Submitted URL: http://vnsava.com/
Effective URL: https://vnsava.com/
Submission: On November 02 via api from US — Scanned from AU

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 78 HTTP transactions. The main IP is 202.134.241.110, located in Australia and belongs to LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG. The main domain is vnsava.com.
TLS certificate: Issued by R10 on September 13th 2024. Valid for: 3 months.
This is the only time vnsava.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 202.134.241.110 59253 (LEASEWEB-...)
1 172.217.24.42 15169 (GOOGLE)
4 142.250.66.194 15169 (GOOGLE)
2 172.217.24.40 15169 (GOOGLE)
15 142.250.204.3 15169 (GOOGLE)
12 172.217.24.46 15169 (GOOGLE)
11 172.217.24.34 15169 (GOOGLE)
78 8
Apex Domain
Subdomains
Transfer
28 vnsava.com
vnsava.com
1 MB
15 gstatic.com
fonts.gstatic.com
294 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
9 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
73 KB
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
257 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
173 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
3 KB
0 adtrafficquality.google Failed
ep1.adtrafficquality.google Failed
78 9
Domain Requested by
28 vnsava.com vnsava.com
15 fonts.gstatic.com fonts.googleapis.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
9 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 pagead2.googlesyndication.com vnsava.com
pagead2.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com vnsava.com
www.googletagmanager.com
1 fonts.googleapis.com vnsava.com
0 ep1.adtrafficquality.google Failed pagead2.googlesyndication.com
78 9
Subject Issuer Validity Valid
datxoiche.com
R10
2024-09-13 -
2024-12-12
3 months crt.sh
upload.video.google.com
WE2
2024-10-14 -
2025-01-06
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.google-analytics.com
WE2
2024-10-14 -
2025-01-06
3 months crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.google.com
WE2
2024-10-14 -
2025-01-06
3 months crt.sh

This page contains 12 frames:

Primary Page: https://vnsava.com/
Frame ID: 606562B601AD7CD95DE3CC2ED69AF8AC
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: AF2875B60B8BCBBAE819A9B3E04C861D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3845806199654395&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730570672&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fvnsava.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730570672042&bpp=15&bdt=626&idt=600&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4352394206380&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088129%2C95343682%2C95344188%2C95344790%2C95345788%2C95345963%2C95345966&oid=2&pvsid=3324284177603338&tmod=1488287623&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaBTYuMS43&ifi=1&uci=a!1&fsb=1&dtd=622
Frame ID: 145637BAB2B96E892138433D75674793
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3845806199654395&output=html&h=280&adk=2572907811&adf=1607275616&pi=t.aa~a.467178120~rp.1&w=1068&abgtt=6&fwrn=4&fwrnh=100&lmt=1730570672&rafmt=1&to=qs&pwprc=4739626111&format=1068x280&url=https%3A%2F%2Fvnsava.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730570672057&bpp=3&bdt=641&idt=626&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=4352394206380&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=137&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088129%2C95343682%2C95344188%2C95344790%2C95345788%2C95345963%2C95345966&oid=2&pvsid=3324284177603338&tmod=1488287623&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaBTYuMS43&ifi=2&uci=a!2&fsb=1&dtd=634
Frame ID: F0A94235BBD3BF437181CC27CF4CAC46
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3845806199654395&output=html&h=280&adk=825265365&adf=2481478204&pi=t.aa~a.3770606125~rp.4&w=696&abgtt=6&fwrn=1&fwrnh=100&lmt=1730570674&rafmt=1&to=qs&pwprc=4739626111&format=696x280&url=https%3A%2F%2Fvnsava.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730570674065&bpp=1&bdt=2649&idt=-M&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d85b69df39fd5a7%3AT%3D1730570672%3ART%3D1730570672%3AS%3DALNI_MaB2_2xGfJiKXB88JdlSOcgEBjixg&gpic=UID%3D00000f4f4f8b5603%3AT%3D1730570672%3ART%3D1730570672%3AS%3DALNI_MYPZmIc1YNdUL4NSzkfmk78SMG-UA&eo_id_str=ID%3D4cc4887a91113670%3AT%3D1730570672%3ART%3D1730570672%3AS%3DAA-AfjZThLwtlmMU1F-Fbxrq4xma&prev_fmts=0x0%2C1068x280&nras=3&correlator=4352394206380&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088129%2C95343682%2C95344188%2C95344790%2C95345788%2C95345963%2C95345966&oid=2&pvsid=3324284177603338&tmod=1488287623&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaBTYuMS43&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=631
Frame ID: 2CF35D5209D59A4B7E915DD1815D9BD6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3845806199654395&output=html&h=280&adk=825265365&adf=4009317662&pi=t.aa~a.3770611254~rp.4&w=696&abgtt=6&fwrn=1&fwrnh=100&lmt=1730570674&rafmt=1&to=qs&pwprc=4739626111&format=696x280&url=https%3A%2F%2Fvnsava.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730570674065&bpp=1&bdt=2649&idt=-M&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d85b69df39fd5a7%3AT%3D1730570672%3ART%3D1730570672%3AS%3DALNI_MaB2_2xGfJiKXB88JdlSOcgEBjixg&gpic=UID%3D00000f4f4f8b5603%3AT%3D1730570672%3ART%3D1730570672%3AS%3DALNI_MYPZmIc1YNdUL4NSzkfmk78SMG-UA&eo_id_str=ID%3D4cc4887a91113670%3AT%3D1730570672%3ART%3D1730570672%3AS%3DAA-AfjZThLwtlmMU1F-Fbxrq4xma&prev_fmts=0x0%2C1068x280%2C696x280&nras=4&correlator=4352394206380&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2865&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088129%2C95343682%2C95344188%2C95344790%2C95345788%2C95345963%2C95345966&oid=2&pvsid=3324284177603338&tmod=1488287623&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaBTYuMS43&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=638
Frame ID: 6772BB39A8AF149BAC89C2FD566AD79A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3845806199654395&output=html&h=250&adk=4246380789&adf=1543753041&pi=t.aa~a.962261146~rp.4&w=324&abgtt=6&fwrn=4&fwrnh=100&lmt=1730570674&rafmt=1&to=qs&pwprc=4739626111&format=324x250&url=https%3A%2F%2Fvnsava.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730570674065&bpp=1&bdt=2649&idt=-M&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d85b69df39fd5a7%3AT%3D1730570672%3ART%3D1730570672%3AS%3DALNI_MaB2_2xGfJiKXB88JdlSOcgEBjixg&gpic=UID%3D00000f4f4f8b5603%3AT%3D1730570672%3ART%3D1730570672%3AS%3DALNI_MYPZmIc1YNdUL4NSzkfmk78SMG-UA&eo_id_str=ID%3D4cc4887a91113670%3AT%3D1730570672%3ART%3D1730570672%3AS%3DAA-AfjZThLwtlmMU1F-Fbxrq4xma&prev_fmts=0x0%2C1068x280%2C696x280%2C696x280&nras=5&correlator=4352394206380&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088129%2C95343682%2C95344188%2C95344790%2C95345788%2C95345963%2C95345966&oid=2&pvsid=3324284177603338&tmod=1488287623&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaBTYuMS43&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=642
Frame ID: 79F03EDC39752FFDA1292F69CFAF5062
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3845806199654395&output=html&h=280&adk=825265365&adf=2006879299&pi=t.aa~a.3770608223~rp.4&w=696&abgtt=6&fwrn=1&fwrnh=100&lmt=1730570674&rafmt=1&to=qs&pwprc=4739626111&format=696x280&url=https%3A%2F%2Fvnsava.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730570674065&bpp=1&bdt=2649&idt=-M&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d85b69df39fd5a7%3AT%3D1730570672%3ART%3D1730570672%3AS%3DALNI_MaB2_2xGfJiKXB88JdlSOcgEBjixg&gpic=UID%3D00000f4f4f8b5603%3AT%3D1730570672%3ART%3D1730570672%3AS%3DALNI_MYPZmIc1YNdUL4NSzkfmk78SMG-UA&eo_id_str=ID%3D4cc4887a91113670%3AT%3D1730570672%3ART%3D1730570672%3AS%3DAA-AfjZThLwtlmMU1F-Fbxrq4xma&prev_fmts=0x0%2C1068x280%2C696x280%2C696x280%2C324x250&nras=6&correlator=4352394206380&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088129%2C95343682%2C95344188%2C95344790%2C95345788%2C95345963%2C95345966&oid=2&pvsid=3324284177603338&tmod=1488287623&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaBTYuMS43&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=648
Frame ID: EC5B902FF85F163C8D7D3F1783B57E9A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: DBEBD77B603772975365F9F3300434FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: 3D38E8E2C72F816F85E08FD77D7D7564
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: 79BE05406D5B4C1D899AC74788796341
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: 1AD14A56F7C4A9180049BB23C43F6919
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Tư vấn du học Vnsava.com

