7C300x250%7C300x600%2C300x250%7C336x280&prev_scp=vp%3Dtop%26hp%3Dcenter%26sri%3D0%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.05%26hb_adid%3D83ee905d39e403d%26hb_bidder%3Donemobile%7Cvp%3Dtop%26hp%3Dleft%26sri%3D0%26hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D0.05%26hb_adid%3D8200a75ccb319f6%26hb_bidder%3Donemobile%7Cvp%3Dtop%26hp%3Dright%26sri%3D0%26hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D0.05%26hb_adid%3D8017fa98d0ca4e6%26hb_bidder%3Donemobile%7Cvp%3Dbtm%26hp%3Dcenter%26sri%3D0%26hb_format%3Dbanner%26hb_size%3D336x280%26hb_pb%3D0.05%26hb_adid%3D8172c5392cd720f%26hb_bidder%3Donemobile&eri=5&cust_params=babla_l%3Dvi%26babla_pc%3Dhome%26sfr%3Dlab_home%26up_recovery%3Dfalse%26excl_cat%3Dgpw%252Cwprod&cookie_enabled=1&bc=31&abxe=1&dt=1630409280606&dlt=1630409279944&idt=291&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C55%2C1245%2C650&adys=321%2C331%2C331%2C926&adks=4024796587%2C2437791816%2C1114375296%2C3620166985&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&flash=0&url=https%3A%2F%2Fwww.babla.vn%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C300x0%7C300x0%7C300x0&msz=728x0%7C300x0%7C300x0%7C300x0&ga_vid=467946044.1630409280&ga_sid=1630409281&ga_hid=652124566&ga_fc=false&fws=4%2C4%2C4%2C4&ohw=1600%2C315%2C1600%2C1600&btvi=0%7C0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
74178e1a5dc38b27a5d99e30aec45716e84eeec3c1d9d09880cd561d971c6bfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.babla.vn
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
478c6b20ac91837adad39a855377bafa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 429A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://478c6b20ac91837adad39a855377bafa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
478c6b20ac91837adad39a855377bafa.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.babla.vn/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.babla.vn/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Tue, 31 Aug 2021 11:28:00 GMT
expires
Wed, 31 Aug 2022 11:28:00 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 3540 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Tue, 31 Aug 2021 11:28:00 GMT
generate_204
www.youtube.com/ Frame 3540 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?-fvS0Q
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/n2m31w97A4Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021083001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
493334506fd76f366faf03e8055c209166bbccd57abf96b3d18f9539101f4795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Aug 2021 11:28:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8488
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 31 Aug 2021 11:28:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C93F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.babla.vn/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.babla.vn/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Tue, 31 Aug 2021 09:55:29 GMT
expires
Wed, 31 Aug 2022 09:55:29 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5552
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 5B95 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
af056eeeef73f8da4e4d87b76bfe80b62a5a04607a8dd7717c9cbeea61cb42a0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-grfj2dGOjvCylQ1cNOxvDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.babla.vn/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.babla.vn/

Response headers

expires
Tue, 31 Aug 2021 11:28:01 GMT
date
Tue, 31 Aug 2021 11:28:01 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-grfj2dGOjvCylQ1cNOxvDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js
pagead2.googlesyndication.com/bg/ Frame C93F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 29 Aug 2021 13:19:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
166129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13381
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Aug 2022 13:19:12 GMT
auction
intake.pbstck.com/v1/intake/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intake.pbstck.com/v1/intake/auction?sId=fa44a47f&tId=f18c027f-eefb-48c2-b89a-f013e1828e06&c=4&ctr=DE
Requested by
Host: www.babla.vn
URL: https://www.babla.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 31 Aug 2021 11:28:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6875e9b7ba2e4a7a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021083001&jk=4072898523919555&bg=!JCelJ2PNAAZOkH6FTpA7ACkAdvg8WkSZ48cPCH2RJDQ-O66B_w6Ezen4ovgcnZE2ePdQlGlQ647QJgIAAABcUgAAAAtoAQcKAMjgNnxJgdfcIyE45Gif_EV-N4QRcQV2zeLOZLI8BfsIIvAiG5Pd-riZulMXUHjrhrZvYHW1hXO5vMmz8_mZW8mRuRxnBrduz1McKvHSO8JEJbdPIzNYTpZ9tJIsQS0qyNelA8JBA13ALaBl8lM7WWeENzlmXPpmyQ6HltaNelOZbDisMZoY-akjbpQsRRcSuzRLevgLylm0EaB1woz4K5zxyE5_yvzt9Av3XxCSDs0dX5IHECDbPRaHpu2TbxTHYLRwf_yIN68EkJkCb8KQjecDOaAdPlyL-f094SGc9QvdRTbZkQVrezSau52Fb8_fEe30MtmaEbLhwzas1rA_SVJ7t6nr8gC0pAa9EBoHk030UgrP7kAqxWWOArxJK-yVDRIYmFlXDYLfMYJUTNsBozHa3wjIn2kHqDPGGRxU0Jn2ZL8OOqJSsYeZoN0pTfJjTnr6MAte7u2Pi5BKQL3bDwlF4gAYmmnTyk1_cpltUwa1dBMaM3I6O4aUzYABBWZth22NAmgUjgPz0KLQb3QKoS1WuAub5YgSh-hFWjQHnd2SZQDRcU1xyC4XGuy3R-G3qPyMig1BqqyrmvXrH02iyiNZwwlQAp4mEiyydRnwzxtRVXRlk-fWyfngGZljnIupx2EZNWWzswai57UrRP2T3n_pQQZ0v9jltz794hQCEet9BhNmUsMdlJTD180BaiRNUdKZxTimYB0PZY7sjLQacXJzZBbPVGp4KrqbCKZvLqP5KfGURMfxSQhuIV7fFamZhfirydVGl_UepVZ3FMLsndUZjWDCVsOQ4hRcz9ke8nR7aDxncnAyVn_C2PJcCWAm_lfVfDgr0myNowO-Fx8OViFG0fugxS4EQ1_VS1sbS854jl9_4uIWm5gdrVO3dCx-KIs5_THTrA3AKVXW4Az5U2zm-oNlQVPOmd9f5NnbObou0o_2OZI5STCWjJo0PRdkcbFK3-iGR2l3CK-3L2Y74-eue_8bOTmqXbzY3hXyAi26xWZtF4idMLiG-AXn5ONS_8xAEnCU4_U_8-VdPtOec1AlzlR-I4jwlR7FjYVkKjMt5MiNWjXJF6w7TxRMoZGV-oACqNFRFr741TC6
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
publishertag.prebid.105.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.105.js
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:01 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 11:00:30 GMT
server
nginx
etag
W/"6034e04e-14008"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 01 Sep 2021 11:28:01 GMT
syncframe
gum.criteo.com/ Frame 0528 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.babla.vn
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
371f0ceab6655c8448f64525b1d11186cb67ca91398655ddf145c93d77964f91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.babla.vn
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.babla.vn/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.babla.vn/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1903
set-cookie
uid=3adbae6c-920d-409c-8699-2ef400e661a3; expires=Sun, 25 Sep 2022 11:28:01 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Tue, 31 Aug 2021 11:28:01 GMT
content-length
4664
publishertag.prebid.js
static.criteo.net/js/ld/ 		84 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9b34825eb68ebbe49410251b863c07e811c9e406286c7a8f00f88e83d9729c68

