urlscan.io logo urlscan.io
SecurityTrails logo

vov.vn Open in urlscan Pro
113.164.27.165  Public Scan

Go To Rescan Add Verdict Report
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-pos...
Submission: On August 12 via manual from VN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 71 IPs in 8 countries across 69 domains to perform 357 HTTP transactions. The main IP is 113.164.27.165, located in Viet Nam and belongs to VNPT-AS-VN VNPT Corp, VN. The main domain is vov.vn. The Cisco Umbrella rank of the primary domain is 180931.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on October 20th 2021. Valid for: a year.
This is the only time vov.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 23 113.164.27.165 45899 (VNPT-AS-V...)
34 113.164.27.169 45899 (VNPT-AS-V...)
5 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
5 157.245.193.86 14061 (DIGITALOC...)
2 2a04:4e42:400... 54113 (FASTLY)
6 2a03:2880:f01... 32934 (FACEBOOK)
6 49.213.114.132 38244 (VINAGAME-...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:214... 16509 (AMAZON-02)
3 212.124.124.8 47328 (TRI-AS Tr...)
1 69.192.109.53 16625 (AKAMAI-AS)
1 23.215.130.57 20940 (AKAMAI-ASN1)
1 120.138.69.5 38244 (VINAGAME-...)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
11 142.250.65.162 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 141.95.98.66 16276 (OVH)
1 5 23.106.127.48 59253 (LEASEWEB-...)
1 2600:9000:202... 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2600:9000:202... 16509 (AMAZON-02)
1 49.213.114.149 38244 (VINAGAME-...)
6 2607:f8b0:400... 15169 (GOOGLE)
32 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 34.102.146.192 15169 (GOOGLE)
24 2a02:2638::3 44788 (ASN-CRITE...)
1 54.200.17.135 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 143.204.146.36 16509 (AMAZON-02)
1 18.225.2.19 16509 (AMAZON-02)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
28 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
13 2607:f8b0:400... 15169 (GOOGLE)
2 35.244.159.8 15169 (GOOGLE)
1 54.221.252.20 14618 (AMAZON-AES)
11 17 142.251.40.162 15169 (GOOGLE)
5 11 104.18.18.126 13335 (CLOUDFLAR...)
3 6 68.67.160.24 29990 (ASN-APPNEX)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
4 142.250.80.66 15169 (GOOGLE)
2 143.204.146.97 16509 (AMAZON-02)
2 107.178.244.119 15169 (GOOGLE)
2 2 151.101.130.49 54113 (FASTLY)
2 34.98.64.218 15169 (GOOGLE)
1 2 2600:1f18:4e9... 14618 (AMAZON-AES)
3 4 15.197.193.217 16509 (AMAZON-02)
3 2620:100:a001... 19750 (AS-CRITEO)
2 23.73.244.44 16625 (AKAMAI-AS)
6 10 69.173.151.100 26667 (RUBICONPR...)
2 2620:100:a001::3 19750 (AS-CRITEO)
1 74.119.119.139 19750 (AS-CRITEO)
3 74.119.119.147 19750 (AS-CRITEO)
2 2600:9000:214... 16509 (AMAZON-02)
5 74.119.119.149 19750 (AS-CRITEO)
2 74.119.119.150 19750 (AS-CRITEO)
2 3 52.46.151.131 16509 (AMAZON-02)
2 3 54.239.38.253 16509 (AMAZON-02)
1 1 35.190.60.146 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
11 74.119.119.137 19750 (AS-CRITEO)
10 13.33.60.8 16509 (AMAZON-02)
1 142.250.80.98 ()
357 71
23    113.164.27.165 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn
vov.vn
34    113.164.27.169 (Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)
PTR: static.vnpt.vn
media.vov.vn
5    2607:f8b0:4006:81c::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2607:f8b0:4006:809::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:81e::200a (New York, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    157.245.193.86 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
client.trackpush.com
api.trackpush.com
user.trackpush.com
2    2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)
anymind360.com
6    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
6    49.213.114.132 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)
sp.zalo.me
button-share.zalo.me
1    2606:4700:3033::6815:2c03 (United States)

ASN13335 (CLOUDFLARENET, US)
tinnhiemmang.vn
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2600:9000:2140:1200:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
3    212.124.124.8 (Reston, United States)

ASN47328 (TRI-AS True Records Inc., ES)
aj1559.online
1    69.192.109.53 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-109-53.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    23.215.130.57 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-215-130-57.deploy.static.akamaitechnologies.com
ced.sascdn.com
1    120.138.69.5 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)
PTR: ptr.vng.vn
za.zdn.vn
4    2607:f8b0:4006:824::2003 (New York, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2607:f8b0:4006:822::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
11    142.250.65.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
5    2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    141.95.98.66 (France)

ASN16276 (OVH, FR)
PTR: ns3216537.ip-141-95-98.eu
id5-sync.com
5    23.106.127.48 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
adnetwork.adasiaholdings.com
1    2600:9000:202c:5e00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
1    2606:4700:3037::6815:5492 (United States)

ASN13335 (CLOUDFLARENET, US)
countervov.emitech.vn
2    2600:9000:202c:fc00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
1    49.213.114.149 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)
za.zalo.me
6    2607:f8b0:4006:81e::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
32    2607:f8b0:4006:81d::2001 (New York, United States)

ASN15169 (GOOGLE, US)
f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
tpc.googlesyndication.com
1    2606:4700:20::ac43:4b78 (United States)

ASN13335 (CLOUDFLARENET, US)
ui-avatars.com
1    34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
24    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    54.200.17.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-17-135.us-west-2.compute.amazonaws.com
id.sharedid.org
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    143.204.146.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-36.ewr52.r.cloudfront.net
tags.crwdcntrl.net
1    18.225.2.19 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-225-2-19.us-east-2.compute.amazonaws.com
prod.uidapi.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
28    2607:f8b0:4006:80b::2002 (New York, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
7    2607:f8b0:4006:81f::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:820::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
13    2607:f8b0:4006:807::2006 (New York, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
1    54.221.252.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-252-20.compute-1.amazonaws.com
bcp.crwdcntrl.net
17    142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
cm.g.doubleclick.net
11    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
6    68.67.160.24 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
4    142.250.80.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
googleads4.g.doubleclick.net
2    143.204.146.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-97.ewr52.r.cloudfront.net
choices.truste.com
2    107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com
beacon.sojern.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    2600:1f18:4e9:5a02:6caa:c6ef:9a61:2678 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
4    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
2    23.73.244.44 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-244-44.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
10    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)
rtb.va.us.criteo.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
3    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
2    2600:9000:2140:a600:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
5    74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.va.us.criteo.com
dis.criteo.com
3    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
11    74.119.119.137 (United States)