Page URL History Show full URLs

  1. http://vnsava.com/ HTTP 307
    https://vnsava.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

78
Requests

94 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

8
IPs

2
Countries

1957 kB
Transfer

4482 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vnsava.com/ HTTP 307
    https://vnsava.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
vnsava.com/
Redirect Chain
  • http://vnsava.com/
  • https://vnsava.com/
90 KB
17 KB
Document
General
Full URL
https://vnsava.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed / PHP/8.0.30
Resource Hash
13c160a82b7a0e64e2697099031ffe11e82a1e5ab9773a58950669e147256d91

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 02 Nov 2024 18:04:31 GMT
link
<https://vnsava.com/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.0.30

Redirect headers

Location
https://vnsava.com/
Non-Authoritative-Reason
HttpsUpgrades
style.min.css
vnsava.com/wp-includes/css/dist/block-library/
93 KB
11 KB
Stylesheet
General
Full URL
https://vnsava.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.7
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
content-encoding
br
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
11632
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
text/css
last-modified
Sat, 20 May 2023 15:32:12 GMT
vary
Accept-Encoding
server
LiteSpeed
classic-themes.min.css
vnsava.com/wp-includes/css/
217 B
270 B
Stylesheet
General
Full URL
https://vnsava.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
217
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
text/css
last-modified
Sun, 13 Nov 2022 01:22:27 GMT
server
LiteSpeed
automatic-upload-images-public.css
vnsava.com/wp-content/plugins/automatic-upload-images/public/css/
98 B
151 B
Stylesheet
General
Full URL
https://vnsava.com/wp-content/plugins/automatic-upload-images/public/css/automatic-upload-images-public.css?ver=1.0.0
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
98
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
text/css
last-modified
Thu, 23 Sep 2021 04:35:30 GMT
server
LiteSpeed
css
fonts.googleapis.com/
49 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f42.1e100.net
Software
ESF /
Resource Hash
3697fb23491fe236bd948bebaba0a584cacf4667ca2bcebf8bcf175c4ca226e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 18:04:31 GMT
alt-svc
h3=":443"; ma=2592000
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 02 Nov 2024 18:04:31 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style.css
vnsava.com/wp-content/themes/THEME%201/
1 MB
118 KB
Stylesheet
General
Full URL
https://vnsava.com/wp-content/themes/THEME%201/style.css?ver=9.6
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
7364672bd763862a889fe900f5bb3abc22770c709eebd9f0064cd28833198530

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
content-encoding
br
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
120449
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
text/css
last-modified
Wed, 06 Mar 2019 23:51:22 GMT
vary
Accept-Encoding
server
LiteSpeed
demo_style.css
vnsava.com/wp-content/themes/THEME%201/includes/demos/college/
413 B
227 B
Stylesheet
General
Full URL
https://vnsava.com/wp-content/themes/THEME%201/includes/demos/college/demo_style.css?ver=9.6
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
ff099241aab30034b641871095d946669f5eebbd89988f4277c59399a28b151a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
content-encoding
br
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
172
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
text/css
last-modified
Wed, 06 Mar 2019 23:50:38 GMT
vary
Accept-Encoding
server
LiteSpeed
jquery.min.js
vnsava.com/wp-includes/js/jquery/
88 KB
30 KB
Script
General
Full URL
https://vnsava.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
content-encoding
br
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
30324
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
application/javascript
last-modified
Sun, 13 Nov 2022 01:22:29 GMT
vary
Accept-Encoding
server
LiteSpeed
jquery-migrate.min.js
vnsava.com/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://vnsava.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
content-encoding
br
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
3995
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
application/javascript
last-modified
Sun, 13 Nov 2022 01:22:29 GMT
vary
Accept-Encoding
server
LiteSpeed
automatic-upload-images-public.js
vnsava.com/wp-content/plugins/automatic-upload-images/public/js/
838 B
444 B
Script
General
Full URL
https://vnsava.com/wp-content/plugins/automatic-upload-images/public/js/automatic-upload-images-public.js?ver=1.0.0
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
content-encoding
br
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
412
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
application/javascript
last-modified
Thu, 23 Sep 2021 04:35:30 GMT
vary
Accept-Encoding
server
LiteSpeed
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
159 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3845806199654395
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
120a78ead766e9a8631aa5a7ab045cbf2989f6026df1c6f492ca2f818216779f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://vnsava.com/

Response headers

content-encoding
br
etag
11829037382454570976
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 18:04:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53711
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/
221 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-158122614-1
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e73e0bad1635a9b771b2ddc741064958880ebc9a0d90963cac6ea0445c0f7799
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 02 Nov 2024 18:04:31 GMT
alt-svc
h3=":443"; ma=2592000
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80707
x-xss-protection
0
server
Google Tag Manager
wp-emoji-release.min.js
vnsava.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://vnsava.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.7
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
content-encoding
br
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
4619
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
application/javascript
last-modified
Sun, 13 Nov 2022 01:22:28 GMT
vary
Accept-Encoding
server
LiteSpeed
logo_transparent-300x300.png
vnsava.com/wp-content/uploads/2020/01/
7 KB
7 KB
Image
General
Full URL
https://vnsava.com/wp-content/uploads/2020/01/logo_transparent-300x300.png
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
f293c140da2bad3773f39272ca880bcbecf0af5ec3a3e67fce96441449ea4810

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
7198
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
image/png
last-modified
Wed, 15 Jan 2020 15:35:21 GMT
server
LiteSpeed
ssdh-allianz-e1586145843447-218x150.jpg
vnsava.com/wp-content/uploads/2022/07/
8 KB
8 KB
Image
General
Full URL
https://vnsava.com/wp-content/uploads/2022/07/ssdh-allianz-e1586145843447-218x150.jpg
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
eac4073d5e986322d8d81d583859befc62099c14236ccb97b6311672c91d6696