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:01 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 15:58:00 GMT
server
nginx
etag
W/"61154508-14e39"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 01 Sep 2021 11:28:01 GMT
sid
mug.criteo.com/ Frame 0528
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=babla.vn&sn=ChromeSyncframe&so=1&topUrl=www.babla.vn&bundle=FWkE4191STdjY1hIJTJGTDdHUkpBc3VMZzN1M3p0SW5Bek00N0FoRG13emNadFRWeXlXaWZoaiUyQk...
  • https://mug.criteo.com/sid?cpp=tLBUpnxqYXIyQWZWNHZwQ2hvUlFnWmpMMVd5U0dMNGZIZTE1S3RNeHMyUGVVc3ovRnFJVm14eWpVbFFxd2k3NEN1YXJyWWFEU3JzOXB5ekE5eUFDbVN1TjhUM0tvR1ZBSUphYXlEQVk1bUd3NGtaWEFBaTRNYitJWHZDMz...
425 B
613 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tLBUpnxqYXIyQWZWNHZwQ2hvUlFnWmpMMVd5U0dMNGZIZTE1S3RNeHMyUGVVc3ovRnFJVm14eWpVbFFxd2k3NEN1YXJyWWFEU3JzOXB5ekE5eUFDbVN1TjhUM0tvR1ZBSUphYXlEQVk1bUd3NGtaWEFBaTRNYitJWHZDMzdDMVFTbC9mR3haVExha2c5anArRFRiVERBNTJEWVJVNVRwTUlTWDFRNUp5ZkJMaCs3bGpLLzA2c0FLRGhlNk1Jb2VpQklBd1l5RitCTktFUGFTZVMwODgyeDNkNTl2WjVvTTJNdkhtUllBUmFMU2JlUWNpTGJ3RzhwVDNaYis0NUN0VE9EK2Zvc0FLazRwZHVZRUtyNW1Leko3WWhYQT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
45c24c5cede616689c444265ec162fc2374eeee8634a29bd744ec9bf0d7ab6b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 31 Aug 2021 11:28:01 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2600
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 31 Aug 2021 11:28:01 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=tLBUpnxqYXIyQWZWNHZwQ2hvUlFnWmpMMVd5U0dMNGZIZTE1S3RNeHMyUGVVc3ovRnFJVm14eWpVbFFxd2k3NEN1YXJyWWFEU3JzOXB5ekE5eUFDbVN1TjhUM0tvR1ZBSUphYXlEQVk1bUd3NGtaWEFBaTRNYitJWHZDMzdDMVFTbC9mR3haVExha2c5anArRFRiVERBNTJEWVJVNVRwTUlTWDFRNUp5ZkJMaCs3bGpLLzA2c0FLRGhlNk1Jb2VpQklBd1l5RitCTktFUGFTZVMwODgyeDNkNTl2WjVvTTJNdkhtUllBUmFMU2JlUWNpTGJ3RzhwVDNaYis0NUN0VE9EK2Zvc0FLazRwZHVZRUtyNW1Leko3WWhYQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1856
content-length
541
expires
0
log_event
www.youtube.com/youtubei/v1/ Frame 3540 		28 B
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/n2m31w97A4Y
X-YouTube-Client-Version
1.20210829.0.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtUbjdRc0IyNldZVSjApLiJBg%3D%3D
X-YouTube-Ad-Signals
dt=1630409280263&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C400%2C225&vis=1&wgl=true&ca_type=image&bid=ANyPxKp48_5PEgS4vIs_QtWCbfdZfWJbC46dzW3DZpRZCmFJ30gZH7YaISWUsyKStu8Y3g8z3zsGBY71Vc9rLfDOyse4E69rqA

Response headers

date
Tue, 31 Aug 2021 11:28:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 31 Aug 2021 11:28:02 GMT
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=uarus31&fmt=json
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
08fe5cb57ce9abb1fdcbef982be9023147eb283b35a89539acb737d9ee608cf8

Request headers

Referer
https://www.babla.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 31 Aug 2021 11:28:03 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.babla.vn
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Thu, 30 Sep 2021 11:28:03 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4316 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.babla.vn/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.babla.vn/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 30 Jul 2021 04:43:13 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 31 Aug 2021 11:28:03 GMT
Age
24150
X-Served-By
cache-lga21936-LGA, cache-fra19137-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 222438
X-Timer
S1630409284.629411,VS0,VE0
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 44CE 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=158679
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.babla.vn/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.babla.vn/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=72101
expires
Wed, 01 Sep 2021 07:29:44 GMT
date
Tue, 31 Aug 2021 11:28:03 GMT
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 8176
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
f0a5f66269c8763763d24ff474632ecf1f60b976caa11490f83ac45ddf273256

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.babla.vn/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=4644789755262209631
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.babla.vn/

Response headers

date
Tue, 31 Aug 2021 11:28:03 GMT
content-type
text/html; charset=utf-8
content-length
478
set-cookie
sync=CgoIgQIQgLHd37kvCgoIkQIQgLHd37kvCgoI4gEQgLHd37kvCgoIkgIQgLHd37kvCgoI5gEQgLHd37kvCgoIhwIQgLHd37kvCgkIOhCAsd3fuS8KCQgLEICx3d-5LwoJCF8QgLHd37kvCgkIHxCAsd3fuS8=; Max-Age=7776000; Expires=Mon, 29 Nov 2021 11:28:03 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=4644789755262209631; Max-Age=7776000; Expires=Mon, 29 Nov 2021 11:28:03 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Tue, 31 Aug 2021 11:28:03 GMT
content-length
0
set-cookie
tluid=4644789755262209631; Max-Age=7776000; Expires=Mon, 29 Nov 2021 11:28:03 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
csync.smilewanted.com/ Frame 2486 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33f075e20a85d2f347a2ebb2b83f635a09c1d6168c85a4dccab40e04108b75a3

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.babla.vn/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.babla.vn/

Response headers

date
Tue, 31 Aug 2021 11:28:03 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99hBw8gA5NGvGnWh9LSItX%2BQjsLAYfOG7rF18w30EW8skVXIYT9P6PoNWHUAvCsWcSO9nVPaCYRKVhzg0WnpImIu%2FpEfclzbs4RWomHRpOEgx2QiRizzmY6mjsBOyAnudEzkefkKMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6875e9c6be6e4069-CDG
content-encoding
br
usync.html
eus.rubiconproject.com/ Frame ED7E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.babla.vn/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.babla.vn/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Aug 2021 11:28:03 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame B157
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e82f0d2f-844d-48b4-b914-3200df7a271e&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e82f0d2f-844d-48b4-b914-3200df7a271e&gdpr=1
668 B
435 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e82f0d2f-844d-48b4-b914-3200df7a271e&gdpr=1
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
e7db92828c0de754ce612ce2247fb8721b6999d19148d54ce8370370b03083dc

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=e82f0d2f-844d-48b4-b914-3200df7a271e&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.babla.vn/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=108824fc-1c4d-0df5-38f9-0786c7fb15a1|1630409283
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.babla.vn/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=108824fc-1c4d-0df5-38f9-0786c7fb15a1|1630409283; Version=1; Expires=Wed, 31-Aug-2022 11:28:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1630409283|gekin0vNiygu; Version=1; Expires=Wed, 15-Sep-2021 11:28:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.214.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 31 Aug 2021 11:28:03 GMT
content-type
text/html
content-length
416
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

set-cookie
i=108824fc-1c4d-0df5-38f9-0786c7fb15a1|1630409283; Version=1; Expires=Wed, 31-Aug-2022 11:28:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.214.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e82f0d2f-844d-48b4-b914-3200df7a271e&gdpr=1
date
Tue, 31 Aug 2021 11:28:03 GMT
content-length
0
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ixmatch.html
js-sec.indexww.com/um/ Frame BB3D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: static.bab.la
URL: https://static.bab.la/js/vendor/pb-babla.min.js?v=1628170878
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.babla.vn/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.babla.vn/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 31 Aug 2021 11:28:03 GMT
Connection
keep-alive
PugMaster
image6.pubmatic.com/AdServer/ Frame 44CE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=20485924&p=158679&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c1ef807b09e4274db60a8dac7f6d325a666dc703ba3385e8c295c235a655a75d