ASN19750 (AS-CRITEO, US)
PTR: pix.va1.vip.prod.criteo.com
pix.us.criteo.net
10    13.33.60.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-8.ewr52.r.cloudfront.net
choices.trustarc.com
1    142.250.80.98 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
57 vov.vn
vov.vn — Cisco Umbrella Rank: 180931
media.vov.vn — Cisco Umbrella Rank: 252402
4 MB
55 googlesyndication.com
f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
ade.googlesyndication.com
295 KB
42 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
325 KB
40 criteo.net
static.criteo.net — Cisco Umbrella Rank: 627
csm.us.criteo.net — Cisco Umbrella Rank: 1915
pix.us.criteo.net — Cisco Umbrella Rank: 1936
430 KB
13 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 401
ads.us.criteo.com — Cisco Umbrella Rank: 1876
rtb.va.us.criteo.com — Cisco Umbrella Rank: 4868
mug.criteo.com — Cisco Umbrella Rank: 2755
cat.va.us.criteo.com — Cisco Umbrella Rank: 2568
widget.va.us.criteo.com — Cisco Umbrella Rank: 4437
dis.criteo.com — Cisco Umbrella Rank: 699
142 KB
13 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 289
489 KB
12 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 707
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
16 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
r.casalemedia.com Failed
10 KB
11 google.com
analytics.google.com — Cisco Umbrella Rank: 501
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
1 KB
10 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 724
36 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
551 KB
7 zalo.me
sp.zalo.me — Cisco Umbrella Rank: 31658
button-share.zalo.me — Cisco Umbrella Rank: 41490
za.zalo.me — Cisco Umbrella Rank: 31037
147 KB
6 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 288
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1264
5 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
6 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
259 KB
6 openx.net
oajs.openx.net — Cisco Umbrella Rank: 3853
google-bidout-d.openx.net — Cisco Umbrella Rank: 3639
us-u.openx.net — Cisco Umbrella Rank: 396
2 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
ajax.googleapis.com — Cisco Umbrella Rank: 267
35 KB
5 adasiaholdings.com
adnetwork.adasiaholdings.com — Cisco Umbrella Rank: 61531
3 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
43 KB
5 trackpush.com
client.trackpush.com — Cisco Umbrella Rank: 173355
api.trackpush.com — Cisco Umbrella Rank: 120244
user.trackpush.com — Cisco Umbrella Rank: 122525
30 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 381
2 KB
4 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 557
280 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
29 KB
3 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 43564
get.optad360.io — Cisco Umbrella Rank: 25239
210 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 541
cdn.id5-sync.com — Cisco Umbrella Rank: 1443
14 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
29 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
3 aj1559.online
aj1559.online — Cisco Umbrella Rank: 77593
15 KB
2 agkn.com
d.agkn.com — Cisco Umbrella Rank: 568
1 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ups.analytics.yahoo.com Failed
2 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 623
616 B
2 sojern.com
beacon.sojern.com — Cisco Umbrella Rank: 4548
285 B
2 truste.com
choices.truste.com — Cisco Umbrella Rank: 722
18 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1275
bcp.crwdcntrl.net — Cisco Umbrella Rank: 834
30 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 423
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
87 KB
2 anymind360.com
anymind360.com — Cisco Umbrella Rank: 17324
101 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
570 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 611
idsync.rlcdn.com Failed
439 B
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 6484
5 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 5604
904 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 4006
8 KB
1 ui-avatars.com
ui-avatars.com — Cisco Umbrella Rank: 54624
1 KB
1 emitech.vn
countervov.emitech.vn — Cisco Umbrella Rank: 533947
669 B
1 zdn.vn
za.zdn.vn — Cisco Umbrella Rank: 37566
8 KB
1 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 9357
32 KB
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 496
simage2.pubmatic.com Failed
76 KB
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2350
41 KB
1 tinnhiemmang.vn
tinnhiemmang.vn — Cisco Umbrella Rank: 95168
23 KB
0 postrelease.com Failed
jadserve.postrelease.com Failed
0 bing.com Failed
c.bing.com Failed
0 ivitrack.com Failed
matching.ivitrack.com Failed
0 stickyadstv.com Failed
ads.stickyadstv.com Failed
0 omnitagjs.com Failed
visitor.omnitagjs.com Failed
0 socdm.com Failed
tg.socdm.com Failed
0 yieldlab.net Failed
ad.yieldlab.net Failed
0 3lift.com Failed
eb2.3lift.com Failed
0 teads.tv Failed
criteo-sync.teads.tv Failed
0 taboola.com Failed
sync-t1.taboola.com Failed
0 smartadserver.com Failed
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 605 Failed
0 sharethrough.com Failed
match.sharethrough.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 mediavine.com Failed
exchange.mediavine.com Failed
0 media.net Failed
contextual.media.net Failed
0 360yield.com Failed
ad.360yield.com Failed
0 adscale.de Failed
ih.adscale.de Failed
0 mediawallahscript.com Failed
partner.mediawallahscript.com Failed
0 bidswitch.net Failed
x.bidswitch.net — Cisco Umbrella Rank: 292 Failed
0 eyeota.net Failed
ps.eyeota.net — Cisco Umbrella Rank: 1014 Failed
357 69
Domain Requested by
34 media.vov.vn vov.vn
media.vov.vn
25 tpc.googlesyndication.com vov.vn
f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
24 static.criteo.net securepubads.g.doubleclick.net
ads.us.criteo.com
23 vov.vn 16 redirects vov.vn
22 pagead2.googlesyndication.com vov.vn
f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
securepubads.g.doubleclick.net
17 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
google-bidout-d.openx.net
f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
13 s0.2mdn.net f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
googleads.g.doubleclick.net
vov.vn
s0.2mdn.net
11 pix.us.criteo.net ads.us.criteo.com
11 dsum-sec.casalemedia.com 5 redirects googleads.g.doubleclick.net
11 securepubads.g.doubleclick.net anymind360.com
securepubads.g.doubleclick.net
vov.vn
10 choices.trustarc.com choices.truste.com
vov.vn
choices.trustarc.com
9 www.googletagmanager.com vov.vn
www.googletagmanager.com
7 www.google.com f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 token.rubiconproject.com 4 redirects f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
6 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
ads.us.criteo.com
6 www.googletagservices.com f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
5 csm.us.criteo.net ads.us.criteo.com
5 googleads.g.doubleclick.net f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
vov.vn
5 adnetwork.adasiaholdings.com 1 redirects vov.vn
5 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
5 fonts.googleapis.com vov.vn
f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
cdnjs.cloudflare.com
4 pixel.rubiconproject.com 2 redirects f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
ads.us.criteo.com
4 match.adsrvr.org 3 redirects ads.pubmatic.com
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
vov.vn
4 static.xx.fbcdn.net www.facebook.com
4 fonts.gstatic.com fonts.googleapis.com
4 cdnjs.cloudflare.com vov.vn
ads.us.criteo.com
3 aax-eu.amazon-adsystem.com 2 redirects vov.vn
3 s.amazon-adsystem.com 2 redirects vov.vn
3 cat.va.us.criteo.com ads.us.criteo.com
3 ads.us.criteo.com f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
3 us-u.openx.net google-bidout-d.openx.net
3 button-share.zalo.me sp.zalo.me
button-share.zalo.me
3 analytics.google.com www.googletagmanager.com
3 www.facebook.com vov.vn
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 aj1559.online vov.vn
aj1559.online
3 sp.zalo.me vov.vn
button-share.zalo.me
2 d.agkn.com ads.us.criteo.com
2 rtb.va.us.criteo.com vov.vn
2 eus.rubiconproject.com f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
eus.rubiconproject.com
2 pr-bh.ybp.yahoo.com 1 redirects google-bidout-d.openx.net
2 sync-tm.everesttech.net 2 redirects
2 beacon.sojern.com f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
2 choices.truste.com googleads.g.doubleclick.net
s0.2mdn.net
2 gum.criteo.com 1 redirects static.criteo.net
ads.us.criteo.com
vov.vn
2 oajs.openx.net 1 redirects vov.vn
2 get.optad360.io aj1559.online
get.optad360.io
2 user.trackpush.com api.trackpush.com
2 id5-sync.com ced.sascdn.com
cdn.id5-sync.com
2 cdn.jsdelivr.net anymind360.com
get.optad360.io
2 api.trackpush.com vov.vn
2 connect.facebook.net vov.vn
connect.facebook.net
2 anymind360.com vov.vn
anymind360.com
1 ade.googlesyndication.com
1 dis.criteo.com ads.us.criteo.com
1 px.ads.linkedin.com f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
1 id.rlcdn.com 1 redirects
1 widget.va.us.criteo.com ads.us.criteo.com
1 mug.criteo.com vov.vn
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 www.gstatic.com f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
1 prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 ui-avatars.com vov.vn
1 adservice.google.com securepubads.g.doubleclick.net
1 za.zalo.me za.zdn.vn
1 countervov.emitech.vn media.vov.vn
1 cmp.optad360.io aj1559.online
1 za.zdn.vn sp.zalo.me
1 ced.sascdn.com anymind360.com
1 ads.pubmatic.com anymind360.com
1 cdn.jwplayer.com vov.vn
1 tinnhiemmang.vn vov.vn
1 client.trackpush.com vov.vn
1 ajax.googleapis.com vov.vn
0 jadserve.postrelease.com Failed ads.us.criteo.com
0 c.bing.com Failed ads.us.criteo.com
0 idsync.rlcdn.com Failed ads.us.criteo.com
0 matching.ivitrack.com Failed ads.us.criteo.com
0 ads.stickyadstv.com Failed ads.us.criteo.com
0 visitor.omnitagjs.com Failed ads.us.criteo.com
0 tg.socdm.com Failed ads.us.criteo.com
0 ad.yieldlab.net Failed ads.us.criteo.com
vov.vn
0 ups.analytics.yahoo.com Failed ads.us.criteo.com
0 eb2.3lift.com Failed ads.us.criteo.com
0 criteo-sync.teads.tv Failed ads.us.criteo.com
0 sync-t1.taboola.com Failed ads.us.criteo.com
0 rtb-csync.smartadserver.com Failed ads.us.criteo.com
0 match.sharethrough.com Failed ads.us.criteo.com
0 simage2.pubmatic.com Failed ads.us.criteo.com
0 sync.outbrain.com Failed ads.us.criteo.com
0 exchange.mediavine.com Failed ads.us.criteo.com
0 contextual.media.net Failed ads.us.criteo.com
0 ad.360yield.com Failed ads.us.criteo.com
0 r.casalemedia.com Failed ads.us.criteo.com
0 ih.adscale.de Failed ads.us.criteo.com
0 partner.mediawallahscript.com Failed ads.us.criteo.com
0 x.bidswitch.net Failed ads.us.criteo.com
0 ps.eyeota.net Failed vov.vn
357 105
Subject Issuer Validity Valid
*.vov.vn
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-10-20 -
2022-11-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.trackpush.com
Sectigo RSA Domain Validation Secure Server CA		 2022-07-11 -
2023-06-29		 a year crt.sh
anymind360.com
R3		 2022-07-02 -
2022-09-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-21 -
2022-08-19		 3 months crt.sh
*.zalo.me
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-03 -
2023-07-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-02-06 -
2023-02-06		 a year crt.sh
jwplayer.com
Amazon		 2021-12-29 -
2023-01-25		 a year crt.sh
aj1559.online
R3		 2022-06-27 -
2022-09-25		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh
*.zdn.vn
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-06 -
2022-09-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.id5-sync.com
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh
*.adasiaholdings.com
Go Daddy Secure Certificate Authority - G2		 2022-05-15 -
2023-05-13		 a year crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-08-09 -
2022-11-07		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.truste.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
*.sojern.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-16 -
2023-01-16		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-07-28 -
2022-10-22		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.va.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-05 -
2022-10-30		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.us.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-23 -
2022-09-19		 3 months crt.sh
*.trustarc.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh

This page contains 31 frames:

Primary Page: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Frame ID: 697D8264080D0638FF7D80AE5A1C1967
Requests: 122 HTTP requests in this frame

Frame: https://button-share.zalo.me/share_inline?id=7a7ff4de-a3a8-4b39-acb4-7c2f91655d21&layout=3&color=white&customize=true&width=0px&height=0px&isDesktop=false&url=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&d=eyJ1cmwiOiJodHRwczovL3Zvdi52bi90aGUtZ2lvaS9oby1zby9hemVyYmFpamFuLXRhbS1kaWVtLWNoaWVuLWx1b2MtZGF1LWtoaS1jdWEtbXktdHJvbmctYm9pLWNhbmgteHVuZy1kb3QtdWtyYWluZS1wb3N0OTU4NDQ4LnZvdiJ9&shareType=0
Frame ID: DDAE414FB43E5CEC4E0318EF0168CA11
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/v3.3/plugins/like.php?action=like&app_id=2231789990407982&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e5a4e7aa9fc64%26domain%3Dvov.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvov.vn%252Ff177c29a8c9db2c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&layout=button_count&locale=en_US&sdk=joey&share=false&size=small&width=
Frame ID: 85D8B05283306B4209186AEDAD09E742
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v3.3/plugins/like.php?action=like&app_id=2231789990407982&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dcea963c4a67c%26domain%3Dvov.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvov.vn%252Ff177c29a8c9db2c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fbaodientuvov.vn%2F&layout=standard&locale=en_US&sdk=joey&share=false&size=large&width=300
Frame ID: 66B9CA0E4A08CE9AACC72A2223F8992A
Requests: 3 HTTP requests in this frame

Frame: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 31DF12E9609941601E285CCD29341D24
Requests: 1 HTTP requests in this frame

Frame: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F37B11C660E3C57C6DDE03EA6AAD9653
Requests: 4 HTTP requests in this frame

Frame: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D14A072F85B520C7B2EC5C20D4156BC7
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPeBDRCI53MYoMnOnQEwAQ&v=APEucNXBMbixtjrE6w87RBkcVHe9FGOZNo-UymJYaIKCdhl9mrMJipoNTWVXXRf0rQ7T-lIFMn5WxsOt2lucTZQsTzgOniWFxg
Frame ID: 93FD73145259404C62E12F8242796362
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20220811/r20110914/abg_lite_fy2021.js
Frame ID: 201A9A1ED219A945DA2323394E2A00CD
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBDM7bECGNSVpMoBMAE&v=APEucNXGVksMebNWbddsWpl-FXPM9Of1pLjjBpjGWhXmqJYf3FA5P1kAmGlGe0x2a3dFhq1BaAzLKCFgn6YdCnNi4c7_zcTkWQ
Frame ID: E3DEA8634F70D41BFF31DCF73D0214E7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 27AAF85D40260D8F626DDB6C1FD174D5
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: A8D42203DA466FA035B443C929022F13
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=vov.vn
Frame ID: 3BD54C959F3FF2A732FB18059B95141B
Requests: 2 HTTP requests in this frame