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
8251
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
image/jpeg
last-modified
Mon, 11 Jul 2022 11:42:27 GMT
server
LiteSpeed
chuong-trinh-pathway-la-gi-218x150.jpg
vnsava.com/wp-content/uploads/2022/07/
11 KB
11 KB
Image
General
Full URL
https://vnsava.com/wp-content/uploads/2022/07/chuong-trinh-pathway-la-gi-218x150.jpg
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
b6251a215d21a6b24853795db941fc1404fbb9be8e0d594c12a4dbc11358ba44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
11232
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
image/jpeg
last-modified
Sat, 02 Jul 2022 14:53:54 GMT
server
LiteSpeed
word-image-1351-218x150.png
vnsava.com/wp-content/uploads/2022/07/
62 KB
62 KB
Image
General
Full URL
https://vnsava.com/wp-content/uploads/2022/07/word-image-1351-218x150.png
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
ffa1953b21fc0a4627185b7492b74e85589e6543584c6eeed143874eb5645dd4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
63244
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
image/png
last-modified
Tue, 12 Jul 2022 06:54:42 GMT
server
LiteSpeed
bao-hiem-y-te-du-hoc-uc-oshc-1_1558779207-218x150.jpg
vnsava.com/wp-content/uploads/2022/07/
9 KB
9 KB
Image
General
Full URL
https://vnsava.com/wp-content/uploads/2022/07/bao-hiem-y-te-du-hoc-uc-oshc-1_1558779207-218x150.jpg
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
3d34ac2be24d4ad2e29113554eb2eb0217af89b76ef6b068f6c826e544f3c899

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
8899
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
image/jpeg
last-modified
Sat, 02 Jul 2022 16:45:01 GMT
server
LiteSpeed
students-working-at-desk-218x150.jpg
vnsava.com/wp-content/uploads/2022/07/
10 KB
10 KB
Image
General
Full URL
https://vnsava.com/wp-content/uploads/2022/07/students-working-at-desk-218x150.jpg
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
0379194edd870caf9f451b64eb3740671e1ac802c5ebb0fa53a03522ff5ed7f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
9868
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
image/jpeg
last-modified
Mon, 11 Jul 2022 14:11:36 GMT
server
LiteSpeed
ssdh-allianz-e1586145843447-696x385.jpg
vnsava.com/wp-content/uploads/2022/07/
36 KB
36 KB
Image
General
Full URL
https://vnsava.com/wp-content/uploads/2022/07/ssdh-allianz-e1586145843447-696x385.jpg
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
b78fcbd22498440f17cf4c720b98d73e060bc529720fbfe27ce2568be0bead80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
36510
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
image/jpeg
last-modified
Mon, 11 Jul 2022 11:42:28 GMT
server
LiteSpeed
chuong-trinh-pathway-la-gi-696x385.jpg
vnsava.com/wp-content/uploads/2022/07/
50 KB
50 KB
Image
General
Full URL
https://vnsava.com/wp-content/uploads/2022/07/chuong-trinh-pathway-la-gi-696x385.jpg
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
9900ea717c7a6b05420b209a40aab5fbc9861f8f52729052dac9b8d84b166e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
51110
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
image/jpeg
last-modified
Sat, 02 Jul 2022 14:53:54 GMT
server
LiteSpeed
word-image-1351-696x375.png
vnsava.com/wp-content/uploads/2022/07/
335 KB
335 KB
Image
General
Full URL
https://vnsava.com/wp-content/uploads/2022/07/word-image-1351-696x375.png
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
c579aefbc3ef6f5ef17e31fedd89eecc654eabde2346a0c302c20c290e914efa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
342635
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
image/png
last-modified
Tue, 12 Jul 2022 06:54:43 GMT
server
LiteSpeed
bao-hiem-y-te-du-hoc-uc-oshc-1_1558779207-696x385.jpg
vnsava.com/wp-content/uploads/2022/07/
54 KB
54 KB
Image
General
Full URL
https://vnsava.com/wp-content/uploads/2022/07/bao-hiem-y-te-du-hoc-uc-oshc-1_1558779207-696x385.jpg
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
5358d3de2835d7f582dd7ee728db78be77a43e1d7b426c9c9bc35ae0f07e15bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
54885
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
image/jpeg
last-modified
Sat, 02 Jul 2022 16:45:01 GMT
server
LiteSpeed
students-working-at-desk-696x385.jpg
vnsava.com/wp-content/uploads/2022/07/
43 KB
43 KB
Image
General
Full URL
https://vnsava.com/wp-content/uploads/2022/07/students-working-at-desk-696x385.jpg
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
a4b5da2d5945b7298cf6a30212e45411c12ee24ccb8335f5943165c809645f0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
43837
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
image/jpeg
last-modified
Mon, 11 Jul 2022 14:11:36 GMT
server
LiteSpeed
cu-nhan-la-gi-3-loi-ich-sau-khi-ra-truong-neu-co-bang-cu-15-800x533-1-696x385.jpg
vnsava.com/wp-content/uploads/2022/07/
43 KB
43 KB
Image
General
Full URL
https://vnsava.com/wp-content/uploads/2022/07/cu-nhan-la-gi-3-loi-ich-sau-khi-ra-truong-neu-co-bang-cu-15-800x533-1-696x385.jpg
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
6042ebe44f979bbedd28e04be70da6d811cb39792e1890f8fb173c2ffb3cd539

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
44174
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
image/jpeg
last-modified
Sat, 02 Jul 2022 08:18:11 GMT
server
LiteSpeed
cefr-diagram-696x385.jpg
vnsava.com/wp-content/uploads/2022/07/
44 KB
44 KB
Image
General
Full URL
https://vnsava.com/wp-content/uploads/2022/07/cefr-diagram-696x385.jpg
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
45de68d5ea3bb96656dcd125cd8e8ba153b2952fe44db7315252a42d6e76ea96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
44559
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
image/jpeg
last-modified
Fri, 01 Jul 2022 08:02:11 GMT
server
LiteSpeed
commonapp.jpg
vnsava.com/wp-content/uploads/2022/07/
22 KB
22 KB
Image
General
Full URL
https://vnsava.com/wp-content/uploads/2022/07/commonapp.jpg
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
e3a519926b31f12088098904d5ded69e3265abb8c2142aaae0f3ab4ced5f7467