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1810
content-type
text/html; charset=UTF-8
bounce
ib.adnxs.com/ Frame 4316
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:04 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cb25cd05-4d71-467f-a65a-e7eace087e11
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:03 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
807262a8-6ebd-45e1-b3e5-3927c1b8026f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame ED7E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
feef2ee4f187231eac47ca50712161da853390f3d431cdb2668486919a3c7d43

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 11:28:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Aug 2021 22:28:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14886
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9358
Expires
Tue, 31 Aug 2021 15:36:09 GMT
match
c1.adform.net/serving/cookie/ Frame 796A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=1F5CF7BF-A386-4D8F-B856-565BC78BCFB1
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1F5CF7BF-A386-4D8F-B856-565BC78BCFB1
35 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1F5CF7BF-A386-4D8F-B856-565BC78BCFB1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=1F5CF7BF-A386-4D8F-B856-565BC78BCFB1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 11:28:03 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=8827229890763355002; expires=Sat, 30 Oct 2021 11:28:03 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Tue, 31 Aug 2021 11:28:03 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1F5CF7BF-A386-4D8F-B856-565BC78BCFB1
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Thu, 30 Sep 2021 11:28:03 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 2E1C
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4479911125874688779
42 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4479911125874688779
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4479911125874688779
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=1F5CF7BF-A386-4D8F-B856-565BC78BCFB1; chkChromeAb67Sec=1; DPSync3=1631577600%3A201_197_219%7C1630454400%3A174; SyncRTB3=1631577600%3A220_21_13_161_56_7; SPugT=1630409283; KRTBCOOKIE_27=16735-uid:d060612e-1243-4000-9d4c-b6416327a77d&KRTB&16736-uid:d060612e-1243-4000-9d4c-b6416327a77d&KRTB&23019-uid:d060612e-1243-4000-9d4c-b6416327a77d&KRTB&23114-uid:d060612e-1243-4000-9d4c-b6416327a77d; PugT=1630409283; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 31 Aug 2021 11:28:03 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-4479911125874688779; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 11:28:03 GMT; path=/ PugT=1630409283; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Sep-2021 11:28:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 29-Nov-2021 11:28:03 GMT; path=/
x-lat
lhrpug016:0:364
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4479911125874688779
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 44CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=H1z3v6OGTY-4VlZbx4vPsQ%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=H1z3v6OGTY-4VlZbx4vPsQ%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:03 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=72101
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 01 Sep 2021 07:29:44 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 44CE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=47f5612e-1243-4b00-9ef0-056cadd72513
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=47f5612e-1243-4b00-9ef0-056cadd72513
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 31 Aug 2021 11:28:03 GMT
Server
MT3 3865 cc0e612 master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=47f5612e-1243-4b00-9ef0-056cadd72513
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 11:28:02 GMT
mw
mwzeom.zeotap.com/ Frame 44CE
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=1F5CF7BF-A386-4D8F-B856-565BC78BCFB1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=7eb53ffa-1db2-4e73-9059-7dcf39c08acd&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=557f12fe3a946432
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8f7213b0-505c-4e21-6565-68c2812c8fef&reqId=b2981db5-6547-4c22-4967-3c951b0fb352&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGkj3XvOXr7IA-fitu8hB88&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8f7213b0-505c-4e21-6565-68c2812c8fef&reqId=b2981db5-6547-4c22-4967-3c9...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEGkj3XvOXr7IA-fitu8hB88&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8f7213b0-505c-4e21-6565-68c2812c8fef&reqId=b2981db5-6547-4c22-4967-3c951b0fb352&zcluid=557f12fe3a946432&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6875e9cadecc5369-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEGkj3XvOXr7IA-fitu8hB88&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8f7213b0-505c-4e21-6565-68c2812c8fef&reqId=b2981db5-6547-4c22-4967-3c951b0fb352&zcluid=557f12fe3a946432&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 44CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUY1Q0Y3QkYtQTM4Ni00RDhGLUI4NTYtNTY1QkM3OEJDRkIx&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUY1Q0Y3QkYtQTM4Ni00RDhGLUI4NTYtNTY1QkM3OEJDRkIx&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:506
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 44CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEYHlMekKtgTAYF0GvtO5h0&google_cver=1
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEYHlMekKtgTAYF0GvtO5h0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:2854
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEYHlMekKtgTAYF0GvtO5h0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 44CE 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:03 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 30 Aug 2021 11:28:03 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 44CE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7755732232632909883
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7755732232632909883
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:626
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7755732232632909883
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 44CE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d060612e-1243-4000-9d4c-b6416327a77d&gdpr=0&gdpr_consent=
42 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d060612e-1243-4000-9d4c-b6416327a77d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158679
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:363
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 31 Aug 2021 11:28:03 GMT
Server
MT3 3865 cc0e612 master zrh-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d060612e-1243-4000-9d4c-b6416327a77d&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 11:28:02 GMT
sd
eu-u.openx.net/w/1.0/ Frame B157
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=33fd612e-1243-4300-985f-1fec78baddb8
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=33fd612e-1243-4300-985f-1fec78baddb8
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e82f0d2f-844d-48b4-b914-3200df7a271e&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 31 Aug 2021 11:28:03 GMT
Server
MT3 3865 cc0e612 master zrh-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=33fd612e-1243-4300-985f-1fec78baddb8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 31 Aug 2021 11:28:02 GMT
sd
us-u.openx.net/w/1.0/ Frame B157
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=f1Ti9XhX5KNkBuOlcV39qHEG4fNkUej0cFRuyv8W
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=f1Ti9XhX5KNkBuOlcV39qHEG4fNkUej0cFRuyv8W
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e82f0d2f-844d-48b4-b914-3200df7a271e&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=f1Ti9XhX5KNkBuOlcV39qHEG4fNkUej0cFRuyv8W
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame B157
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1943750964246419725
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1943750964246419725
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e82f0d2f-844d-48b4-b914-3200df7a271e&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1943750964246419725
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame B157 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=c3241ba5-b5ca-3202-622f-cf6ea3dc265c&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e82f0d2f-844d-48b4-b914-3200df7a271e&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B157 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWY0YmM4NmYtN2NiZC02Y2E2LTc3Y2YtOTVkNzY5M2VlODNj
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e82f0d2f-844d-48b4-b914-3200df7a271e&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B157
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO0KbeeUlqPeNedNgi-XIZQ&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO0KbeeUlqPeNedNgi-XIZQ&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e82f0d2f-844d-48b4-b914-3200df7a271e&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO0KbeeUlqPeNedNgi-XIZQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame ED7E 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 2486 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2510148
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iq7qluorKs%2BIlOZkKkxFMExNw%2BwFimqqUXafQXPIdy9AK1NFfNir9ABuWzyVTVuEYwEEj5nXT4HZf4oEAtb7stXTcZLxzkidLPpLqBaKuRB7M8XkphyFzj0aSwzD5Jm7wLJVVSFMc2I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6875e9c828ec4069-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame F9AE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.babla.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.babla.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.babla.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
31004696327300c743b14dd8bd5e5368839bc778f4b5d58c0f4906c58d5e01a9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YS4SQ97svH1SormronQjlgAA; CMPS=5182
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|45|39|190|31|195|8
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1758
Expires
Tue, 31 Aug 2021 11:28:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:04 GMT
Connection
keep-alive
Set-Cookie
CMID=YS4SQ97svH1SormronQjlgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 11:28:04 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 11:28:04 GMT CMPRO=1219;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 11:28:04 GMT CMRUM3=08612e124405a00&2d612e124405a0&1f612e124405a00&c3612e124405a00&27612e12440b40&be612e124405a0&e6612e12442760&f1612e124405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 11:28:04 GMT CMST=YS4SRGEuEkQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 11:28:04 GMT