Frame: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3B7B5BEEC8DA0C9BFF37560CE426EBBF
Requests: 9 HTTP requests in this frame

Frame: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1B7C32100E6BB364C2D3FAFFDB582298
Requests: 8 HTTP requests in this frame

Frame: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5598F8E78D46D339FF46C893737D1468
Requests: 21 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Frame ID: C874AC645E152475D0508BC5343C65AD
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Frame ID: 4C1DF5C7F5B251F7661B1FE5EAB0D13A
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A2E74A8490E2EC0D1222416360CD8145
Requests: 3 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAIsxsH48vsAADzccp1FQ4MKp-7SDQB-g&u=%7C37q5NLbdiZTR5wRbloRO5z4nR9U7lGXCaRE%2FCipRWf8%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62knUQI1z9HYeneK-1Devt8wky9zDFC3GGWJ4OT0gJBtYd4_HdjhA-nVYXxCOchoBuDKJFHA8Y4tzBkiXaIv2Udd4FqNqEWMyld3OmAXFUfiReAOHsfwm3EX2eZuWeCJyydpy0Kezqh4KWHgoSbzNsvCi7eUPnsn8yAH63L4KrxYDf5XYDU2fFo73UkrSyBRzsuWtBmk5CIYscRE7XhIiMWdtbCA7878k1hr4HX6Q-GkXRY6khK7cTqAKmTyVahcdo5bqY7hphTw6fLUzB2-yqAx3sRtWVXt6ARNHhmsNIjSW5EQsflq2wJxot4JhXe_X8wyvk3vETjT8KQuU5O2d84lwVHCH_QH4CH9csaOUt8vXdYHL2vdyV3qH36rvIzyK9GLpH9VSQt_BFvkci6PlDPA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqzboGKP1YpvmIuyXj-8P8eaDYJyB77BcosqnqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxoAGs3f7oA8gBCeACAKgDAaoEmgNP0HlPG1IA0iTj9VOMdbksq0xG4rpyUGSMxZuoR1beFrsrgCsLr29-zN5y3_DtgGpS8Ils3u0DJJFnpvDnO6HCErRp8RWpFU2L8pCWqExlWfpIp3tkG_Ylsh8Qk3RKjzkVisomgtXg3r-AE4RwaPdpvazgUmMhpX-2bMwz7LP3xKb3P76iyKZMYIpTxFkjqU1MDQiqAEB1mJDYhUBe6sqTXdi1WNzMrB4a3gll-pfJgJX4Sc3HY2NArCycrLAyDxUel-dOGHNDsBhSP14rtSQvGAM7xfOqoC6UM2Z8MR8QcuvKaXC6Uuh3EPwtcevqneNRr5kD7wsw5F5qBYp7vWY_P1jS5Zn8yE2T_cjzLfimdvhflJ8PX_CP7_UuWmMgPSnC50tsIj2FCgUzICWc2kPw8PF1wbTpSRQvqjWF0F5F_cOkMyA-GidFyAmT-GaL5sBYPPtCVCmlVvkYlcuFRwGCIrLjogu-1DE_DiaDOJ_m_nmyLVj8c9UllarVQkF60-da2Gah-7sxDNbWCK5RjDY6PbAiNwzkDEQFx-AEAYAGndz7_-j3xdoQoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBA8ggbYWR4LXN1YnN5bi0yNTI2OTAzNDMzMzMyNDA4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DuPeQg6w63rcPGV_kmJwBJHE_Mg%26client%3Dca-pub-9058291854443881%26adurl%3D
Frame ID: E186F8C88E7CFF0F4F91864553FF6C69
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBCEm14Y_8G9zgEwAQ&v=APEucNWZBRvtf7eDkzbB1DHWPh3Lkm5KP0XCH9iJ2nG0aaIjFRX0xkrzBZuFoD7jxv5OGyrOpnh9ujaNNJKhP_ColHGiLgGrpw
Frame ID: A1C0E6A7E4711D9DE868C60421079A01
Requests: 5 HTTP requests in this frame

Frame: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4572175E7D71826F974709C87C9C25E0
Requests: 10 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Frame ID: D1DD0243F698293465AE213C2EFEA5FC
Requests: 19 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
Frame ID: 5C3DBF04F723647E2E8B9C414F74AB7D
Requests: 10 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=62f5a3192260a613e56aeb76fc84f27d
Frame ID: 4ED9EB9337310E66EA0E59E458D90DA0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 098603CE5C8389AF9E04C105ABE18809
Requests: 3 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k--GZDgq2BgMou1tZZN2gaRWG1bxkymt-cYK5SqA&expires=30
Frame ID: 982291175D2693C3204B7578B824F952
Requests: 30 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 184C77A3ED286FC607A6BD2DF12F50F0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9138423C8299F32086A01BF459A35D94
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C6984E762F08915B33B8B6BAE419ECAB
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 0A00AEE94532EB2FB0CD1C006E6480A4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Azerbaijan - tâm điểm chiến lược dầu khí của Mỹ trong bối cảnh xung đột Ukraine

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

357
Requests

80 %
HTTPS

44 %
IPv6

69
Domains

105
Subdomains

71
IPs

8
Countries

8350 kB
Transfer

14364 kB
Size

112
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://vov.vn/themes/custom/vovvn/logo.svg HTTP 302
  • https://media.vov.vn/themes/custom/vovvn/logo.svg
Request Chain 20
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-07/duong+ong+khi+dot+-The+Hill.jpg HTTP 302
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-07/duong+ong+khi+dot+-The+Hill.jpg
Request Chain 21
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-07/tong+thong+Nga+Putin+-Haaretz.jpg HTTP 302
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-07/tong+thong+Nga+Putin+-Haaretz.jpg
Request Chain 22
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-05/khi+dot+duong+ong+van+khoa+-Onurdongel.jpg HTTP 302
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-05/khi+dot+duong+ong+van+khoa+-Onurdongel.jpg
Request Chain 23
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-05/khai+thac+dau+mo+Nga+-bloomberg.jpg HTTP 302
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-05/khai+thac+dau+mo+Nga+-bloomberg.jpg
Request Chain 24
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-05/khi+dot+-pixnio.jpg HTTP 302
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-05/khi+dot+-pixnio.jpg
Request Chain 25
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-03/Azerbaijan+cung+cap+dau+khi+thay+Nga+cho+chau+Au+xuyen+Adriatic+-asia+times.jpg HTTP 302
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-03/Azerbaijan+cung+cap+dau+khi+thay+Nga+cho+chau+Au+xuyen+Adriatic+-asia+times.jpg
Request Chain 26
  • https://vov.vn/sites/default/files/styles/front_large/public/2020-10/Azerbaijan-Gruzia-Tho+Nhi+Ky%2C+duong+ong+dau+khi%2C+-Thomas+Blomberg.jpg HTTP 302
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2020-10/Azerbaijan-Gruzia-Tho+Nhi+Ky%2C+duong+ong+dau+khi%2C+-Thomas+Blomberg.jpg
Request Chain 27
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-05/Putin+doa+khoa+van+khi+dot+voi+nhung+nuoc+khong+chiu+thanh+toan+bang+rup+-insideGermany.jpg HTTP 302
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-05/Putin+doa+khoa+van+khi+dot+voi+nhung+nuoc+khong+chiu+thanh+toan+bang+rup+-insideGermany.jpg
Request Chain 28
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-08/UAV+Tho+Nhi+Ky+TB2+dau+tren+san+bay+-Anadolu.jpg HTTP 302
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/UAV+Tho+Nhi+Ky+TB2+dau+tren+san+bay+-Anadolu.jpg
Request Chain 29
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-08/tay_ban_nha.jpg HTTP 302
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/tay_ban_nha.jpg
Request Chain 30
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-08/dien+thoai+thong+minh+Trung+Quoc+Xiaomi+o+An+Do+-afp.jpg HTTP 302
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/dien+thoai+thong+minh+Trung+Quoc+Xiaomi+o+An+Do+-afp.jpg
Request Chain 31
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-08/han_quoc5.jpg HTTP 302
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/han_quoc5.jpg
Request Chain 32
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-08/Cover+China+Nato.jpg HTTP 302
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/Cover+China+Nato.jpg
Request Chain 33
  • https://vov.vn/themes/custom/vovvn/images/marker/emagazine.png HTTP 302
  • https://media.vov.vn/themes/custom/vovvn/images/marker/emagazine.png
Request Chain 34
  • https://vov.vn/themes/custom/vovvn/images/logo/logo-white.png HTTP 302
  • https://media.vov.vn/themes/custom/vovvn/images/logo/logo-white.png
Request Chain 83
  • https://adnetwork.adasiaholdings.com/2060/call HTTP 307
  • https://adnetwork.adasiaholdings.com/2060/call?cklb=1
Request Chain 101
  • https://id5-sync.com/i/102/8.gif?id5id=ID5*i7O0jseDUoXwLn6FuoBC9iWpdMIhKEIVY9U4iS4MzH0edyFF4_D7l6R1ypArQMRJ&o=api&gdpr_consent=undefined&gdpr=0 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOFnirRCHVh0Rre7s39FKNA_DTu9SyLsFI__c1vA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/7/2.gif?puid=6887161019344777123&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F102%2F2%2F6%2F3.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/2/6/3.gif?puid=7186466054594036066&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOFnirRCHVh0Rre7s39FKNA_DTu9SyLsFI__c1vA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F5%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/3/5/4.gif?puid=b31562f5-a319-4300-b731-d61b689c0963&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=3d22c16a-ce31-46f0-ba9c-0283881e2ab7&ttl=%%TTL%% HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAARd07F60YAAA99VNYjCQ HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/102/10/2/7.gif?puid=4031305998091369521&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F1%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/104/1/8.gif?puid=&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
Request Chain 126
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&rid=esp&cc=1
Request Chain 155
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
Request Chain 156
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvWjGXEaGrshXuHbOhvpzwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
Request Chain 157
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBeYSZ4-8mQdmcLuwtd20fo&google_cver=1
Request Chain 158
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4NjQ2NjA1NDU5NDAzNjA2Ng%3D%3D
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
Request Chain 160
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvWjGXEaGrshXuHbOhvpzwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
Request Chain 161
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBeYSZ4-8mQdmcLuwtd20fo&google_cver=1
Request Chain 162
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4NjQ2NjA1NDU5NDAzNjA2Ng%3D%3D
Request Chain 171
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YvWjGQAFwv6fIQBC HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvWjGQAFwv6fIQBC&_test=YvWjGQAFwv6fIQBC
Request Chain 173
  • https://match.adsrvr.org/track/cmf/openx?oxid=5320e166-7209-74d5-ed89-891c8686635f&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=5320e166-7209-74d5-ed89-891c8686635f&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=3d22c16a-ce31-46f0-ba9c-0283881e2ab7&ttd_puid=5320e166-7209-74d5-ed89-891c8686635f&gdpr=0&gdpr_consent=
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECaSRNoPo01wRvmxe5wHNGg&google_cver=1
Request Chain 206
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=vov.vn&sn=ChromeSyncframe&so=0&topUrl=vov.vn&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=ex-U33x5WEdHYVptOGpaOGpXbHhJWmJDYXZUbUliZjBpclM3TTBaNENWRW9IK1lUZ2ZSKzc4cmxMTyt6NHQ3QlpGNkZJeW9tMUpaLzRwU203dEZSZHYweEhpSE04SGY5Sy9ub2orTDYvVlVoSTBENEdmdi9SbGU3ZThrY0lsNFFrZVZ4VE1ORzhMdU9NbnVGS1cvazhXZ0lneGpyeG1Ib1dkOExDRUlhbU95blpaMHhNVXFiZ09nRUR4Yzk5WkhTNFEwbE1NL3c1QW9IQmJISnpyVlRrZ2ZXMHllK2JoeXRBOW0xS0x1VzlFcE1QNFBpRTEybVBKZ1N3NEM4dWxjbHh5dUs3cnFSSGNRc2J0dFVCeUZvZmxyU0xuZz09fA&cppv=2
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
Request Chain 212
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvWjGXEaGrshXuHbOhvpzwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBeYSZ4-8mQdmcLuwtd20fo&google_cver=1
Request Chain 214
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4NjQ2NjA1NDU5NDAzNjA2Ng%3D%3D
Request Chain 252
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTFmNGY0MzNlZWRhMGJlYjNmYmJjMTcxZjhkZGY5Yzg1YTU2YjdmZg
Request Chain 253
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZANblPmyQkOuMGNlgSqCxg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZANblPmyQkOuMGNlgSqCxg
Request Chain 254
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3d22c16a-ce31-46f0-ba9c-0283881e2ab7&gdpr=0&gdpr_consent=&expires=30
Request Chain 255
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=36uvk6_qSmWxZT4GSqu8uQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=36uvk6_qSmWxZT4GSqu8uQ
Request Chain 256
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQUjIyS1MtUy05OTg2
Request Chain 257
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 258
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/EQwEkHn49QotrJNqiB2pMA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7112488264129755622
Request Chain 259
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6PR22KS-S-9986
Request Chain 298
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-kxR4_62BgMou1tZZN2gaRWG1bxlf7EBsNCvSSA&google_cm&google_hm=ay1reFI0XzYyQmdNb3UxdFpaTjJnYVJXRzFieGxmN0VCc05DdlNTQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-kxR4_62BgMou1tZZN2gaRWG1bxlf7EBsNCvSSA&google_gid=CAESEEkeqa662BByZhuCWq009PY&google_cver=1&google_ula=913071,0