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
22845
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
image/jpeg
last-modified
Sat, 02 Jul 2022 06:33:36 GMT
server
LiteSpeed
sevis-logo-696x385.jpg
vnsava.com/wp-content/uploads/2022/07/
34 KB
34 KB
Image
General
Full URL
https://vnsava.com/wp-content/uploads/2022/07/sevis-logo-696x385.jpg
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
97f759d55f6a1aa9453a1ea0433a1afe5361423c872ee479de8ef985b7ddeae6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
35045
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
image/jpeg
last-modified
Sat, 02 Jul 2022 04:44:51 GMT
server
LiteSpeed
luu-hoc-sinh-la-gi.jpg
vnsava.com/wp-content/uploads/2022/07/
14 KB
14 KB
Image
General
Full URL
https://vnsava.com/wp-content/uploads/2022/07/luu-hoc-sinh-la-gi.jpg
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
95f775a035404a0b3b12351a3fe75800796a346cb320fa6fe3460d83e1e4644e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
14010
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
image/jpeg
last-modified
Sat, 02 Jul 2022 06:59:03 GMT
server
LiteSpeed
tagdiv_theme.min.js
vnsava.com/wp-content/themes/THEME%201/js/
223 KB
50 KB
Script
General
Full URL
https://vnsava.com/wp-content/themes/THEME%201/js/tagdiv_theme.min.js?ver=9.6
Requested by
Host: vnsava.com
URL: https://vnsava.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
eb78c477ad54f113858789553c8d6a570c0bb27a5a88bea27093923c21e29fe6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
public, max-age=604800
content-encoding
br
expires
Sat, 09 Nov 2024 18:04:31 GMT
accept-ranges
bytes
content-length
50859
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
application/javascript
last-modified
Wed, 06 Mar 2019 23:50:58 GMT
vary
Accept-Encoding
server
LiteSpeed
truncated
/
121 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
newspaper.woff
vnsava.com/wp-content/themes/THEME%201/images/icons/
120 KB
120 KB
Font
General
Full URL
https://vnsava.com/wp-content/themes/THEME%201/images/icons/newspaper.woff?16
Requested by
Host: vnsava.com
URL: https://vnsava.com/wp-content/themes/THEME%201/style.css?ver=9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
202.134.241.110 , Australia, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
202.134.241.110-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
765376402c1662f9456c85c6712339b6e8be5bf07fe700f77187c8b87a0d45a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://vnsava.com/wp-content/themes/THEME%201/style.css?ver=9.6

Response headers

accept-ranges
bytes
content-length
122756
date
Sat, 02 Nov 2024 18:04:31 GMT
content-type
font/woff
last-modified
Wed, 06 Mar 2019 23:50:34 GMT
server
LiteSpeed
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://fonts.googleapis.com/

Response headers

age
1075
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 17:46:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 17:46:36 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://fonts.googleapis.com/

Response headers

age
2105
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 17:29:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 17:29:26 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://fonts.googleapis.com/

Response headers

age
99551
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 01 Nov 2025 14:25:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 14:25:20 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://fonts.googleapis.com/

Response headers

age
1186
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 17:44:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 17:44:45 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://fonts.googleapis.com/

Response headers

age
1703
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 17:36:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 17:36:08 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
16552
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://fonts.googleapis.com/

Response headers

age
145676
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 01 Nov 2025 01:36:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 01 Nov 2024 01:36:35 GMT
last-modified
Thu, 14 Dec 2023 02:00:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
35328
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://fonts.googleapis.com/

Response headers

age
1723
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 17:35:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 17:35:48 GMT
last-modified
Thu, 01 Aug 2024 20:41:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
12456
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/
6 KB
6 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
666d5c2b0e7ef0cc2c46675b88b5867ccb5cc6ec89a52b8da94caa68a6bf8d13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://fonts.googleapis.com/

Response headers

age
968
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 17:48:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 17:48:23 GMT
last-modified
Thu, 01 Aug 2024 20:41:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
5796
x-xss-protection
0
server
sffe
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/
49 KB
49 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://fonts.googleapis.com/

Response headers

age
2115
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 17:29:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 17:29:16 GMT
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
50296
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/
6 KB
6 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
da86283c34030c89397605c7e7e43c3e9a649287087b5afed839332c87be3761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://fonts.googleapis.com/

Response headers

age
1069
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 17:46:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 17:46:42 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
5708
x-xss-protection
0
server
sffe
KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v32/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
a82cf4c922189b14c3f7ebe5a2d8b6cea17ed594a92457095eb679a43ec1c738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://fonts.googleapis.com/

Response headers

age
2073
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 17:29:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 17:29:58 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20160
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://fonts.googleapis.com/

Response headers

age
330079
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 22:23:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 22:23:12 GMT
last-modified
Thu, 01 Aug 2024 20:41:26 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
12304
x-xss-protection
0
server
sffe
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v32/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://fonts.googleapis.com/

Response headers

age
376839
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 09:23:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 09:23:52 GMT
last-modified
Thu, 01 Aug 2024 20:41:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20144
x-xss-protection
0
server
sffe
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/
434 KB
145 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3845806199654395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
7ac5d4a6a356134e719c9decb781a6dd5544acd45b4355321bdb92becfbeea39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

content-encoding
br
etag
8316480100650629647
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 18:04:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 02 Nov 2024 18:04:32 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147979
x-xss-protection
0
server
cafe
KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/
6 KB
6 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
9b2da7c38d34ace18801291959a5fc03c369f5bd2aea33cb488da61d9f39ff2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://fonts.googleapis.com/

Response headers

age
1254
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 17:43:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 17:43:38 GMT
last-modified
Thu, 01 Aug 2024 20:41:20 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
5864
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
sffe /
Resource Hash
3e8f8a1d4f1a37245c6b7acbaa44a6c04975d1e21b038f7128be586482ffe4b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://vnsava.com
Referer
https://fonts.googleapis.com/

Response headers

age
2118
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 17:29:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 17:29:14 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
12280
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/
265 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K64FNVXG4X&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158122614-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6b87b89d4f9856062e47d704aef82d84d18f6608f96159308bfbadcbd46c70c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 02 Nov 2024 18:04:32 GMT
alt-svc
h3=":443"; ma=2592000
date
Sat, 02 Nov 2024 18:04:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
95456
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158122614-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

content-encoding
gzip
age
51
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 20:03:41 GMT
alt-svc
h3=":443"; ma=2592000
date
Sat, 02 Nov 2024 18:03:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-K64FNVXG4X&gtm=45je4au0v9112399002za200&_p=1730570671791&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=164609093.1730570672&ul=en-au&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1730570672&sct=1&seg=0&dl=https%3A%2F%2Fvnsava.com%2F&dt=T%C6%B0%20v%E1%BA%A5n%20du%20h%E1%BB%8Dc%20Vnsava.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2283
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K64FNVXG4X&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://vnsava.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000
date
Sat, 02 Nov 2024 18:04:32 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/j/
1 B
304 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1700220783&t=pageview&_s=1&dl=https%3A%2F%2Fvnsava.com%2F&ul=en-au&de=UTF-8&dt=T%C6%B0%20v%E1%BA%A5n%20du%20h%E1%BB%8Dc%20Vnsava.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=977793544&gjid=834178269&cid=164609093.1730570672&tid=UA-158122614-1&_gid=1606561740.1730570673&_r=1&gtm=457e4au0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&jsscut=1&z=1435418708
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://vnsava.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
date
Sat, 02 Nov 2024 18:04:32 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://vnsava.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame AF28
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnsava.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
3172
alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 17:11:40 GMT
etag
7893594074132303741
expires
Sat, 16 Nov 2024 17:11:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1456
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3845806199654395&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730570672&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fvnsava.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730570672042&bpp=15&bdt=626&idt=600&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4352394206380&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088129%2C95343682%2C95344188%2C95344790%2C95345788%2C95345963%2C95345966&oid=2&pvsid=3324284177603338&tmod=1488287623&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaBTYuMS43&ifi=1&uci=a!1&fsb=1&dtd=622
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnsava.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
151813
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 18:04:33 GMT
expires
Sat, 02 Nov 2024 18:04:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F0A9
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3845806199654395&output=html&h=280&adk=2572907811&adf=1607275616&pi=t.aa~a.467178120~rp.1&w=1068&abgtt=6&fwrn=4&fwrnh=100&lmt=1730570672&rafmt=1&to=qs&pwprc=4739626111&format=1068x280&url=https%3A%2F%2Fvnsava.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730570672057&bpp=3&bdt=641&idt=626&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=2&correlator=4352394206380&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=137&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088129%2C95343682%2C95344188%2C95344790%2C95345788%2C95345963%2C95345966&oid=2&pvsid=3324284177603338&tmod=1488287623&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaBTYuMS43&ifi=2&uci=a!2&fsb=1&dtd=634
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnsava.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
406
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 18:04:33 GMT
expires
Sat, 02 Nov 2024 18:04:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/
178 KB
60 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
03f6841694c063652bfae377609e577122ecc3f4a9b8a01cf7671688857c5c3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