Redirect headers

Server
Apache
Content-Length
335
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.babla.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 31 Aug 2021 11:28:03 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:03 GMT
Connection
keep-alive
Set-Cookie
CMID=YS4SQ97svH1SormronQjlgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 11:28:03 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 11:28:03 GMT
generic
match.adsrvr.org/track/cmf/ Frame 8176 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 8176
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOMVczwVsc7LpkH62IDG6Cg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOMVczwVsc7LpkH62IDG6Cg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOMVczwVsc7LpkH62IDG6Cg&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8176
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY0NDc4OTc1NTI2MjIwOTYzMQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY0NDc4OTc1NTI2MjIwOTYzMQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDY0NDc4OTc1NTI2MjIwOTYzMQ%3D%3D
date
Tue, 31 Aug 2021 11:28:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame 8176 		42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4644789755262209631&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:03 GMT
etag
"9d284f105d6fd71:0"
last-modified
Fri, 02 Jul 2021 16:12:32 GMT
x-msedge-ref
Ref A: 69E0E18B91374844B3643F473707FA6A Ref B: FRAEDGE1406 Ref C: 2021-08-31T11:28:03Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 8176
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4644789755262209631?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-f6VGg7pE2oRFTRGmNXvOkZ8HDXEo6kxfKlImTNuQOA--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-f6VGg7pE2oRFTRGmNXvOkZ8HDXEo6kxfKlImTNuQOA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 31 Aug 2021 11:28:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-f6VGg7pE2oRFTRGmNXvOkZ8HDXEo6kxfKlImTNuQOA--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 8176
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1892964107568595119&dongle=4d58&gdpr=1&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=1892964107568595119&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:03 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7ad0e7ec-816c-4e54-bb16-46920d396f76
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=1892964107568595119&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 8176
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4644789755262209631
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4644789755262209631&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4644789755262209631&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0NJK0PN67K2DXH7GMCX1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4644789755262209631&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 8176
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 11:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 8176 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=4644789755262209631
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 8176 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=4644789755262209631
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
drop_cookie_sw.php
csync.smilewanted.com/ Frame 40A6 		0
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/drop_cookie_sw.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://csync.smilewanted.com/

Response headers

date
Tue, 31 Aug 2021 11:28:03 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
sw_user_params_infos=8sdRREvsw7LjLys0YvGw8%2F8SwyZCQCC6ddSfqhetsUgYNUewYzfgqoArutI%2BCeCW%2F7PLeHGgUpwffmjjuRUgJwETzxb2ORoHNPFOLNmDEN6Mia0dNse%2BBrdIA0FOk2u6Z2Aj7gsbHwzQPhUEK0YrbA%3D%3D; expires=Wed, 31-Aug-2022 17:17:15 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dldr2hcu%2F6i8BqiLfNq93WcftfCIKWX9ZdRRUrhvKk8Qnx3MsOmmVEXWYxyNT0znopYK%2BbyN2hL7%2Bv5eX%2BcFf13L%2Fe0CB5Q9vo008gf8dLe6WIM8cQ62mH8HnlM6TpMQhFbG7bOcQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6875e9c8da104069-CDG
content-encoding
br
6206213745645891746
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 2586
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
  • https://csync.smilewanted.com/set_partner_userid_get/smart/6206213745645891746
0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/6206213745645891746
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/set_partner_userid_get/smart/6206213745645891746
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
sw_user_params_infos=fm4ecx8khqIlxm7Y2quHC8j5ol9q0GnJRfL0YlVOsQx%2Fy6rNxndaLH7QVeMckS9pfVXI2D6Xkq%2BZzbMGwjtXhkPR7tQwDpbBBcbnHve8tQkG86Q7HlocSskTI4T8Xgj51%2FC2rYhE4edcaXHHvlY7fdUsFlBW6lGvnaOl8OqOofVB4saDTsdUSFLHX4JZ%2FruWetr3nTIWbCbli%2FOiXarnRbS3LCHAifBQ%2FYtKc21mlV8lBcK5r7PsE5O0Nyco9FPPoZfccf%2FUtQ2A9FnLiElC9blQE2ez7oH%2BfgjhQMRJsmo%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://csync.smilewanted.com/

Response headers

date
Tue, 31 Aug 2021 11:28:04 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
sw_user_params_infos=w6gnDnPkpfXEEmyk6ezQ1fYxp6cSajevB%2F7J%2F3pFWi5BMU1JoAnJ8pFdNsXvIoAY%2F71PFGtROZm90hxLdjsOyAvCbWk0bAloOT0zsyZFCpmMhhd47v9DdF6O633niiBEqyqPglGoeSnBhnB72QtoCtAf7aamfEVw128%2BlgIZ6ymbCHz8GKt%2FyGtQaqtO7h%2Fan3xIkYXuRzU%2F2W2KiiM9BeNG%2BAlfwugZKHp2JNDSkk%2BsTesdVkjWirLx3SulKD145VqA0jDt8iqJTBma2qIYWSAnUbCJc%2FX4xQrPMJ2jJbsRkZbAmhW9AmUNO22hFxRbQ7L6jgApOizxqNJZYkaD4g%3D%3D; expires=Wed, 31-Aug-2022 17:17:16 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbcpJ0CK70eq60O58lxRTVbf6QUlJYEjunnuHX7XwQhlg59frtXCskpIQ6iuwsI7iRip6qnBfNL7INUjOHtaU%2BidcbJCwqWel7KR4EsjxP4XAPIdmLekFl3OgdS624UenYD%2BYYS0tA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6875e9cb2eea4069-CDG
content-encoding
br

Redirect headers

date
Tue, 31 Aug 2021 11:28:04 GMT
content-length
0
cache-control
no-cache,no-store
pragma
no-cache
location
https://csync.smilewanted.com/set_partner_userid_get/smart/6206213745645891746
set-cookie
pid=6206213745645891746; expires=Fri, 30 Sep 2022 11:28:04 GMT; domain=.smartadserver.com; path=/; SameSite=None; secure pdomid=21; expires=Fri, 30 Sep 2022 11:28:04 GMT; domain=.smartadserver.com; path=/; SameSite=None; secure
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
c01ed9f7-1747-4670-bdce-cba9becc908a&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 08AF
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/c01ed9f7-1747-4670-bdce-cba9becc908a&partner_id=1010
0
948 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/c01ed9f7-1747-4670-bdce-cba9becc908a&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/set_partner_userid_get/improve/c01ed9f7-1747-4670-bdce-cba9becc908a&partner_id=1010
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
sw_user_params_infos=8sdRREvsw7LjLys0YvGw8%2F8SwyZCQCC6ddSfqhetsUgYNUewYzfgqoArutI%2BCeCW%2F7PLeHGgUpwffmjjuRUgJwETzxb2ORoHNPFOLNmDEN6Mia0dNse%2BBrdIA0FOk2u6Z2Aj7gsbHwzQPhUEK0YrbA%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://csync.smilewanted.com/