357 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
vov.vn/the-gioi/ho-so/ 		113 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.165 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
openresty/1.13.6.1 /
Resource Hash
5c2a8a5dbe48a5c3662ee74f56b39cfd84ec88fee38d826dc56c0a399e25934d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Aug 2022 00:47:10 GMT
Server
openresty/1.13.6.1
Transfer-Encoding
chunked
X-Cache
MISS
css_9DOmHaMcYRY3IebXTrBAceuegLLCsI2K4mvpQTblA_g.css
media.vov.vn/sites/default/files/css/ 		111 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.vov.vn/sites/default/files/css/css_9DOmHaMcYRY3IebXTrBAceuegLLCsI2K4mvpQTblA_g.css?rgcxdi
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
f433a61da31c61163721e6d74eb04071eb9e80b2c2b08d8ae26be94136e503f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:16 GMT
Last-Modified
Mon, 11 Jul 2022 17:11:27 GMT
ETag
"62cc59bf-1bd2d"
X-Cache
HIT1
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, private
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
113965
css
fonts.googleapis.com/ 		10 KB
930 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&subset=latin-ext,vietnamese
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5d9a4ca0188d78f1cc6eb5ad0033760e1786ca08a50215ac469df1d273571d05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 00:47:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 12 Aug 2022 00:47:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Aug 2022 00:47:10 GMT
css2
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
80409232f9b582176708c318dcc20882d2a456174e693bbf882b242b870bf26a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 00:39:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 12 Aug 2022 00:47:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Aug 2022 00:47:10 GMT
css2
fonts.googleapis.com/ 		10 KB
974 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f0d7a00a828fe1f8853436d4c8881a2e4d40f7a9bb3311c0b2111776b8a73f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 23:12:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 12 Aug 2022 00:47:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Aug 2022 00:47:10 GMT
css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css
media.vov.vn/sites/default/files/css/ 		219 KB
220 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
b9ff86039d12c6b5563b49c5431ce341656a7638d6b661b6ea1c59920faffc34

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:16 GMT
Last-Modified
Mon, 11 Jul 2022 17:06:51 GMT
ETag
"62cc58ab-36c90"
X-Cache
HIT1
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, private
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
224400
material-design-iconic-font.min.css
media.vov.vn/themes/custom/vovvn/css/ 		69 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.vov.vn/themes/custom/vovvn/css/material-design-iconic-font.min.css?rgcxdi
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:16 GMT
Last-Modified
Tue, 09 Aug 2022 14:23:44 GMT
ETag
"62f26df0-1149f"
X-Cache
HIT1
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, private
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
70815
css_94r_fYUbiiv5fOQhk6XSi5H7xQF-jcm5HZ3I_S4DDRM.css
media.vov.vn/sites/default/files/css/ 		568 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.vov.vn/sites/default/files/css/css_94r_fYUbiiv5fOQhk6XSi5H7xQF-jcm5HZ3I_S4DDRM.css?rgcxdi
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
f78aff7d851b8a2bf97ce42193a5d28b91fbc5017e8dc9b91d9dc8fd2e030d13

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:16 GMT
Last-Modified
Mon, 11 Jul 2022 17:07:12 GMT
ETag
"62cc58c0-238"
X-Cache
HIT1
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, private
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
568
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-309591-8
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8602f1e2bf75f91cda056da7bf9e9ba25840cdc28f7c327c442491be99c5d1db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41899
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Aug 2022 00:47:18 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-172506091-1
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ffd295700beb834726042d3b7c849e3e787ca36fbf94235d198390ffa8dad6d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41915
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Aug 2022 00:47:18 GMT
js
www.googletagmanager.com/gtag/ 		199 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VQWXBHQSVE
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
433eedd2f9e1d5a257fcce47fa5b22c6cfd84d18b935a56c9233c87a95e74e5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:18 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72379
x-xss-protection
0
expires
Fri, 12 Aug 2022 00:47:18 GMT
js
www.googletagmanager.com/gtag/ 		200 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R0R7MNMHTC
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2aa2e2d8593bfe09b1b748fe5fe725d86b0a11ddd678c76c0bfc3a89f343401
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:18 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72884
x-xss-protection
0
expires
Fri, 12 Aug 2022 00:47:18 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62587
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 07:24:03 GMT
openchrome.js
client.trackpush.com/ 		657 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.trackpush.com/openchrome.js?v=1.0
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.245.193.86 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
6332ba57848f230dceb8ca8fdaaec27ceda6ec9813d08d9cc25724263d5a33a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
public
Date
Fri, 12 Aug 2022 00:47:11 GMT
Last-Modified
Wed, 13 Apr 2022 04:24:45 GMT
Server
nginx
ETag
"6256508d-291"
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=600, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
657
Expires
Fri, 12 Aug 2022 00:57:11 GMT
js
www.googletagmanager.com/gtag/ 		203 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9VC6FCZGVJ
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f667ba6c4932c2393003a64ef56322a5cc9c7de1749d7c9c080d84de2d3b1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:18 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73896
x-xss-protection
0
expires
Fri, 12 Aug 2022 00:47:18 GMT
ats.js
anymind360.com/js/4594/ 		157 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/4594/ats.js
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9302a19a0ed688404b8bf49f31bd4f6390787f5e722242d5adf98030b3e5738e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:10 GMT
content-encoding
gzip
age
100234
x-guploader-uploadid
ADPycdsrWmo93snUcT9jgwfUV1ovEQ_5cuNYyF5iQ_ePSWBdEl_2hHJn8y58c6aY9XNbtjwEzYb4SlWFBA_7ypf7QcTOoQ
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
strict-transport-security
max-age=300
content-length
37132
x-served-by
cache-tyo11949-TYO, cache-mia11377-MIA
access-control-allow-origin
*
expires
Wed, 10 Aug 2022 20:56:36 GMT
last-modified
Mon, 08 Aug 2022 05:44:23 GMT
server
UploadServer
x-timer
S1660265230.356739,VS0,VE1
etag
"0fab6a95ddc8758f4cdac04fb2cb727e"
vary
Accept-Encoding
x-goog-hash
crc32c=dixOsA==, md5=D6tqld3IdY9M2sBPsstyfg==
x-goog-generation
1659937463708163
via
1.1 varnish, 1.1 varnish
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
37132
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-cache-hits
1, 1
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eeefc979d471d56bf055ad4baa0a9d8f663f32326b6d0171bb9b1737af25983c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://vov.vn/
Origin
https://vov.vn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
JF3iKKCd1ehluHL6r3VLkQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
VHZDlPBCUiVb2rmBDqE7RpIjQ7DKTcV/1L8JT+Q9fv0pjs2BrM7WhNpie9MEZJqWErYXRwrdcCyjz6uOxfIG+A==
x-fb-trip-id
1512268381
x-fb-content-md5
56ed863b0f5e29360155ec42c8f2573c
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 12 Aug 2022 00:47:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"a4be9941544e26a08152fa71443fa0c6"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 12 Aug 2022 00:57:19 GMT
sdk.js
sp.zalo.me/plugins/ 		105 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sp.zalo.me/plugins/sdk.js
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.114.132 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
20edc379e39d60fe077b2cffad678c37686f5a2984cda7cb0ad424232484b67d
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:11 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
server
za-ngx-srv
etag
cbc6013bb2eeee269197cfbcfe0d1818--gzip
strict-transport-security
max-age=86400
content-type
text/javascript;charset=utf-8
logo.svg
media.vov.vn/themes/custom/vovvn/
Redirect Chain
  • https://vov.vn/themes/custom/vovvn/logo.svg
  • https://media.vov.vn/themes/custom/vovvn/logo.svg
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/themes/custom/vovvn/logo.svg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
3a482fa256d60f77147c02d3e17ae7aa8662601bd2aa6bef45801c825551e665

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:18 GMT
Last-Modified
Mon, 13 Jun 2022 15:22:30 GMT
ETag
"62a75636-10d6"
X-Cache
HIT
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
4310