content-encoding
br
etag
6662172211638502815
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 18:04:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 02 Nov 2024 18:04:33 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
61053
x-xss-protection
0
server
cafe
ca-pub-3845806199654395
fundingchoicesmessages.google.com/i/
196 KB
65 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-3845806199654395?href=https%3A%2F%2Fvnsava.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
ESF /
Resource Hash
4db6f03dbc41b08a9d698ce1e400786d6a0c61a28f992e0a58bbd0e18a13b5b5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-48LvJvIRWCgyArQrTf9DdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
date
Sat, 02 Nov 2024 18:04:34 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw05BikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4Nl2euZNNYMOUY1sZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDYwN9AwM4gsMAHb0P80"
content-security-policy
script-src 'report-sample' 'nonce-48LvJvIRWCgyArQrTf9DdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxVew1eUlnwS3AjIUq0b-D7sGXMWMjqSmE0CxHjJgGTTkzMZJOooz_NgN_gKMJXEbUOLgjvnNcmXY7k5H_roYU0nfauIzLBqzJ67AV_-rvLSh0w8e9JRPGaWEXDCXb5F06wIWNienw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVew1eUlnwS3AjIUq0b-D7sGXMWMjqSmE0CxHjJgGTTkzMZJOooz_NgN_gKMJXEbUOLgjvnNcmXY7k5H_roYU0nfauIzLBqzJ67AV_-rvLSh0w8e9JRPGaWEXDCXb5F06wIWNienw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMzWKI9aYYnQVl7v1Yv4tf2TeoIY_Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ml1N2huCnpoZfpuv-4qzEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://vnsava.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
date
Sat, 02 Nov 2024 18:04:34 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHYdHnmTjaBFe9v9TAruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDA2NDPQPz-AIDAEXaKQ0"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ml1N2huCnpoZfpuv-4qzEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://vnsava.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxV7CzANdszDXryahiKPNt6p4smTyS9AYBDThPmxcC57lWeX-r276-joZs32RD2k5qajubLSehky-eNYSOqdLQVh7auWI6OVXPt3-xOpSDqz_JN1E6229GyvGEUui0tQRI-nQkXaCA==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV7CzANdszDXryahiKPNt6p4smTyS9AYBDThPmxcC57lWeX-r276-joZs32RD2k5qajubLSehky-eNYSOqdLQVh7auWI6OVXPt3-xOpSDqz_JN1E6229GyvGEUui0tQRI-nQkXaCA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNTcwNjc0LDY5MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly92bnNhdmEuY29tLyIsbnVsbCxbWzgsIllzZ09PY3R1a3JJIl0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMzWKI9aYYnQVl7v1Yv4tf2TeoIY_Q/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
ESF /
Resource Hash
e2dfdd5557d850e6fef52050620e376085b4836e01f0a0708155a60bad04a888
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-GRcAY2jhn7JRe9k-RYBmbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
date
Sat, 02 Nov 2024 18:04:34 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII0pBiOHnrNtNFIJb4-pJJDYid0mewBgBx681zrJOBOOnfedYCIHbXusjqD8SGCpdY7YHYsegSqycQq_ZcYjUG4vvrLrE-B-IiiSusDUB8u-kK62MgZvh6hZUDiIV4ODZdnrmTTWDGw_aXTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgbGBnoGBvEFBgCri0UU"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-GRcAY2jhn7JRe9k-RYBmbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
ads
googleads.g.doubleclick.net/pagead/ Frame 2CF3
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3845806199654395&output=html&h=280&adk=825265365&adf=2481478204&pi=t.aa~a.3770606125~rp.4&w=696&abgtt=6&fwrn=1&fwrnh=100&lmt=1730570674&rafmt=1&to=qs&pwprc=4739626111&format=696x280&url=https%3A%2F%2Fvnsava.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730570674065&bpp=1&bdt=2649&idt=-M&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d85b69df39fd5a7%3AT%3D1730570672%3ART%3D1730570672%3AS%3DALNI_MaB2_2xGfJiKXB88JdlSOcgEBjixg&gpic=UID%3D00000f4f4f8b5603%3AT%3D1730570672%3ART%3D1730570672%3AS%3DALNI_MYPZmIc1YNdUL4NSzkfmk78SMG-UA&eo_id_str=ID%3D4cc4887a91113670%3AT%3D1730570672%3ART%3D1730570672%3AS%3DAA-AfjZThLwtlmMU1F-Fbxrq4xma&prev_fmts=0x0%2C1068x280&nras=3&correlator=4352394206380&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=1889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088129%2C95343682%2C95344188%2C95344790%2C95345788%2C95345963%2C95345966&oid=2&pvsid=3324284177603338&tmod=1488287623&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaBTYuMS43&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=631
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnsava.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
49081
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 18:04:35 GMT
expires
Sat, 02 Nov 2024 18:04:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6772
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3845806199654395&output=html&h=280&adk=825265365&adf=4009317662&pi=t.aa~a.3770611254~rp.4&w=696&abgtt=6&fwrn=1&fwrnh=100&lmt=1730570674&rafmt=1&to=qs&pwprc=4739626111&format=696x280&url=https%3A%2F%2Fvnsava.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730570674065&bpp=1&bdt=2649&idt=-M&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d85b69df39fd5a7%3AT%3D1730570672%3ART%3D1730570672%3AS%3DALNI_MaB2_2xGfJiKXB88JdlSOcgEBjixg&gpic=UID%3D00000f4f4f8b5603%3AT%3D1730570672%3ART%3D1730570672%3AS%3DALNI_MYPZmIc1YNdUL4NSzkfmk78SMG-UA&eo_id_str=ID%3D4cc4887a91113670%3AT%3D1730570672%3ART%3D1730570672%3AS%3DAA-AfjZThLwtlmMU1F-Fbxrq4xma&prev_fmts=0x0%2C1068x280%2C696x280&nras=4&correlator=4352394206380&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=2865&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088129%2C95343682%2C95344188%2C95344790%2C95345788%2C95345963%2C95345966&oid=2&pvsid=3324284177603338&tmod=1488287623&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaBTYuMS43&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=638
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnsava.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
31730
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 18:04:35 GMT
expires
Sat, 02 Nov 2024 18:04:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 79F0
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3845806199654395&output=html&h=250&adk=4246380789&adf=1543753041&pi=t.aa~a.962261146~rp.4&w=324&abgtt=6&fwrn=4&fwrnh=100&lmt=1730570674&rafmt=1&to=qs&pwprc=4739626111&format=324x250&url=https%3A%2F%2Fvnsava.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730570674065&bpp=1&bdt=2649&idt=-M&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d85b69df39fd5a7%3AT%3D1730570672%3ART%3D1730570672%3AS%3DALNI_MaB2_2xGfJiKXB88JdlSOcgEBjixg&gpic=UID%3D00000f4f4f8b5603%3AT%3D1730570672%3ART%3D1730570672%3AS%3DALNI_MYPZmIc1YNdUL4NSzkfmk78SMG-UA&eo_id_str=ID%3D4cc4887a91113670%3AT%3D1730570672%3ART%3D1730570672%3AS%3DAA-AfjZThLwtlmMU1F-Fbxrq4xma&prev_fmts=0x0%2C1068x280%2C696x280%2C696x280&nras=5&correlator=4352394206380&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=3177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088129%2C95343682%2C95344188%2C95344790%2C95345788%2C95345963%2C95345966&oid=2&pvsid=3324284177603338&tmod=1488287623&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaBTYuMS43&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=642
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnsava.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45796
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 18:04:35 GMT
expires
Sat, 02 Nov 2024 18:04:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EC5B
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3845806199654395&output=html&h=280&adk=825265365&adf=2006879299&pi=t.aa~a.3770608223~rp.4&w=696&abgtt=6&fwrn=1&fwrnh=100&lmt=1730570674&rafmt=1&to=qs&pwprc=4739626111&format=696x280&url=https%3A%2F%2Fvnsava.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730570674065&bpp=1&bdt=2649&idt=-M&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d85b69df39fd5a7%3AT%3D1730570672%3ART%3D1730570672%3AS%3DALNI_MaB2_2xGfJiKXB88JdlSOcgEBjixg&gpic=UID%3D00000f4f4f8b5603%3AT%3D1730570672%3ART%3D1730570672%3AS%3DALNI_MYPZmIc1YNdUL4NSzkfmk78SMG-UA&eo_id_str=ID%3D4cc4887a91113670%3AT%3D1730570672%3ART%3D1730570672%3AS%3DAA-AfjZThLwtlmMU1F-Fbxrq4xma&prev_fmts=0x0%2C1068x280%2C696x280%2C696x280%2C324x250&nras=6&correlator=4352394206380&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=266&ady=3851&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088129%2C95343682%2C95344188%2C95344790%2C95345788%2C95345963%2C95345966&oid=2&pvsid=3324284177603338&tmod=1488287623&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&pgls=CAEaBTYuMS43&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=648
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnsava.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
31646
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 18:04:35 GMT
expires
Sat, 02 Nov 2024 18:04:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame DBEB
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnsava.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
3172
alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 17:11:40 GMT
etag
7893594074132303741
expires
Sat, 16 Nov 2024 17:11:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame 3D38
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnsava.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
3172
alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 17:11:40 GMT
etag
7893594074132303741
expires
Sat, 16 Nov 2024 17:11:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame 79BE
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnsava.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
3172
alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 17:11:40 GMT
etag
7893594074132303741
expires
Sat, 16 Nov 2024 17:11:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame 1AD1
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vnsava.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
3172
alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 17:11:40 GMT
etag
7893594074132303741
expires
Sat, 16 Nov 2024 17:11:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxX4dBJPbLj7OoJPNJA67T9jkG3zKo3A8Uhpj2KCGZW40MYOn5OkUEExGm6HVOcztAhQftVCxOw3oAJOG-VV-02Hdv2_TGgHpL7R_LSXOyvVC9TLXDkgr023FfjaNUwJXbf8QnQVXg==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX4dBJPbLj7OoJPNJA67T9jkG3zKo3A8Uhpj2KCGZW40MYOn5OkUEExGm6HVOcztAhQftVCxOw3oAJOG-VV-02Hdv2_TGgHpL7R_LSXOyvVC9TLXDkgr023FfjaNUwJXbf8QnQVXg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNTcwNjc0LDgyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vdm5zYXZhLmNvbS8iLG51bGwsW1s4LCJZc2dPT2N0dWtySSJdLFs5LCJlbi1HQiJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMzWKI9aYYnQVl7v1Yv4tf2TeoIY_Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
ESF /
Resource Hash
5df068bf00b8bdab595db610341f93b961d9ace5d999c80630c113589d6f2588
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-pavGvSE4UQfaf_VExGDLsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
date
Sat, 02 Nov 2024 18:04:34 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw15BikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4Nl2euZNN4MaW40uZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDYwN9AwM4gsMAIdLQBE"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-pavGvSE4UQfaf_VExGDLsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
adheadertxt.
fundingchoicesmessages.google.com/f/AGSKWxXu-AO2inGOXSpHxpJ9MmLHszYb0w2zQWsJTQ-bo2GkzLgiVema1qk4SyxUky4YFXWv15q9iuzY7YQIL31qSHB4JC1HCp9rx4Q6oIn9up4CyY9W0vFH2tqqwRYrQDfptCMzrIFOS4QuRI0zhfVgFsOerCBCB...
54 B
108 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXu-AO2inGOXSpHxpJ9MmLHszYb0w2zQWsJTQ-bo2GkzLgiVema1qk4SyxUky4YFXWv15q9iuzY7YQIL31qSHB4JC1HCp9rx4Q6oIn9up4CyY9W0vFH2tqqwRYrQDfptCMzrIFOS4QuRI0zhfVgFsOerCBCBkwujVczjlA5GpoHPyrcIrLPRuRzbH0s/_:-abp-properties(data:)/ads728adn2./vast_ads_/adlens-/adheadertxt.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.YsgOOctukrI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzLhdn_9IlZqXOQTVsN5odF80P7kg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
ESF /
Resource Hash
539d4b9004cf0a9303803ec8e3fc5818195cf21ded4d203415518fdea4d57b56
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-F8WLpLVLEw68bppSSvXGKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
date
Sat, 02 Nov 2024 18:04:35 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1ZBiOHHrNtMFIJb4-pJJDYid0mewBgBx681zrJOBOOnfedYCIHbXusjqD8SGCpdY7YHYsegSqycQq_ZcYjUG4vvrLrE-B-IiiSusDUB8u-kK62MgZvh6hZUDiIV4ODZfnrmTTaBjy5VFTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgbGBnoGBvEFBgCYf0TP"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-F8WLpLVLEw68bppSSvXGKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/
47 B
67 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.YsgOOctukrI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzLhdn_9IlZqXOQTVsN5odF80P7kg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