Response headers

date
Tue, 31 Aug 2021 11:28:04 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
sw_user_params_infos=9mOuhNzuBxDo11H8UPQ4GzBTG424qpa5H5qA4TB2pkUzMhGv9Xluqs8rWnTdTkNvEBOBzvOCwd7PV3oUC6ne24KyB9HG1JRS0Wvg6uwB3LDY09SaA%2Brrzvb4HA4YTnyJAqPa42zKUpvtO5bBSLOm2ntU9NvIMqA4KOc53p4HTdxqvJevMrwiWOT9pUjWyq8%2FaY8DLW2s7o3nVOobyWdb9An%2FICUSlSzgwm6lcUyT2Gg%3D; expires=Wed, 31-Aug-2022 17:17:16 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3r%2Bk6dO3NDkdeGG5py8ixpFfhj7rqzFt8JGXrpMjQ7K8yZLS2A8ThXvzGvrKYA8PJLf7JbgXlk5ZCIUrmGpVnIz2NF8GMtuAgIptjKGMUNlqNic9sV7SWvbGnRw8pcMNrLCo7UDkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6875e9c98b7c4069-CDG
content-encoding
br

Redirect headers

date
Tue, 31 Aug 2021 11:28:04 GMT
content-type
text/plain
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/improve/c01ed9f7-1747-4670-bdce-cba9becc908a&partner_id=1010
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usermatchredir
ssum-sec.casalemedia.com/ Frame F9AE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS4SQ97svH1SormronQjlgAABMMAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEf66MwCxVy02abPtY17cCg&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEf66MwCxVy02abPtY17cCg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.babla.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 31 Aug 2021 11:28:04 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEf66MwCxVy02abPtY17cCg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F9AE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS4SQ97svH1SormronQjlgAABMMAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS4SQ97svH1SormronQjlgAABMMAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS4SQ97svH1SormronQjlgAABMMAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.babla.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZW9PGF24WEX318T8B672
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
3KVM6CV6F917K4HXMSBX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS4SQ97svH1SormronQjlgAABMMAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F9AE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS4SQ97svH1SormronQjlgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFnGX6qaLi_6prFdsM2GHc4&google_cver=1&gdpr=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFnGX6qaLi_6prFdsM2GHc4&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.babla.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 11:28:04 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFnGX6qaLi_6prFdsM2GHc4&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F9AE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.babla.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Aug 2021 11:28:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
ib.adnxs.com/ Frame F9AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.babla.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
noop
px.owneriq.net/ Frame F9AE
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6836956851923524715&uid=Q6836956851923524715&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.babla.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 11:28:05 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 31 Aug 2021 11:28:05 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame F9AE
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d3b65cc7-de2d-4562-a1a6-60a41cb5cb86
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d3b65cc7-de2d-4562-a1a6-60a41cb5cb86&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d3b65cc7-de2d-4562-a1a6-60a41cb5cb86&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.babla.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 11:28:05 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d3b65cc7-de2d-4562-a1a6-60a41cb5cb86&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
304
Expires
Tue, 31 Aug 2021 11:28:05 GMT
crum
dsum-sec.casalemedia.com/ Frame F9AE
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=55bd9ecf-9b9c-423c-a372-32598d90bd39&expiration=1661945284
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=55bd9ecf-9b9c-423c-a372-32598d90bd39&expiration=1661945284
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.babla.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 11:28:04 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=55bd9ecf-9b9c-423c-a372-32598d90bd39&expiration=1661945284
date
Tue, 31 Aug 2021 11:28:04 GMT
server
Kestrel
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame F9AE 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YS4SQ97svH1SormronQjlgAA%261219
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.babla.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 11:28:05 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1955
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 31 Aug 2021 12:00:40 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame A8FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
pixel.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://csync.smilewanted.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://csync.smilewanted.com/

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Expires
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FC71 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=158810&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES; KADUSERCOOKIE=1F5CF7BF-A386-4D8F-B856-565BC78BCFB1; chkChromeAb67Sec=1; DPSync3=1631577600%3A201_197_219%7C1630454400%3A174; SyncRTB3=1631577600%3A220_21_13_161_56_7; SPugT=1630409283; KRTBCOOKIE_27=16735-uid:d060612e-1243-4000-9d4c-b6416327a77d&KRTB&16736-uid:d060612e-1243-4000-9d4c-b6416327a77d&KRTB&23019-uid:d060612e-1243-4000-9d4c-b6416327a77d&KRTB&23114-uid:d060612e-1243-4000-9d4c-b6416327a77d; PugT=1630409283; PUBMDCID=3; KRTBCOOKIE_336=5844-4479911125874688779; KRTBCOOKIE_391=22924-7755732232632909883&KRTB&23263-7755732232632909883; KRTBCOOKIE_80=22987-CAESEEYHlMekKtgTAYF0GvtO5h0&KRTB&16514-CAESEEYHlMekKtgTAYF0GvtO5h0&KRTB&23025-CAESEEYHlMekKtgTAYF0GvtO5h0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://csync.smilewanted.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=72100
expires
Wed, 01 Sep 2021 07:29:44 GMT
date
Tue, 31 Aug 2021 11:28:04 GMT
vary
Accept-Encoding
YS4SQ97svH1SormronQjlgAA%261219
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 2C86
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YS4SQ97svH1SormronQjlgAA%261219
0
642 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YS4SQ97svH1SormronQjlgAA%261219
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/set_partner_userid_get/indexexchange/YS4SQ97svH1SormronQjlgAA%261219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
sw_user_params_infos=9mOuhNzuBxDo11H8UPQ4GzBTG424qpa5H5qA4TB2pkUzMhGv9Xluqs8rWnTdTkNvEBOBzvOCwd7PV3oUC6ne24KyB9HG1JRS0Wvg6uwB3LDY09SaA%2Brrzvb4HA4YTnyJAqPa42zKUpvtO5bBSLOm2ntU9NvIMqA4KOc53p4HTdxqvJevMrwiWOT9pUjWyq8%2FaY8DLW2s7o3nVOobyWdb9An%2FICUSlSzgwm6lcUyT2Gg%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://csync.smilewanted.com/

Response headers

date
Tue, 31 Aug 2021 11:28:04 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
sw_user_params_infos=fm4ecx8khqIlxm7Y2quHC8j5ol9q0GnJRfL0YlVOsQx%2Fy6rNxndaLH7QVeMckS9pfVXI2D6Xkq%2BZzbMGwjtXhkPR7tQwDpbBBcbnHve8tQkG86Q7HlocSskTI4T8Xgj51%2FC2rYhE4edcaXHHvlY7fdUsFlBW6lGvnaOl8OqOofVB4saDTsdUSFLHX4JZ%2FruWetr3nTIWbCbli%2FOiXarnRbS3LCHAifBQ%2FYtKc21mlV8lBcK5r7PsE5O0Nyco9FPPoZfccf%2FUtQ2A9FnLiElC9blQE2ez7oH%2BfgjhQMRJsmo%3D; expires=Wed, 31-Aug-2022 17:17:16 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtLhc3YV6jzhlXTT5f3uC9lc0tkQqN%2BQ%2BpxYSIdesGRHD%2BBZ95VVdalWJMgsLqHMx8ZUYXLaZNPzEO6fjGREnTzNYs1xq5WNpWaYOCS%2F08c2Vbvwi6iJjz1iMZ8PHsKV2ntMjeMYRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6875e9ca2cd34069-CDG
content-encoding
br