Redirect headers

Location
https://media.vov.vn/themes/custom/vovvn/logo.svg
Date
Fri, 12 Aug 2022 00:47:18 GMT
X-Cache-HPC
BYPASS
Server
openresty/1.13.6.1
Connection
keep-alive
Content-Length
142
Content-Type
text/html
Azerbaijan-Gruzia-Tho%20Nhi%20Ky%2C%20duong%20ong%20dau%20khi%2C%20-Thomas%20Blomberg.jpg
media.vov.vn/sites/default/files/styles/large/public/2020-10/ 		413 KB
414 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/sites/default/files/styles/large/public/2020-10/Azerbaijan-Gruzia-Tho%20Nhi%20Ky%2C%20duong%20ong%20dau%20khi%2C%20-Thomas%20Blomberg.jpg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
806647740005d961ce28ec61f72cb3b5058b0bd81469c7273b5a7cc01eb7bd82
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:18 GMT
Last-Modified
Wed, 14 Oct 2020 10:13:58 GMT
ETag
"5f86cf66-67541"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Access-Control-Allow-Credentials
true
X-Cache
HIT1
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1659337191
Content-Length
423233
X-XSS-Protection
1; mode=block
Expires
Mon, 08 Aug 2022 08:31:47 GMT
duong%20ong%20khi%20dot%20-The%20Hill.jpg
media.vov.vn/sites/default/files/styles/entity_browser_thumbnail/public/2022-07/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/sites/default/files/styles/entity_browser_thumbnail/public/2022-07/duong%20ong%20khi%20dot%20-The%20Hill.jpg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
6d4f2336f8e07d11dd3faf5ddaa4a30544fa03fd4f6019b03c0002536c6487ca
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:18 GMT
Last-Modified
Fri, 22 Jul 2022 09:31:39 GMT
ETag
"62da6e7b-eac1"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800, private
Access-Control-Allow-Credentials
true
X-Cache
HIT1
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1659337191
Content-Length
60097
X-XSS-Protection
1; mode=block
Expires
Mon, 08 Aug 2022 07:17:24 GMT
duong+ong+khi+dot+-The+Hill.jpg
media.vov.vn/sites/default/files/styles/front_large/public/2022-07/
Redirect Chain
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-07/duong+ong+khi+dot+-The+Hill.jpg
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-07/duong+ong+khi+dot+-The+Hill.jpg
230 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-07/duong+ong+khi+dot+-The+Hill.jpg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
6356c51df7acc5561abc7b82f4ec4df73009c61aaa94499272e581fb0104b7fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:19 GMT
X-Content-Type-Options
nosniff
X-Cache
HIT
Connection
keep-alive
X-Cache-Version
1659337191
Content-Length
235552
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Fri, 22 Jul 2022 09:37:15 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-language
vi
Access-Control-Allow-Origin
*
Cache-Control
public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-07/duong+ong+khi+dot+-The+Hill.jpg
Date
Fri, 12 Aug 2022 00:47:18 GMT
X-Cache-HPC
BYPASS
Server
openresty/1.13.6.1
Connection
keep-alive
Content-Length
142
Content-Type
text/html
tong+thong+Nga+Putin+-Haaretz.jpg
media.vov.vn/sites/default/files/styles/front_large/public/2022-07/
Redirect Chain
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-07/tong+thong+Nga+Putin+-Haaretz.jpg
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-07/tong+thong+Nga+Putin+-Haaretz.jpg
171 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-07/tong+thong+Nga+Putin+-Haaretz.jpg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
50318eb78e0128f216af4f358ba85c43373351893efa2f682320690c0ef8499b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:19 GMT
X-Content-Type-Options
nosniff
X-Cache
HIT1
Connection
keep-alive
X-Cache-Version
1659337191
Content-Length
175540
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Mon, 18 Jul 2022 08:37:47 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-language
vi
Access-Control-Allow-Origin
*
Cache-Control
public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-07/tong+thong+Nga+Putin+-Haaretz.jpg
Date
Fri, 12 Aug 2022 00:47:18 GMT
X-Cache-HPC
BYPASS
Server
openresty/1.13.6.1
Connection
keep-alive
Content-Length
142
Content-Type
text/html
khi+dot+duong+ong+van+khoa+-Onurdongel.jpg
media.vov.vn/sites/default/files/styles/front_large/public/2022-05/
Redirect Chain
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-05/khi+dot+duong+ong+van+khoa+-Onurdongel.jpg
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-05/khi+dot+duong+ong+van+khoa+-Onurdongel.jpg
192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-05/khi+dot+duong+ong+van+khoa+-Onurdongel.jpg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
0a33d6ab75f6282378f5009e2c25a6c4690d93d57f265eab8a73c1b8c303afee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:19 GMT
X-Content-Type-Options
nosniff
X-Cache
HIT1
Connection
keep-alive
X-Cache-Version
1659337191
Content-Length
196187
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Tue, 03 May 2022 04:28:36 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-language
vi
Access-Control-Allow-Origin
*
Cache-Control
public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-05/khi+dot+duong+ong+van+khoa+-Onurdongel.jpg
Date
Fri, 12 Aug 2022 00:47:18 GMT
X-Cache-HPC
BYPASS
Server
openresty/1.13.6.1
Connection
keep-alive
Content-Length
142
Content-Type
text/html
khai+thac+dau+mo+Nga+-bloomberg.jpg
media.vov.vn/sites/default/files/styles/front_large/public/2022-05/
Redirect Chain
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-05/khai+thac+dau+mo+Nga+-bloomberg.jpg
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-05/khai+thac+dau+mo+Nga+-bloomberg.jpg
221 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-05/khai+thac+dau+mo+Nga+-bloomberg.jpg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
a5ad33a8eea9b09b6f523826ba2a52699b57c8add74fda41b2017120636bde36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:19 GMT
X-Content-Type-Options
nosniff
X-Cache
HIT1
Connection
keep-alive
X-Cache-Version
1659337191
Content-Length
226150
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Sun, 08 May 2022 23:31:56 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-language
vi
Access-Control-Allow-Origin
*
Cache-Control
public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-05/khai+thac+dau+mo+Nga+-bloomberg.jpg
Date
Fri, 12 Aug 2022 00:47:19 GMT
X-Cache-HPC
BYPASS
Server
openresty/1.13.6.1
Connection
keep-alive
Content-Length
142
Content-Type
text/html
khi+dot+-pixnio.jpg
media.vov.vn/sites/default/files/styles/front_large/public/2022-05/
Redirect Chain
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-05/khi+dot+-pixnio.jpg
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-05/khi+dot+-pixnio.jpg
135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-05/khi+dot+-pixnio.jpg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
935a893f16da16e86d0317d745376706809bc854d59085b6f7cbfdf79a538ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:19 GMT
X-Content-Type-Options
nosniff
X-Cache
HIT1
Connection
keep-alive
X-Cache-Version
1659337191
Content-Length
138314
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Tue, 03 May 2022 08:53:30 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-language
vi
Access-Control-Allow-Origin
*
Cache-Control
public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-05/khi+dot+-pixnio.jpg
Date
Fri, 12 Aug 2022 00:47:19 GMT
X-Cache-HPC
BYPASS
Server
openresty/1.13.6.1
Connection
keep-alive
Content-Length
142
Content-Type
text/html
Azerbaijan+cung+cap+dau+khi+thay+Nga+cho+chau+Au+xuyen+Adriatic+-asia+times.jpg
media.vov.vn/sites/default/files/styles/front_large/public/2022-03/
Redirect Chain
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-03/Azerbaijan+cung+cap+dau+khi+thay+Nga+cho+chau+Au+xuyen+Adriatic+-asia+times.jpg
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-03/Azerbaijan+cung+cap+dau+khi+thay+Nga+cho+chau+Au+xuyen+Adriatic+-asia+times.jpg
183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-03/Azerbaijan+cung+cap+dau+khi+thay+Nga+cho+chau+Au+xuyen+Adriatic+-asia+times.jpg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
e2e8812c842a9bc9445c56d5f3276a9f5b7cfd237e78f4244f69bc0636440fe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:20 GMT
X-Content-Type-Options
nosniff
X-Cache
HIT1
Connection
keep-alive
X-Cache-Version
1659337191
Content-Length
187423
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Wed, 02 Mar 2022 23:31:17 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-language
vi
Access-Control-Allow-Origin
*
Cache-Control
public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-03/Azerbaijan+cung+cap+dau+khi+thay+Nga+cho+chau+Au+xuyen+Adriatic+-asia+times.jpg
Date
Fri, 12 Aug 2022 00:47:19 GMT
X-Cache-HPC
BYPASS
Server
openresty/1.13.6.1
Connection
keep-alive
Content-Length
142
Content-Type
text/html
Azerbaijan-Gruzia-Tho+Nhi+Ky%2C+duong+ong+dau+khi%2C+-Thomas+Blomberg.jpg
media.vov.vn/sites/default/files/styles/front_large/public/2020-10/
Redirect Chain
  • https://vov.vn/sites/default/files/styles/front_large/public/2020-10/Azerbaijan-Gruzia-Tho+Nhi+Ky%2C+duong+ong+dau+khi%2C+-Thomas+Blomberg.jpg
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2020-10/Azerbaijan-Gruzia-Tho+Nhi+Ky%2C+duong+ong+dau+khi%2C+-Thomas+Blomberg.jpg
185 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/sites/default/files/styles/front_large/public/2020-10/Azerbaijan-Gruzia-Tho+Nhi+Ky%2C+duong+ong+dau+khi%2C+-Thomas+Blomberg.jpg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
9b7a626aa9907df69a454ef83cd3605265ef2671522307c5ce21b0414abfe50a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:20 GMT
X-Content-Type-Options
nosniff
X-Cache
HIT1
Connection
keep-alive
X-Cache-Version
1659337191
Content-Length
189800
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Wed, 14 Oct 2020 23:32:59 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-language
vi
Access-Control-Allow-Origin
*
Cache-Control
public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
https://media.vov.vn/sites/default/files/styles/front_large/public/2020-10/Azerbaijan-Gruzia-Tho+Nhi+Ky%2C+duong+ong+dau+khi%2C+-Thomas+Blomberg.jpg
Date
Fri, 12 Aug 2022 00:47:20 GMT
X-Cache-HPC
BYPASS
Server
openresty/1.13.6.1
Connection
keep-alive
Content-Length
142
Content-Type
text/html
Putin+doa+khoa+van+khi+dot+voi+nhung+nuoc+khong+chiu+thanh+toan+bang+rup+-insideGermany.jpg
media.vov.vn/sites/default/files/styles/front_large/public/2022-05/
Redirect Chain
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-05/Putin+doa+khoa+van+khi+dot+voi+nhung+nuoc+khong+chiu+thanh+toan+bang+rup+-insideGermany.jpg
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-05/Putin+doa+khoa+van+khi+dot+voi+nhung+nuoc+khong+chiu+thanh+toan+bang+rup+-insideGermany.jpg
200 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-05/Putin+doa+khoa+van+khi+dot+voi+nhung+nuoc+khong+chiu+thanh+toan+bang+rup+-insideGermany.jpg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
6a49235d2b9eea91b2c07354015ee12542e88b3275fbc9f6f2cc4aa2eef6cbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:20 GMT
X-Content-Type-Options
nosniff
X-Cache
HIT1
Connection
keep-alive
X-Cache-Version
1659337191
Content-Length
205148
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Sun, 01 May 2022 23:32:10 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-language
vi
Access-Control-Allow-Origin
*
Cache-Control
public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-05/Putin+doa+khoa+van+khi+dot+voi+nhung+nuoc+khong+chiu+thanh+toan+bang+rup+-insideGermany.jpg
Date
Fri, 12 Aug 2022 00:47:20 GMT
X-Cache-HPC
BYPASS
Server
openresty/1.13.6.1
Connection
keep-alive
Content-Length
142
Content-Type
text/html
UAV+Tho+Nhi+Ky+TB2+dau+tren+san+bay+-Anadolu.jpg
media.vov.vn/sites/default/files/styles/front_large/public/2022-08/
Redirect Chain
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-08/UAV+Tho+Nhi+Ky+TB2+dau+tren+san+bay+-Anadolu.jpg
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/UAV+Tho+Nhi+Ky+TB2+dau+tren+san+bay+-Anadolu.jpg
191 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/UAV+Tho+Nhi+Ky+TB2+dau+tren+san+bay+-Anadolu.jpg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
a06e7217aebfa1b5eb5192cdfa50ebd6200b8f8920f426b6e6cefa13af2f8a67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:18 GMT
X-Content-Type-Options
nosniff
X-Cache
HIT
Connection
keep-alive
X-Cache-Version
1659337191
Content-Length
196019
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 11 Aug 2022 23:17:29 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-language
vi
Access-Control-Allow-Origin
*
Cache-Control
public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/UAV+Tho+Nhi+Ky+TB2+dau+tren+san+bay+-Anadolu.jpg
Date
Fri, 12 Aug 2022 00:47:18 GMT
X-Cache-HPC
BYPASS
Server
openresty/1.13.6.1
Connection
keep-alive
Content-Length
142
Content-Type
text/html
tay_ban_nha.jpg
media.vov.vn/sites/default/files/styles/front_large/public/2022-08/
Redirect Chain
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-08/tay_ban_nha.jpg
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/tay_ban_nha.jpg
233 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/tay_ban_nha.jpg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
24e1357326ece12aba01dd718a9b7af4f14d6e259ff0ddc22c6af015e62cffe8
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:18 GMT
Last-Modified
Thu, 11 Aug 2022 10:29:15 GMT
ETag
"62f4d9fb-3a4e4"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Access-Control-Allow-Credentials
true
X-Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1659337191
Content-Length
238820
X-XSS-Protection
1; mode=block
Expires
Thu, 18 Aug 2022 10:29:36 GMT