content-encoding
br
etag
13036835877489095579
age
38099
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 07:29:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 02 Nov 2024 07:29:36 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
42
x-xss-protection
0
server
cafe
AGSKWxVew1eUlnwS3AjIUq0b-D7sGXMWMjqSmE0CxHjJgGTTkzMZJOooz_NgN_gKMJXEbUOLgjvnNcmXY7k5H_roYU0nfauIzLBqzJ67AV_-rvLSh0w8e9JRPGaWEXDCXb5F06wIWNienw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVew1eUlnwS3AjIUq0b-D7sGXMWMjqSmE0CxHjJgGTTkzMZJOooz_NgN_gKMJXEbUOLgjvnNcmXY7k5H_roYU0nfauIzLBqzJ67AV_-rvLSh0w8e9JRPGaWEXDCXb5F06wIWNienw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMzWKI9aYYnQVl7v1Yv4tf2TeoIY_Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g3N2EF02pDu0BDiOTZUAbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://vnsava.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
date
Sat, 02 Nov 2024 18:04:35 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHYfHnmTjaBG5s2L2RScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGBsaGegbm8QUGAD37KPA"
content-security-policy
script-src 'report-sample' 'nonce-g3N2EF02pDu0BDiOTZUAbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://vnsava.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVew1eUlnwS3AjIUq0b-D7sGXMWMjqSmE0CxHjJgGTTkzMZJOooz_NgN_gKMJXEbUOLgjvnNcmXY7k5H_roYU0nfauIzLBqzJ67AV_-rvLSh0w8e9JRPGaWEXDCXb5F06wIWNienw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVew1eUlnwS3AjIUq0b-D7sGXMWMjqSmE0CxHjJgGTTkzMZJOooz_NgN_gKMJXEbUOLgjvnNcmXY7k5H_roYU0nfauIzLBqzJ67AV_-rvLSh0w8e9JRPGaWEXDCXb5F06wIWNienw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMzWKI9aYYnQVl7v1Yv4tf2TeoIY_Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1DtiMZC0pHAR5JU80hP9uQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://vnsava.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
date
Sat, 02 Nov 2024 18:04:36 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4ubYcnnmTjaBDa0TlJRckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRiaGBsaGegXl8gQEA4ZEn6A"
content-security-policy
script-src 'report-sample' 'nonce-1DtiMZC0pHAR5JU80hP9uQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://vnsava.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVew1eUlnwS3AjIUq0b-D7sGXMWMjqSmE0CxHjJgGTTkzMZJOooz_NgN_gKMJXEbUOLgjvnNcmXY7k5H_roYU0nfauIzLBqzJ67AV_-rvLSh0w8e9JRPGaWEXDCXb5F06wIWNienw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVew1eUlnwS3AjIUq0b-D7sGXMWMjqSmE0CxHjJgGTTkzMZJOooz_NgN_gKMJXEbUOLgjvnNcmXY7k5H_roYU0nfauIzLBqzJ67AV_-rvLSh0w8e9JRPGaWEXDCXb5F06wIWNienw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMzWKI9aYYnQVl7v1Yv4tf2TeoIY_Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hPAJiI9FbXzXgzwTAgJi5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://vnsava.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
date
Sat, 02 Nov 2024 18:04:36 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4ubYcnnmTjaBAx8Wqiu5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0MDY0M9A_P4AgMADmYogQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hPAJiI9FbXzXgzwTAgJi5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://vnsava.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVew1eUlnwS3AjIUq0b-D7sGXMWMjqSmE0CxHjJgGTTkzMZJOooz_NgN_gKMJXEbUOLgjvnNcmXY7k5H_roYU0nfauIzLBqzJ67AV_-rvLSh0w8e9JRPGaWEXDCXb5F06wIWNienw==
fundingchoicesmessages.google.com/el/
0
0