Redirect headers

Server
Apache
Content-Length
282
Content-Type
text/html; charset=iso-8859-1
Location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YS4SQ97svH1SormronQjlgAA%261219
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 31 Aug 2021 11:28:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:04 GMT
Connection
keep-alive
Set-Cookie
CMID=YS4SQ97svH1SormronQjlgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 31 Aug 2022 11:28:04 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 11:28:04 GMT CMPRO=1219;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 29 Nov 2021 11:28:04 GMT
81cbf587-0a4e-11ec-9d25-175bad840306
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 61AA
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=81cbf5da-0a4e-11ec-9d25-175bad840306
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/81cbf587-0a4e-11ec-9d25-175bad840306
0
692 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/81cbf587-0a4e-11ec-9d25-175bad840306
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/set_partner_userid_get/spotx/81cbf587-0a4e-11ec-9d25-175bad840306
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
sw_user_params_infos=fm4ecx8khqIlxm7Y2quHC8j5ol9q0GnJRfL0YlVOsQx%2Fy6rNxndaLH7QVeMckS9pfVXI2D6Xkq%2BZzbMGwjtXhkPR7tQwDpbBBcbnHve8tQkG86Q7HlocSskTI4T8Xgj51%2FC2rYhE4edcaXHHvlY7fdUsFlBW6lGvnaOl8OqOofVB4saDTsdUSFLHX4JZ%2FruWetr3nTIWbCbli%2FOiXarnRbS3LCHAifBQ%2FYtKc21mlV8lBcK5r7PsE5O0Nyco9FPPoZfccf%2FUtQ2A9FnLiElC9blQE2ez7oH%2BfgjhQMRJsmo%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://csync.smilewanted.com/

Response headers

date
Tue, 31 Aug 2021 11:28:04 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
sw_user_params_infos=3OtFRDj7kX5wQgLbyFurC1NU8L56gN9LOKVgvO8yBac1RQZvlBQd7uiUTbJ27%2B9qrwELJRNylDwZ%2FHchAx14MsEWVMN%2BTVe2vXEmAUAEey7rimlWwTH8GPdxaiEOtES6ONMXmOHCW6gGTRaUZTGVmtDQ8eHGmrbJpm2KiZ2XIb3Vn3YTCxfoj%2F5FNHpedBKYqcqiz0lYuz5OZgW2XPeuDgkbVR9xVtq7OapNcB5a3OFKbdZqlnecL2j5BYFq%2FUKbfw6w9aVScoAyDu%2BAYgUIrnhZTZXWSEGoiT8FdePTs%2FYcDaUe%2BH81MwXCuzUqrhC3S5i0EQo3TzUSTj2TsZwfpZlXeSyZEPMFuN2tiEVf%2FH8%3D; expires=Wed, 31-Aug-2022 17:17:16 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StdVOxrKI8fVG2ay9GZ9Yb1A7HO5DAJgKFxjNskAGh2AndOOn0sw4B91XHvMaBegONlicpn9yxGmbIZnsczjy4dzOYBqfnSi3Ri3UkOo4f5eKURdGuwXPN3ztbnTk9Qef9T38eYxcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6875e9cb2ee74069-CDG
content-encoding
br

Redirect headers

Server
nginx
Date
Tue, 31 Aug 2021 11:28:04 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Set-Cookie
audience=81cbf587-0a4e-11ec-9d25-175bad840306; expires=Wed, 31-Aug-2022 12:34:44 GMT; path=/; domain=.spotxchange.com; SameSite=none; Secure
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/81cbf587-0a4e-11ec-9d25-175bad840306
X-fe
138
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
1892964107568595119
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame 847D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/1892964107568595119
0
707 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/1892964107568595119
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/set_partner_userid_get/appnexus/1892964107568595119
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
sw_user_params_infos=fm4ecx8khqIlxm7Y2quHC8j5ol9q0GnJRfL0YlVOsQx%2Fy6rNxndaLH7QVeMckS9pfVXI2D6Xkq%2BZzbMGwjtXhkPR7tQwDpbBBcbnHve8tQkG86Q7HlocSskTI4T8Xgj51%2FC2rYhE4edcaXHHvlY7fdUsFlBW6lGvnaOl8OqOofVB4saDTsdUSFLHX4JZ%2FruWetr3nTIWbCbli%2FOiXarnRbS3LCHAifBQ%2FYtKc21mlV8lBcK5r7PsE5O0Nyco9FPPoZfccf%2FUtQ2A9FnLiElC9blQE2ez7oH%2BfgjhQMRJsmo%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://csync.smilewanted.com/

Response headers

date
Tue, 31 Aug 2021 11:28:04 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
sw_user_params_infos=PqqP4fUCoBFO9z9NB8%2B2klSc1unY4pT5BW5SQJxk18djw6xtNcUuB1NYb%2FYKq7GeJv1xKIVOsDNh7NkXFOlEpKAvvmhB83BCbTL%2FOdA1LvDo%2BDiSoqO32vI1PauCpsEK%2FrRmJQ43BgNV2KT8fUYBtKcbHh3ShM7TDZWeI%2FEAnVC4IRNsqdGSL0iAC5sifYo3tydGSZzK9u0HkogbXxH4KbYnZ78uL9Xa4KqCOAeSg%2BR5KOzUaPSDQG%2BM89lmPJK6VRSMRgOqVHmlmAnp8eY%2B3RqkY3BvNP8d05Y0qPNlOVoW%2BUWZyNl7Aq9YV8cuLcJX3qvE7d8nWHL%2Fb66AGEN08Q%3D%3D; expires=Wed, 31-Aug-2022 17:17:16 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jToQsyWyl39pndRtC4UG3qOZxpK4XUstQz%2Flur7lgCpTVP6Js7uNc1VvLAMLIDCRtCRNBeSYKt0fq%2BQ1QdsUQyzG9gng%2Ffr1Mk8yUWa%2FCFOtc5ihN%2Bl9wOA9StLTATNPxYW8Z1IYbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6875e9cafe6b4069-CDG
content-encoding
br

Redirect headers

Server
nginx/1.17.9
Date
Tue, 31 Aug 2021 11:28:04 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/1892964107568595119
AN-X-Request-Uuid
6163c6e1-69e0-448d-b0f5-f46e69a461fa
Set-Cookie
uuid2=1892964107568595119; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 29-Nov-2021 11:28:04 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
bsync
visitor.omnitagjs.com/visitor/ Frame 3072 		49 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/bsync?uid=abf65ec65b3e06310c52d0850494081a&name=SMILE_WANTED&url=%20https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadyoulike%2F%5BBUYER_USERID%5D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
visitor.omnitagjs.com
:scheme
https
:path
/visitor/bsync?uid=abf65ec65b3e06310c52d0850494081a&name=SMILE_WANTED&url=%20https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadyoulike%2F%5BBUYER_USERID%5D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://csync.smilewanted.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
expires
0
pragma
no-cache
vary
Accept-Encoding
x-content-type-options
nosniff
date
Tue, 31 Aug 2021 11:28:04 GMT
content-length
49
x-envoy-upstream-service-time
0
server
ayl-lb-fra02
06a72204021b76eeed975cc0
csync.smilewanted.com/set_partner_userid_get/adotmob/ Frame FB9C
Redirect Chain
  • https://sync.adotmob.com/cookie/smilewanted?r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadotmob%2F{amob_user_id}
  • https://csync.smilewanted.com/set_partner_userid_get/adotmob/06a72204021b76eeed975cc0
0
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adotmob/06a72204021b76eeed975cc0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
csync.smilewanted.com
:scheme
https
:path
/set_partner_userid_get/adotmob/06a72204021b76eeed975cc0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://csync.smilewanted.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://csync.smilewanted.com/