Redirect headers

Location
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/tay_ban_nha.jpg
Date
Fri, 12 Aug 2022 00:47:18 GMT
X-Cache-HPC
BYPASS
Server
openresty/1.13.6.1
Connection
keep-alive
Content-Length
142
Content-Type
text/html
dien+thoai+thong+minh+Trung+Quoc+Xiaomi+o+An+Do+-afp.jpg
media.vov.vn/sites/default/files/styles/front_large/public/2022-08/
Redirect Chain
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-08/dien+thoai+thong+minh+Trung+Quoc+Xiaomi+o+An+Do+-afp.jpg
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/dien+thoai+thong+minh+Trung+Quoc+Xiaomi+o+An+Do+-afp.jpg
163 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/dien+thoai+thong+minh+Trung+Quoc+Xiaomi+o+An+Do+-afp.jpg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
c9fa2e4b61048c9e857afd3378a315c2504c3a8d069814fa0d4be83ffa196a1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:20 GMT
X-Content-Type-Options
nosniff
X-Cache
HIT1
Connection
keep-alive
X-Cache-Version
1659337191
Content-Length
166844
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Fri, 12 Aug 2022 00:15:30 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-language
vi
Access-Control-Allow-Origin
*
Cache-Control
public, private
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/dien+thoai+thong+minh+Trung+Quoc+Xiaomi+o+An+Do+-afp.jpg
Date
Fri, 12 Aug 2022 00:47:20 GMT
X-Cache-HPC
BYPASS
Server
openresty/1.13.6.1
Connection
keep-alive
Content-Length
142
Content-Type
text/html
han_quoc5.jpg
media.vov.vn/sites/default/files/styles/front_large/public/2022-08/
Redirect Chain
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-08/han_quoc5.jpg
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/han_quoc5.jpg
220 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/han_quoc5.jpg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
b810929a6c76aaadf658d867b180fd8bc0063befe42d741585cf9434d15a28b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:20 GMT
X-Content-Type-Options
nosniff
X-Cache
HIT1
Connection
keep-alive
X-Cache-Version
1659337191
Content-Length
224989
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 11 Aug 2022 04:33:09 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-language
vi
Access-Control-Allow-Origin
*
Cache-Control
public
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/han_quoc5.jpg
Date
Fri, 12 Aug 2022 00:47:20 GMT
X-Cache-HPC
BYPASS
Server
openresty/1.13.6.1
Connection
keep-alive
Content-Length
142
Content-Type
text/html
Cover+China+Nato.jpg
media.vov.vn/sites/default/files/styles/front_large/public/2022-08/
Redirect Chain
  • https://vov.vn/sites/default/files/styles/front_large/public/2022-08/Cover+China+Nato.jpg
  • https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/Cover+China+Nato.jpg
205 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/Cover+China+Nato.jpg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
53bb483556a32347d9608c848248b33abb64562623e11a9e25a31faa515e5889
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:21 GMT
X-Content-Type-Options
nosniff
X-Cache
HIT1
Connection
keep-alive
X-Cache-Version
1659337191
Content-Length
209425
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Tue, 09 Aug 2022 23:29:11 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-language
vi
Access-Control-Allow-Origin
*
Cache-Control
public, private
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
image/jpeg

Redirect headers

Location
https://media.vov.vn/sites/default/files/styles/front_large/public/2022-08/Cover+China+Nato.jpg
Date
Fri, 12 Aug 2022 00:47:20 GMT
X-Cache-HPC
BYPASS
Server
openresty/1.13.6.1
Connection
keep-alive
Content-Length
142
Content-Type
text/html
emagazine.png
media.vov.vn/themes/custom/vovvn/images/marker/
Redirect Chain
  • https://vov.vn/themes/custom/vovvn/images/marker/emagazine.png
  • https://media.vov.vn/themes/custom/vovvn/images/marker/emagazine.png
29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/themes/custom/vovvn/images/marker/emagazine.png
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
6cda16e3ee56dbd7bcaa8378a128ff67a72fbb6ef90163c13cdbc29e5437fc7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:21 GMT
Last-Modified
Mon, 13 Jun 2022 15:22:30 GMT
ETag
"62a75636-75fb"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
30203

Redirect headers

Location
https://media.vov.vn/themes/custom/vovvn/images/marker/emagazine.png
Date
Fri, 12 Aug 2022 00:47:20 GMT
X-Cache-HPC
BYPASS
Server
openresty/1.13.6.1
Connection
keep-alive
Content-Length
142
Content-Type
text/html
logo-white.png
media.vov.vn/themes/custom/vovvn/images/logo/
Redirect Chain
  • https://vov.vn/themes/custom/vovvn/images/logo/logo-white.png
  • https://media.vov.vn/themes/custom/vovvn/images/logo/logo-white.png
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/themes/custom/vovvn/images/logo/logo-white.png
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
857559b2cf5e594aca06f430ddc82544e6eebf369ec3691da5c9b567f19d4c5a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:21 GMT
Last-Modified
Mon, 13 Jun 2022 15:22:30 GMT
ETag
"62a75636-9c7"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
2503

Redirect headers

Location
https://media.vov.vn/themes/custom/vovvn/images/logo/logo-white.png
Date
Fri, 12 Aug 2022 00:47:21 GMT
X-Cache-HPC
BYPASS
Server
openresty/1.13.6.1
Connection
keep-alive
Content-Length
142
Content-Type
text/html
handle_cert
tinnhiemmang.vn/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tinnhiemmang.vn/handle_cert?id=vov.vn
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2c03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.27
Resource Hash
16b4c4ae30c6809bf7f077dd66b809c0087d5776694150785f79ab9df83a7b5a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:18 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21092
x-powered-by
PHP/7.4.27
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23342
x-served-by
tinnhiemmang.vn
last-modified
Thu, 11 Aug 2022 18:55:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GRx6vInN%2B2eIbu8rIDr1AQvfML7Av8MGo8FW2edQdLCd72JQJOGH6sQ5%2FxXUbcPikcsH%2FKA7ivW%2BH6knWAsNVD9BVvRXdAeodrIS8TpOrPE1w44YI4vixIyrPD%2Bpgd1LoeBITIFmQw1e1kbKaw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
739532ea9c2c8dde-MIA
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2395132
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13972
timing-allow-origin
*
last-modified
Sat, 14 Aug 2021 20:33:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61182885-3694"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWiobGw%2F%2FkEW7JhbnkFbKLoBUZLkyuJuKpGd6RidyMojwP3um%2Fn0GUSsH7hNsHJIXvA0OfwCBNmnWm8iEREC%2Bo5ddIap%2FmKHhoVMRwO4YAK7wOE6pAJOsFX748C1nPJSpDpNsvBqXJIOpiEaoL6ft%2FQp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
739532e6bbcd8da6-MIA
expires
Wed, 02 Aug 2023 00:47:17 GMT
XkJ6ZRQd.js
cdn.jwplayer.com/libraries/ 		114 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/XkJ6ZRQd.js
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:1200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
71a8a267f7ce056d32a57f8193ea03090a5afecfee854d51d7e68621799baf5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:17 GMT
content-encoding
gzip
server
openresty
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
content-length
41141
via
1.1 9b6576d35a1a9eda48ee30caf8cac918.cloudfront.net (CloudFront)
x-amz-cf-id
AhMySElToyVaGLh2gbHp0xSph0SqX0OS22a0U1d0ZGjJydmGZMWCDw==
js_I8SF2WufOERUd05wBahr86VkigSQlxTm7jg6urfWFwY.js
media.vov.vn/sites/default/files/js/ 		747 KB
747 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.vov.vn/sites/default/files/js/js_I8SF2WufOERUd05wBahr86VkigSQlxTm7jg6urfWFwY.js
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
23c485d96b9f384454774e7005a86bf3a5648a04909714e6ee383abab7d61706