AGSKWxWEYJUANV-AJz7kxWJuI3r_K3xcn2hN2xG-zlhHOkjvqS_AjA06OrCvrmXdaF1SwpGOysYLRqppruwR6L60IMLyPpeVmT7mqT_QiLSZQa2jMW7noA0U1lm_8JIkLLIumaaWLMXpTg==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWEYJUANV-AJz7kxWJuI3r_K3xcn2hN2xG-zlhHOkjvqS_AjA06OrCvrmXdaF1SwpGOysYLRqppruwR6L60IMLyPpeVmT7mqT_QiLSZQa2jMW7noA0U1lm_8JIkLLIumaaWLMXpTg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNTcwNjc1LDY2MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly92bnNhdmEuY29tLyIsbnVsbCxbWzgsIllzZ09PY3R1a3JJIl0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMzWKI9aYYnQVl7v1Yv4tf2TeoIY_Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
ESF /
Resource Hash
8e1665c180d7428b03bf96bc159408ca2291bcbeff3427a4697f5ffb4f68bddd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-heTHJ09Chsad8DAc_RTZbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://vnsava.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000
date
Sat, 02 Nov 2024 18:04:36 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhbg5tlyeuZNNoOHUZE0ljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MDYwM9A4P4AgMAImw_Dg"
content-security-policy
script-src 'report-sample' 'nonce-heTHJ09Chsad8DAc_RTZbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxVcOhg3VAB67PBoaTpgzBZ52G5Ae75hCHu69NrcwAn1Z_9eMCghKNtgq0YhVHZlxHbPpnI7mYs-Po7fZUl4KJ4BgLaIYIUnJESVL81HwYNlgZLh6dMQzIBGjDf_Vjkmc-elyiluxw==
fundingchoicesmessages.google.com/el/
0
0

AGSKWxVew1eUlnwS3AjIUq0b-D7sGXMWMjqSmE0CxHjJgGTTkzMZJOooz_NgN_gKMJXEbUOLgjvnNcmXY7k5H_roYU0nfauIzLBqzJ67AV_-rvLSh0w8e9JRPGaWEXDCXb5F06wIWNienw==
fundingchoicesmessages.google.com/el/
0
0

sodar
ep1.adtrafficquality.google/getconfig/
0
0

favicon.png
vnsava.com/wp-content/uploads/2020/01/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxVew1eUlnwS3AjIUq0b-D7sGXMWMjqSmE0CxHjJgGTTkzMZJOooz_NgN_gKMJXEbUOLgjvnNcmXY7k5H_roYU0nfauIzLBqzJ67AV_-rvLSh0w8e9JRPGaWEXDCXb5F06wIWNienw==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxVcOhg3VAB67PBoaTpgzBZ52G5Ae75hCHu69NrcwAn1Z_9eMCghKNtgq0YhVHZlxHbPpnI7mYs-Po7fZUl4KJ4BgLaIYIUnJESVL81HwYNlgZLh6dMQzIBGjDf_Vjkmc-elyiluxw==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxVew1eUlnwS3AjIUq0b-D7sGXMWMjqSmE0CxHjJgGTTkzMZJOooz_NgN_gKMJXEbUOLgjvnNcmXY7k5H_roYU0nfauIzLBqzJ67AV_-rvLSh0w8e9JRPGaWEXDCXb5F06wIWNienw==
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241030&st=env
Domain
vnsava.com
URL
https://vnsava.com/wp-content/uploads/2020/01/favicon.png

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| _wpemojiSettings function| jQuery function| gtag object| dataLayer object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError object| tdDateNamesI18n object| block_td_uid_1_672669af5a362 object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| twemoji object| wp object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class object| tdLoadingBox object| tdAjaxSearch function| tdModalImage object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdAnimationStack object| td_backstretch_items function| td_compute_parallax_background function| td_compute_backstretch_item object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| $f object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZjQwYWMxZmNiMTMzMGMwNGxvYWRlcl9qcw== string| ZjQwYWMxZmNiMTMzMGMwNGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag boolean| google_empty_script_included boolean| 68003dc7-0312-419f-803c-586819f36a70