Response headers

date
Tue, 31 Aug 2021 11:28:05 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcI6ZcDHtN8oB%2F7DQlGiCLqYSUjtKsSm%2Bd88YCHAucBO8MlDb9fqGEYu7%2FTxQ%2FFPaqILKd8lZyP0yXtuQtwLlJHp6qrv98Hho3ihGfCivosKxnRs22sAUpKf1rUHs1buY%2BERPYwqZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6875e9d27c514069-CDG
content-encoding
br

Redirect headers

X-Powered-By
Express
Vary
Origin
Access-Control-Allow-Credentials
true
Set-Cookie
uid=06a72204021b76eeed975cc0; Domain=.adotmob.com; Path=/; Expires=Fri, 30 Sep 2022 11:28:05 GMT; Secure; SameSite=None uuid=06a72204021b76eeed975cc0; Domain=.adotmob.com; Path=/; Expires=Fri, 30 Sep 2022 11:28:05 GMT; Secure; SameSite=None partners=SMW%3A1630409285487; Domain=.adotmob.com; Path=/; Expires=Fri, 30 Sep 2022 11:28:05 GMT; Secure; SameSite=None
Location
https://csync.smilewanted.com/set_partner_userid_get/adotmob/06a72204021b76eeed975cc0
Date
Tue, 31 Aug 2021 11:28:05 GMT
Content-Length
0
setuid
prebid.adnxs.com/pbs/v1/ Frame BF95
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid.adnxs.com%2Fpbs%2Fv1%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D1%26gdpr_conse...
  • https://prebid.adnxs.com/pbs/v1/setuid?bidder=smilewanted&gdpr=1&gdpr_consent=&f=i&uid=cbd646fc74941c3911b4285814c464fe
36 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.adnxs.com/pbs/v1/setuid?bidder=smilewanted&gdpr=1&gdpr_consent=&f=i&uid=cbd646fc74941c3911b4285814c464fe
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Shepherds Bush, United Kingdom, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.19.0 /
Resource Hash
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

Host
prebid.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://csync.smilewanted.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=1892964107568595119
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://csync.smilewanted.com/

Response headers

Server
nginx/1.19.0
Date
Tue, 31 Aug 2021 11:28:04 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
36
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Pragma
no-cache
Vary
Origin

Redirect headers

date
Tue, 31 Aug 2021 11:28:04 GMT
content-type
text/html; charset=UTF-8
location
https://prebid.adnxs.com/pbs/v1/setuid?bidder=smilewanted&gdpr=1&gdpr_consent=&f=i&uid=cbd646fc74941c3911b4285814c464fe
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrRXUJ%2B%2FJg9%2BwBHrfBxoo76Ykfh2vvKQZ2KyS9PtFC7ocSMLwSY3YeymV%2F7MyU0vI5ypkB4ybbNqHVueOfORW3SNE29bwoJW%2FZUT702gF73t9tPV%2Fmapdw5BMovlC9hiM1iMW3jvng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6875e9cb8faa4069-CDG
async_usersync
ib.adnxs.com/ Frame 4316 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Aug 2021 11:28:04 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6fa07b50-6564-4b5d-a15d-c0c4728a77fa
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| geofeedData function| isGDPRMode function| isCCPAMode object| iaw function| loadCSS string| response_code string| navigatorDevice function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| hj object| _hjSettings object| googletag object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| pbjsChunk object| pbjs object| _pbjsGlobals object| Criteo function| $ function| jQuery function| SearchIndex function| Bloodhound object| cookieconsent function| babInitVoiceButtons function| babCSAlreadyFlagged function| babSearch function| babDictSearchCallBack function| babDictSearchCheck function| babInitSearchField function| babRepeatIt function| babTTS function| babSpeakIt function| babStripTagsWL function| babTP function| babTE object| __bt_tag_d object| __bt_intrnl object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| regeneratorRuntime object| pbstck object| pbstckQ object| Pubstack object| GoogleGcLKhOms object| google_image_requests object| criteo_pubtag object| criteo_pubtag_prebid_105 object| Criteo_prebid_105

13 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: VmA76pLvbKY
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: Tn7QsB26WYU
.babla.vn/ Name: _hjFirstSeen
Value: 1
.babla.vn/ Name: _hjid
Value: aad47828-ff51-4af9-8ba7-4db9e6293482
www.babla.vn/ Name: _sharedID
Value: 6f7d6e95-251d-47ea-95a7-68b17ee21b43
.babla.vn/ Name: _gid
Value: GA1.2.1987344879.1630409280
.babla.vn/ Name: _gat
Value: 1
.babla.vn/ Name: _ga
Value: GA1.2.467946044.1630409280
www.babla.vn/ Name: AWSALB
Value: zKy0JLA0qe1WUbJ3VqkfbDk8yMZZ0k5kBj1HhWpXweO2C0TRjK9aWYXYyktpA9YTs88RH6r1W8OcHZPC4tSdO+Y9nIVbcApsRfcwzRJjTaPJmcW6jVlsWifAzeSR
.babla.vn/ Name: languages
Value: vi.deen.de.en.0..
www.babla.vn/ Name: AWSALBCORS
Value: zKy0JLA0qe1WUbJ3VqkfbDk8yMZZ0k5kBj1HhWpXweO2C0TRjK9aWYXYyktpA9YTs88RH6r1W8OcHZPC4tSdO+Y9nIVbcApsRfcwzRJjTaPJmcW6jVlsWifAzeSR
www.babla.vn/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.babla.vn/ Name: PHPSESSID
Value: v2kiie2ji1pbeftn24mvi39l94

5 Console Messages

Source Level URL
Text
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435(Line 6)
Message:
[GPT] Div ID passed to googletag.display() does not match any defined slots: ad_topslot.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435(Line 6)
Message:
[GPT] Div ID passed to googletag.display() does not match any defined slots: ad_leftslot.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435(Line 6)
Message:
[GPT] Div ID passed to googletag.display() does not match any defined slots: ad_btmslot.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435(Line 6)
Message:
[GPT] Div ID passed to googletag.display() does not match any defined slots: ad_rightslot.
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083001.js?31062435(Line 6)
Message:
Invalid GPT fixed size specification: []

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000 max-age=15780000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