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:17 GMT
Last-Modified
Wed, 03 Aug 2022 17:11:29 GMT
ETag
"62eaac41-bac10"
X-Cache
HIT1
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, private
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
764944
embed.js
vov.vn/account/js/ 		34 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vov.vn/account/js/embed.js
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.165 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
openresty/1.13.6.1 /
Resource Hash
1442ced39052938f4c9efda468770d373f8a5a3c8827763c652a9cb40400b63a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:17 GMT
Last-Modified
Fri, 20 May 2022 16:29:59 GMT
Server
openresty/1.13.6.1
ETag
"88f2-5df74005f4fc0"
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Cache-control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35058
ba298f04.js
aj1559.online/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aj1559.online/ba298f04.js
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.8 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
37f7c4b38a64b435ed6905a19bcef83630ee35ed6d67ddbe95e9bb9c9f4b305f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:18 GMT
content-encoding
gzip
transfer-encoding
chunked
accept-ranges
bytes
etag
"0cf82d3be69744cb2ffb2c5728bdb79f2"
vary
Accept-Encoding
content-type
application/javascript
v1.js
api.trackpush.com/sdk/native/ 		16 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.trackpush.com/sdk/native/v1.js?pid=WprvbyO8vzYWh95Vka8gZg&class=_2f1ed274c3
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.245.193.86 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b91ecf6675989f6762056cc0d43c1915f60b1a6307e1bfd9002c94a58350b152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 00:47:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
DENY
Content-Type
text/javascript
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
0
v3.js
api.trackpush.com/sdk/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.trackpush.com/sdk/v3.js?pid=rysvZCvZgU82xQ6MxFRNzQ%3D%3D&sw_uri=%2Fservice-worker.js
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.245.193.86 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
81953b50dce4d31c439aab8c6f427606b32720f3eedab411fbfd3b41b83ee507
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 00:47:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
DENY
Content-Type
text/javascript
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158497/5589/ 		245 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158497/5589/pwt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4594/ats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-109-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e9325b21c875d67182d7625737ff741790affa248b5544484f52e1a21726764c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:18 GMT
content-encoding
gzip
last-modified
Tue, 28 Sep 2021 10:18:21 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=78632
accept-ranges
bytes
content-type
application/javascript
content-length
77234
expires
Fri, 12 Aug 2022 22:37:50 GMT
smart.js
ced.sascdn.com/tag/2060/ 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/2060/smart.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4594/ats.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.215.130.57 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-130-57.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
820522831608c41ff97616151a4ac52dbd5f39a46f3029c2f5fc2717a1ccc261

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
32015
Expires
Fri, 12 Aug 2022 01:02:18 GMT
za.js
za.zdn.vn/v3/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://za.zdn.vn/v3/za.js?19216
Requested by
Host: sp.zalo.me
URL: https://sp.zalo.me/plugins/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
120.138.69.5 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
ptr.vng.vn
Software
nginx /
Resource Hash
283c6e49992d2a00cc6e9eb88668b65be994b1c6e907dc561854869c21fa8251

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:19 GMT
content-encoding
gzip
last-modified
Mon, 10 Jan 2022 09:12:24 GMT
server
nginx
age
36998
etag
W/"61dbf878-4f41"
content-type
application/javascript
access-control-allow-origin
*
content-length
7910
icon-facebook.png
media.vov.vn/themes/custom/vovvn/images/icon/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/themes/custom/vovvn/images/icon/icon-facebook.png
Requested by
Host: media.vov.vn
URL: https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
550284aa93c332926cc637979a6d785cbe00162ee87e1b0fcd568db13a1bc645

Request headers

accept-language
en-US,en;q=0.9
Referer
https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:18 GMT
Last-Modified
Mon, 13 Jun 2022 15:22:30 GMT
ETag
"62a75636-8f3"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
2291
icon-tiktok.png
media.vov.vn/themes/custom/vovvn/images/icon/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/themes/custom/vovvn/images/icon/icon-tiktok.png
Requested by
Host: media.vov.vn
URL: https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
bb669283a522410a777163d44a8b606d7111144ad08496c7295234662b0ba30f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:18 GMT
Last-Modified
Mon, 13 Jun 2022 15:22:30 GMT
ETag
"62a75636-1418"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
5144
icon-youtube.png
media.vov.vn/themes/custom/vovvn/images/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/themes/custom/vovvn/images/icon/icon-youtube.png
Requested by
Host: media.vov.vn
URL: https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
926287d07b30027ab67c5f190cf0cafad7576f872cd3477428914a667c11e162

Request headers

accept-language
en-US,en;q=0.9
Referer
https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:18 GMT
Last-Modified
Mon, 13 Jun 2022 15:22:30 GMT
ETag
"62a75636-80b"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
2059
icon-zalo.png
media.vov.vn/themes/custom/vovvn/images/icon/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/themes/custom/vovvn/images/icon/icon-zalo.png
Requested by
Host: media.vov.vn
URL: https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
24450ce9779c59ea2b478c9d457988c98a3b21b9a6d3f09834d1dc053a9c025e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:18 GMT
Last-Modified
Mon, 13 Jun 2022 15:22:30 GMT
ETag
"62a75636-d9a"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
3482
icon-lwplay.png
media.vov.vn/themes/custom/vovvn/images/icon/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/themes/custom/vovvn/images/icon/icon-lwplay.png
Requested by
Host: media.vov.vn
URL: https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
11e452924943513493a66c2c1b0e5b164299c249107199b1892dae689c51b860

Request headers

accept-language
en-US,en;q=0.9
Referer
https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:18 GMT
Last-Modified
Mon, 13 Jun 2022 15:22:30 GMT
ETag
"62a75636-c04"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
3076
icon-home.png
media.vov.vn/themes/custom/vovvn/images/icon/ 		944 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/themes/custom/vovvn/images/icon/icon-home.png
Requested by
Host: media.vov.vn
URL: https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
6d4f4d25669afed7b3dd615c9bf3a8b09e88385b3f6603cfde489305129b5c2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:18 GMT
Last-Modified
Mon, 13 Jun 2022 15:22:30 GMT
ETag
"62a75636-3b0"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
944
Material-Design-Iconic-Font.woff2
media.vov.vn/themes/custom/vovvn/fonts/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.vov.vn/themes/custom/vovvn/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
Requested by
Host: media.vov.vn
URL: https://media.vov.vn/themes/custom/vovvn/css/material-design-iconic-font.min.css?rgcxdi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c

Request headers

Referer
https://media.vov.vn/themes/custom/vovvn/css/material-design-iconic-font.min.css?rgcxdi
Origin
https://vov.vn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:18 GMT
Last-Modified
Mon, 13 Jun 2022 15:22:30 GMT
ETag
"62a75636-95f0"
X-Cache
HIT
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
38384
icon-navigation.png
media.vov.vn/themes/custom/vovvn/images/icon/ 		280 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/themes/custom/vovvn/images/icon/icon-navigation.png
Requested by
Host: media.vov.vn
URL: https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
e739ec6ff84119fd2ff9afecbc11d963b9d742b2f49d5b7bb92172a21baf68ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:18 GMT
Last-Modified
Mon, 13 Jun 2022 15:22:30 GMT
ETag
"62a75636-118"
X-Cache
HIT1
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
280
zalo-blue.png
media.vov.vn/themes/custom/vovvn/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.vov.vn/themes/custom/vovvn/images/zalo-blue.png
Requested by
Host: media.vov.vn
URL: https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
a6832120b19605e15e913ddd291b579a8cbd204f719f368027bb9455457900a7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:18 GMT
Last-Modified
Mon, 13 Jun 2022 15:22:30 GMT
ETag
"62a75636-3a7e"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
14974
SVN-Gilroy-Bold.otf
media.vov.vn/themes/custom/vovvn/fonts/ 		100 KB
100 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.vov.vn/themes/custom/vovvn/fonts/SVN-Gilroy-Bold.otf
Requested by
Host: media.vov.vn
URL: https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
e8d146923563b38c695608590a6aea421e1a1f570001e894a1fd672dc2a50761