29 Cookies

Domain/Path Name / Value
.vnsava.com/ Name: _ga_K64FNVXG4X
Value: GS1.1.1730570672.1.0.1730570672.0.0.0
.vnsava.com/ Name: _ga
Value: GA1.2.164609093.1730570672
.vnsava.com/ Name: _gid
Value: GA1.2.1606561740.1730570673
.vnsava.com/ Name: _gat_gtag_UA_158122614_1
Value: 1
.vnsava.com/ Name: __gads
Value: ID=2d85b69df39fd5a7:T=1730570672:RT=1730570672:S=ALNI_MaB2_2xGfJiKXB88JdlSOcgEBjixg
.vnsava.com/ Name: __gpi
Value: UID=00000f4f4f8b5603:T=1730570672:RT=1730570672:S=ALNI_MYPZmIc1YNdUL4NSzkfmk78SMG-UA
.vnsava.com/ Name: __eoi
Value: ID=4cc4887a91113670:T=1730570672:RT=1730570672:S=AA-AfjZThLwtlmMU1F-Fbxrq4xma
.casalemedia.com/ Name: CMPS
Value: 4733
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmzWxoo30Wuvr8wBY1wn-7l-sATxbDpT9Z3WDyFjMmtUJddS322ukXoCpNDU4U
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMID
Value: ZyZps4sFVUgAAFm0ANxhFAAA
.casalemedia.com/ Name: CMPRO
Value: 4752
.blismedia.com/ Name: b
Value: 672669B34C0736E70D811282BLIS
.ladsp.com/ Name: cr
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBLNpJmcCEL3f1pnEmoS9myqWC6vSnDsFEgEBAQG7J2cwZwAAAAAA_eMAAA&S=AQAAAs6eJAoe3u2J6CSd0cSfSYo
.yahoo.co.jp/ Name: XA
Value: eu3hoq1jicqdj&sd=A&t=1730570675&u=1730570675&v=1
.yahoo.co.jp/ Name: XB
Value: eb83db86-9944-11ef-beb5-8753b8d661cf&v=6&u=1730570675&s=2r
.ladsp.com/ Name: smn_uid
Value: EAFdPLc6GCzN1JY_o4gyMCDtMs1h17Y
.ladsp.com/ Name: lum
Value: CNDOs_CuMhIFCAEQqAE
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2221E8F3C3-D92D-49B8-0717-24EC9403ECA4%22%7D
.vnsava.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-1jsdn_UE1dz9AjoxpFMpYpMSpY1GzBqQU295pbVEilpJL8Dq5JEXQQLdyoKXKYvqA0EmrDr3Leqt4q86GoPos9mQfcAcWDGQ2D4efY2jp9Uy9F6sDVZuHrwENiS8Wp0VX0uQAZaxDPd5by8yFJ32n1pdkZw%3D%3D%22%5D%5D
.turn.com/ Name: uid
Value: 2564481734687843846
.doubleclick.net/ Name: APC
Value: AfxxVi4cXJ3PsEwVq4Cw74-uhT0rnWOoufOXPeHwvXrv5ROpenUCJw
.ad-m.asia/ Name: uid
Value: 1ft4RZQ1eVa
.creativecdn.com/ Name: ts
Value: 1730570676
.creativecdn.com/ Name: g
Value: pd0h3KLTqGYr37MWK9ei_1730570676081
.gsspat.jp/ Name: gid
Value: 308f07c9740a6f77bc970dff50ccbde6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ep1.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
vnsava.com
www.google-analytics.com
www.googletagmanager.com
ep1.adtrafficquality.google
fundingchoicesmessages.google.com
vnsava.com
142.250.204.3
142.250.66.194
172.217.24.34
172.217.24.40
172.217.24.42
172.217.24.46
202.134.241.110
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0379194edd870caf9f451b64eb3740671e1ac802c5ebb0fa53a03522ff5ed7f0
03f6841694c063652bfae377609e577122ecc3f4a9b8a01cf7671688857c5c3e
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
120a78ead766e9a8631aa5a7ab045cbf2989f6026df1c6f492ca2f818216779f
13c160a82b7a0e64e2697099031ffe11e82a1e5ab9773a58950669e147256d91
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
3697fb23491fe236bd948bebaba0a584cacf4667ca2bcebf8bcf175c4ca226e3
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d34ac2be24d4ad2e29113554eb2eb0217af89b76ef6b068f6c826e544f3c899
3e8f8a1d4f1a37245c6b7acbaa44a6c04975d1e21b038f7128be586482ffe4b0
45de68d5ea3bb96656dcd125cd8e8ba153b2952fe44db7315252a42d6e76ea96
4db6f03dbc41b08a9d698ce1e400786d6a0c61a28f992e0a58bbd0e18a13b5b5
5358d3de2835d7f582dd7ee728db78be77a43e1d7b426c9c9bc35ae0f07e15bb
539d4b9004cf0a9303803ec8e3fc5818195cf21ded4d203415518fdea4d57b56
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5df068bf00b8bdab595db610341f93b961d9ace5d999c80630c113589d6f2588
6042ebe44f979bbedd28e04be70da6d811cb39792e1890f8fb173c2ffb3cd539
666d5c2b0e7ef0cc2c46675b88b5867ccb5cc6ec89a52b8da94caa68a6bf8d13
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b87b89d4f9856062e47d704aef82d84d18f6608f96159308bfbadcbd46c70c3
7364672bd763862a889fe900f5bb3abc22770c709eebd9f0064cd28833198530
765376402c1662f9456c85c6712339b6e8be5bf07fe700f77187c8b87a0d45a6
7ac5d4a6a356134e719c9decb781a6dd5544acd45b4355321bdb92becfbeea39
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8e1665c180d7428b03bf96bc159408ca2291bcbeff3427a4697f5ffb4f68bddd
9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa
95f775a035404a0b3b12351a3fe75800796a346cb320fa6fe3460d83e1e4644e
97f759d55f6a1aa9453a1ea0433a1afe5361423c872ee479de8ef985b7ddeae6
9900ea717c7a6b05420b209a40aab5fbc9861f8f52729052dac9b8d84b166e12
9b2da7c38d34ace18801291959a5fc03c369f5bd2aea33cb488da61d9f39ff2f
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a4b5da2d5945b7298cf6a30212e45411c12ee24ccb8335f5943165c809645f0e
a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00
a82cf4c922189b14c3f7ebe5a2d8b6cea17ed594a92457095eb679a43ec1c738
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3
b6251a215d21a6b24853795db941fc1404fbb9be8e0d594c12a4dbc11358ba44
b78fcbd22498440f17cf4c720b98d73e060bc529720fbfe27ce2568be0bead80
c579aefbc3ef6f5ef17e31fedd89eecc654eabde2346a0c302c20c290e914efa
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
da86283c34030c89397605c7e7e43c3e9a649287087b5afed839332c87be3761
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2dfdd5557d850e6fef52050620e376085b4836e01f0a0708155a60bad04a888
e3a519926b31f12088098904d5ded69e3265abb8c2142aaae0f3ab4ced5f7467
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73e0bad1635a9b771b2ddc741064958880ebc9a0d90963cac6ea0445c0f7799
eac4073d5e986322d8d81d583859befc62099c14236ccb97b6311672c91d6696
eb78c477ad54f113858789553c8d6a570c0bb27a5a88bea27093923c21e29fe6
f293c140da2bad3773f39272ca880bcbecf0af5ec3a3e67fce96441449ea4810
ff099241aab30034b641871095d946669f5eebbd89988f4277c59399a28b151a
ffa1953b21fc0a4627185b7492b74e85589e6543584c6eeed143874eb5645dd4