478c6b20ac91837adad39a855377bafa.safeframe.googlesyndication.com
acdn.adnxs.com
ad.yieldlab.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.btloader.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bidder.criteo.com
boot.pbstck.com
btloader.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.pbstck.com
cm.g.doubleclick.net
csync.smilewanted.com
d5p.de17a.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
ice.360yield.com
idm-d.openx.net
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
intake.pbstck.com
js-sec.indexww.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.adnxs.com
prebid.smilewanted.com
prg.smartadserver.com
px.owneriq.net
s.amazon-adsystem.com
s3-eu-west-1.amazonaws.com
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.bab.la
static.criteo.net
static.doubleclick.net
static.hotjar.com
static.smilewanted.com
stats.g.doubleclick.net
sync.adotmob.com
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
vars.hotjar.com
visitor.omnitagjs.com
www.babla.vn
www.google-analytics.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.109.78.125
104.111.218.85
104.111.242.53
13.224.93.105
13.248.242.197
130.211.23.194
142.250.185.226
151.101.13.108
159.253.128.188
172.217.23.98
172.67.71.185
178.250.0.157
178.250.2.131
18.156.195.47
18.195.231.241
18.66.97.10
18.66.97.6
185.183.112.155
185.255.84.153
185.29.132.245
185.33.221.52
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.86.137.32
185.86.138.143
185.94.180.126
2.18.233.180
2.18.234.21
209.54.176.128
213.155.156.165
2606:4700:10::6816:15d
2606:4700:10::ac43:1997
2606:4700:10::ac43:db6
2606:4700:20::681a:70f
2606:4700:20::681a:78b
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1450:4001:802::2002
2a00:1450:4001:803::2016
2a00:1450:4001:808::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2001
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:400c:c0a::9b
2a02:2638:1::13
2a02:2638::3
3.209.222.165
3.66.71.220
34.98.64.218
37.157.3.30
37.252.161.190
37.252.172.250
50.16.141.46
51.222.80.231
52.210.72.163
52.218.92.67
69.173.144.141
69.173.144.165
70.42.32.127
76.223.111.18
92.122.26.214
016c1ffade85a4283b2422ea6a8efea381e3f590b61ece9a0edb3b86ec5273c4
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08fe5cb57ce9abb1fdcbef982be9023147eb283b35a89539acb737d9ee608cf8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf5690bfc2df1a7da94594930825059f27949af60ec76b44b404e68d70b6806
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1caa4cad6f3186068b5c73697dc4ef7e3399afd207edfa2736664cb00aa3d77c
1e90fbaad03f8ad346cac42c97defe25abd61ce4c67cf0e6d1d53f8c31b7bbae
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
235fc676dc26ad1d957bab31ab407ac27b8bce5be5c18451cc83bca595398a1a
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0
31004696327300c743b14dd8bd5e5368839bc778f4b5d58c0f4906c58d5e01a9
33f075e20a85d2f347a2ebb2b83f635a09c1d6168c85a4dccab40e04108b75a3
371f0ceab6655c8448f64525b1d11186cb67ca91398655ddf145c93d77964f91
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
423de8098aebeba62bf253addb95ff66d5b35d4f3ae0882f045c8bca700d8fc7
43527f0e5e74b8a3df9406da7a764a554feb616ecb9eb2fde1c3f5bc1869a0ad
45c24c5cede616689c444265ec162fc2374eeee8634a29bd744ec9bf0d7ab6b9
46ac864eaef04f0b4124dd8bda16a352d8287c4a9a8fa66bba86f5def26b3037
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
493334506fd76f366faf03e8055c209166bbccd57abf96b3d18f9539101f4795
4a4234471086d353f77ef66c3b210f66be7ca9cf3f39c801cb4b10fb4a412e5e
4c777adaf791edc66b0b5977e73a42bc4eb0ca552ca03c7af2174f122b8625a3
4df1680766bbc95546136b461b0e752cc113d9b7d54602443df92181e63f42fe
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5adeda14420c23ed1adffabf5c4e900e4d91aae258613f6e178afdddf328f81e
63884073c630b7bdab4841eccb77662d05bfe036e441a4e4e8753a647e44ce0a
63906a87b384e8116d64107cd09d85cff696ea6ff425449f66703bc2a823046b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6ab920eb96c434d1fff60e1dbc52ab9b4296dd5991fe9accc174ebb13a2c17b8
6b849f9654594434de6b8810a466fa1416a0365ced3a87ce4cacf3ac77d3729e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca3f6d64956475bf9563c55e5c8afb1156bf568e2b2c7a80d72a4a0235b7bf3
6cd5a659a5752962df95614f110e81dcaa701b3f0cad5ab69629fe04771bd605
6e68989f82549929bc73187be7a746aa6e76da689496596eea814bd740846a92
70a15aee8a3698f81baef5bb3ddad28c50bfa696c2906597df112b9874a0907c
71bf24e55df00ade430e45aa96f2d03ce5f05623f64dd7abef0bedf9c413bfbd
74178e1a5dc38b27a5d99e30aec45716e84eeec3c1d9d09880cd561d971c6bfa
746fc1b05a2c56a5b7bf5fd546e3ca1219193d1ae7e932aa912a4ee2a10b955d
789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4
7895d55d11894a333af4ff24b833a9bc7c380022ca4b3cc7a3d74516370da383
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
801614a3f72e3f9ad54aff8a1736c757039a9c0607886c17fe926f06071f623e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
8a3daa73d43573ccfda4487c997b7beded0c201a4ea2166dced366fa0397fd19
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
915d91337f65f3385ad6d9e0a867ae9563dbc87985eced8a266d89a6e6fbd1d3
937feed71ffd28d1ec7d206fb85a997faa808ea562dbdace67adb4f2e6f2cd12
93ad1abfe8ffad1bb4d0ae19552722c495b6fa88e03b3521bbff9c02358c2a37
94059e53a13ebb0d9bca105db7af3d6187d1080fd3507764efdce2e0557fe420
97ded7cde584b8ec1d4c94c3e5f72453a16688fca601f4247946b68013aee977
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b34825eb68ebbe49410251b863c07e811c9e406286c7a8f00f88e83d9729c68
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a0dec25a8d52c447360be4f69ce3057126f71852fb3ec2ca79a4d51b10b95931
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
af056eeeef73f8da4e4d87b76bfe80b62a5a04607a8dd7717c9cbeea61cb42a0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b473636cb1c10eee2ec98ad0ce8493fc7dca9259d2ff6d0669495f98e1f5d238
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1ef807b09e4274db60a8dac7f6d325a666dc703ba3385e8c295c235a655a75d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22dbe3c978a9b5b38ed1a0a1343a675c39c9a5b2281248c74d6a08719968906
cb5917fad36a8737b6aadd461a6c9c4052244472f68f7de691c8cfffce6651fd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d011fec891e4e7af8c7901fd7c25f7831bfc0d931b6ac9754c1b214ab2ab39bb
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d505bfd770f1f0d12ded8e60b0f12ee535a69ab66fb609db4a6188321f7e8f13
d6d3d0e52df21431faa9ce892825477821ea7a61c557b21900319c2660941311
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df15cf4481e505bc8c584dd98860101d285ddf9c0f3ce05f5f650b54cd81335a
e18548ee415ddcdf89c1d2c033cb8dc8d812e599a1a95fb7f34871d91a74d39c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f8e703556ed5844d21cb430a071e95ceaf2c0eb60255979bb4e872da0916fc
e7db92828c0de754ce612ce2247fb8721b6999d19148d54ce8370370b03083dc
e87a6143b6d7c1c84b132ec34682c36bbfb92be274b63a8bf2486d553675a5e9
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3f50c81f0e7c17cda9d1bbe286c9a6c0316e959d142071b608649662b8abb6
f0a5f66269c8763763d24ff474632ecf1f60b976caa11490f83ac45ddf273256
f161de538db293cd811def4d0bcac5762835d2502e53a1f5c86f45e4724c6a85
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb7c9be8484cc6355410f5d0ce78bb928f5bdbf9d53f5c17d14d5236d0ca171c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fde4430ecdd92d7a0a565d5116726168db33892a9330d64b4c6b850e459c71c9
fe6c515919d58c3b22ea42d74ba7d858c0a10d2fd182832368e1ec51aeb27f2e
feef2ee4f187231eac47ca50712161da853390f3d431cdb2668486919a3c7d43