Request headers

Referer
https://media.vov.vn/sites/default/files/css/css_uf-GA50SxrVWO0nFQxzjQWVqdjjWtmG26hxZkg-v_DQ.css?rgcxdi
Origin
https://vov.vn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:18 GMT
Last-Modified
Mon, 13 Jun 2022 15:22:30 GMT
ETag
"62a75636-18ed8"
X-Cache
HIT1
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, private
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
102104
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v30/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d0b66b37ca3971d9a388ec2d67f60ded0e6672eb87934927ea4a5c03c512129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vov.vn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:34:58 GMT
x-content-type-options
nosniff
age
231140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12780
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:55:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 08:34:58 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZVsf6hPvhPUWH.woff2
fonts.gstatic.com/s/merriweather/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6hPvhPUWH.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b6da44a698ee6beff0605081def139725a34763c80763ac748282bdda94ecae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vov.vn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Tue, 09 Aug 2022 04:01:41 GMT
x-content-type-options
nosniff
age
247537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11884
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:55:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 04:01:41 GMT
u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
fonts.gstatic.com/s/merriweather/v30/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75a101a7c3214c232948e4251501543cb799110b868d79c0d5e820add0de292d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vov.vn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 08 Aug 2022 22:54:37 GMT
x-content-type-options
nosniff
age
265961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12832
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 22:54:37 GMT
sdk.js
connect.facebook.net/en_US/ 		297 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=638c4a7f2986130b5ad53705fa6a968d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e839d8725520ca74b4e05179702b040d28dc2f7922e899c3d37cbafbf2e7e345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://vov.vn/
Origin
https://vov.vn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Vt6uR4QgIzJdiJ+lIpXhQQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86387
x-fb-rlafr
0
x-fb-debug
PiTBmblvUL2eD79njxmtoAG7lseSE2e7wkB1gLjCQW4EAtzI2tQ2Hwu3J6LsJFD/cim2QtNDwG0R2A7k3uIOig==
x-fb-trip-id
1512268381
x-fb-content-md5
8b5d63f71cb82c1f72eeb7ee5a124d7e
x-frame-options
DENY
date
Fri, 12 Aug 2022 00:47:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"df4f87c2da4388e87856148eae39d88d"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 11 Aug 2023 22:23:02 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-309591-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6297
date
Thu, 11 Aug 2022 23:02:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 12 Aug 2022 01:02:21 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-172506091-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-309591-8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fe971367304435d4ec562924c649882f0c9a93211a5811863fb85e92b2e81090
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41937
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Aug 2022 00:47:18 GMT
js
www.googletagmanager.com/gtag/ 		199 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VQWXBHQSVE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-309591-8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
66f197b9ed598c58a68c1a7fbcba1ef703506a90f96699a9971cb3e51108d90a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:18 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72478
x-xss-protection
0
expires
Fri, 12 Aug 2022 00:47:18 GMT
js
www.googletagmanager.com/gtag/ 		200 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R0R7MNMHTC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-309591-8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c79eacf289f2ab7d458b1a59e030358876c99b7c759c55581b68e6d0d6b36ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:18 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72943
x-xss-protection
0
expires
Fri, 12 Aug 2022 00:47:18 GMT
js
www.googletagmanager.com/gtag/ 		200 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9VC6FCZGVJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-309591-8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa5df7bd56c1820436f0871bccc1dd8c5bf4250d46ff5e6f2ee901d5f32d21d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:18 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72994
x-xss-protection
0
expires
Fri, 12 Aug 2022 00:47:18 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZV8f6hPvhPUWH.woff2
fonts.gstatic.com/s/merriweather/v30/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZV8f6hPvhPUWH.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05aed07cc2a3c9ebe2bf2634c7524a0bca04f6a254d5430e51a3e95b8e34ad82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vov.vn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 08 Aug 2022 23:28:53 GMT
x-content-type-options
nosniff
age
263905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4456
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:55:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 23:28:53 GMT
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2231789990407982&ev=fb_page_view&dl=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&rl=&if=false&ts=1660265238324&sw=1600&sh=1200&at=
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:18 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 12 Aug 2022 00:47:18 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4594/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
f1355f4915842bc311d2823acfefeb10677d43af3e20c1af3fec642ce01bf988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28673
x-xss-protection
0
server
sffe
etag
"1301 / 13 of 1000 / last-modified: 1660255544"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 12 Aug 2022 00:47:19 GMT
prebid_2022_8_8_5_44_7.js
anymind360.com/js/4594/ 		213 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/4594/prebid_2022_8_8_5_44_7.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4594/ats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c54704428b53bafd4cbb2402ac71762c255069a0128f0c0ce06907a5979ad34b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:18 GMT
content-encoding
gzip
age
95248
x-guploader-uploadid
ADPycdv5jBg7uenU-bAfwyRKeYeU3HnUz_Fr6k5j7TrOIq6oe4O4hEZCgyX1b-ma9Wgl5W-AgBcNTGARL6d4nkZfJsmtwQ
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
strict-transport-security
max-age=300
content-length
65221
x-served-by
cache-tyo11943-TYO, cache-mia11377-MIA
access-control-allow-origin
*
expires
Tue, 09 Aug 2022 22:16:09 GMT
last-modified
Mon, 08 Aug 2022 05:44:23 GMT
server
UploadServer
x-timer
S1660265238.359631,VS0,VE3
etag
"0ffbfe743d01ea8242def83615408c6b"
vary
Accept-Encoding
x-goog-hash
crc32c=TFlxtA==, md5=D/v+dD0B6oJC3vg2FUCMaw==
x-goog-generation
1659937463828568
via
1.1 varnish, 1.1 varnish
access-control-expose-headers
Content-Type
cache-control
max-age=31536000, public
x-goog-stored-content-length
65221
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-cache-hits
1, 1
collect
analytics.google.com/g/ 		0
341 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R0R7MNMHTC&gtm=2oe880&_p=1768630388&_gaz=1&cid=1875797282.1660265238&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660265238&sct=1&seg=0&dl=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&dt=Azerbaijan%20-%20t%C3%A2m%20%C4%91i%E1%BB%83m%20chi%E1%BA%BFn%20l%C6%B0%E1%BB%A3c%20d%E1%BA%A7u%20kh%C3%AD%20c%E1%BB%A7a%20M%E1%BB%B9%20trong%20b%E1%BB%91i%20c%E1%BA%A3nh%20xung%20%C4%91%E1%BB%99t%20Ukraine&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R0R7MNMHTC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vov.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
341 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R0R7MNMHTC&cid=1875797282.1660265238&gtm=2oe880&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R0R7MNMHTC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vov.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-9VC6FCZGVJ&gtm=2oe880&_p=1768630388&_gaz=1&cid=1875797282.1660265238&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660265238&sct=1&seg=0&dl=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&dt=Azerbaijan%20-%20t%C3%A2m%20%C4%91i%E1%BB%83m%20chi%E1%BA%BFn%20l%C6%B0%E1%BB%A3c%20d%E1%BA%A7u%20kh%C3%AD%20c%E1%BB%A7a%20M%E1%BB%B9%20trong%20b%E1%BB%91i%20c%E1%BA%A3nh%20xung%20%C4%91%E1%BB%99t%20Ukraine&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9VC6FCZGVJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vov.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9VC6FCZGVJ&cid=1875797282.1660265238&gtm=2oe880&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9VC6FCZGVJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vov.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VQWXBHQSVE&gtm=2oe880&_p=1768630388&_gaz=1&cid=1875797282.1660265238&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660265238&sct=1&seg=0&dl=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&dt=Azerbaijan%20-%20t%C3%A2m%20%C4%91i%E1%BB%83m%20chi%E1%BA%BFn%20l%C6%B0%E1%BB%A3c%20d%E1%BA%A7u%20kh%C3%AD%20c%E1%BB%A7a%20M%E1%BB%B9%20trong%20b%E1%BB%91i%20c%E1%BA%A3nh%20xung%20%C4%91%E1%BB%99t%20Ukraine&en=page_view&_fv=2&_ss=2&_c=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VQWXBHQSVE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vov.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VQWXBHQSVE&cid=1875797282.1660265238&gtm=2oe880&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VQWXBHQSVE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vov.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/4594/prebid_2022_8_8_5_44_7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b86397e087dba0f354e4279d8e957549335a8384cbb11e9381128f23ae40cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vov.vn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 00:47:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35178
x-jsd-version
1.0.1429
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19147-FRA, cache-itm18840-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66e-zNzrEEpPj8suNjLEFeVGTjHpk8w"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cf2zt6e1lXx6z72mHYJklWOPDW%2BJfpJ68mZpZI%2FKFytf9yuW0BoJ8iSndDtyHU%2FKXG8u6Qjo581x%2B3kNcm4pBgaJt%2B0An7FMwSFhUQiRR2lpV026NORpUWvBPvg%2BZBjN4kKCVlxB4MQ7ywM8wUI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
739532ee8b728d9c-MIA
access-control-expose-headers
*
get-user-info
vov.vn/account/ 		2 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vov.vn/account/get-user-info?lang=vi
Requested by
Host: vov.vn
URL: https://vov.vn/account/js/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.165 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
openresty/1.13.6.1 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 12 Aug 2022 00:47:19 GMT
Server
openresty/1.13.6.1
Vary
Origin
Content-Type
application/json
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Length
2
expires
-1
create-comment
vov.vn/account/ 		657 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vov.vn/account/create-comment?nid=958448&lang=vi
Requested by
Host: vov.vn
URL: https://vov.vn/account/js/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.165 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
openresty/1.13.6.1 /
Resource Hash
84aa56ff2645306720cc9a2b9fb7fede3f41d9adba7dd20dd638f56895ddb540

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 12 Aug 2022 00:47:19 GMT
Content-Encoding
gzip
Server
openresty/1.13.6.1
Vary
Origin
Content-Type
text/html; charset=UTF-8
Cache-Control
private, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
expires
-1
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1768630388&t=pageview&_s=1&dl=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&ul=en-us&de=UTF-8&dt=Azerbaijan%20-%20t%C3%A2m%20%C4%91i%E1%BB%83m%20chi%E1%BA%BFn%20l%C6%B0%E1%BB%A3c%20d%E1%BA%A7u%20kh%C3%AD%20c%E1%BB%A7a%20M%E1%BB%B9%20trong%20b%E1%BB%91i%20c%E1%BA%A3nh%20xung%20%C4%91%E1%BB%99t%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=625974120&gjid=685963483&cid=1875797282.1660265238&tid=UA-309591-8&_gid=1858486193.1660265239&_r=1&gtm=2ou880&z=225919120
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vov.vn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vov.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1768630388&t=pageview&_s=1&dl=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&ul=en-us&de=UTF-8&dt=Azerbaijan%20-%20t%C3%A2m%20%C4%91i%E1%BB%83m%20chi%E1%BA%BFn%20l%C6%B0%E1%BB%A3c%20d%E1%BA%A7u%20kh%C3%AD%20c%E1%BB%A7a%20M%E1%BB%B9%20trong%20b%E1%BB%91i%20c%E1%BA%A3nh%20xung%20%C4%91%E1%BB%99t%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=880007587&gjid=400091128&cid=1875797282.1660265238&tid=UA-172506091-1&_gid=1858486193.1660265239&_r=1&gtm=2ou880&z=347533812
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vov.vn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://vov.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
zAvzWRXz-FG5SMNh1LycqYnT-cTWNso4MsAMG4bdANuRvFAZh-wiQ3gf1ql46WKq2fwI7zmPiBgy79YMW8FMrlC8euj5BaxT6AWcgna-QMZ00Vul8-s3UEn90rGgbcahExBXwaJtWx5s2TRngLj0SYCcuEiU9g3kWccEZsR2rq5OK2F0vLjKgDREY_GkPwh3qepPu...
aj1559.online/ 		849 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aj1559.online/zAvzWRXz-FG5SMNh1LycqYnT-cTWNso4MsAMG4bdANuRvFAZh-wiQ3gf1ql46WKq2fwI7zmPiBgy79YMW8FMrlC8euj5BaxT6AWcgna-QMZ00Vul8-s3UEn90rGgbcahExBXwaJtWx5s2TRngLj0SYCcuEiU9g3kWccEZsR2rq5OK2F0vLjKgDREY_GkPwh3qepPu-fseJJ6PxvdMdEdjw_d5S_8BjnX1wwfj-DvbxeIvHLP2vKIJyl7AjsyMUWnTJ6k9qUghdlnkhxkglMtOnaCgD3eq86XtrphGNiUK-79-2ki7H8uFv3L1M739fiZBRWWjz0U5JG1T7wi6tKMt9yUDbrtHAPn6lnSu8RlMemomqg7c3N0P8FSrj4LMhVJQZACMZSuyu2TmFgkFxshFUVfH67NwLZMm5-fIPWJ_YuM3xenzRzBeCCkEB19GLa_IBWFLktn-PIBrVROkWtu_as43xi7EOcZz1Wq90GnTVC7xffryiBJ6017wPuXs7w22pJIHhy-KmVDlqxN-fvRr_MSmpimr4jPqp2gAoKpbyXSLihI-JuwVRHEQTGf3?
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.8 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
d18cd5692009f8d58f89cefb2da7514c0de42cf5656f09ac3231a45b5b3759da

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:17 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://vov.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
849
expires
0
share_inline
button-share.zalo.me/ Frame DDAE 		525 B
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://button-share.zalo.me/share_inline?id=7a7ff4de-a3a8-4b39-acb4-7c2f91655d21&layout=3&color=white&customize=true&width=0px&height=0px&isDesktop=false&url=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&d=eyJ1cmwiOiJodHRwczovL3Zvdi52bi90aGUtZ2lvaS9oby1zby9hemVyYmFpamFuLXRhbS1kaWVtLWNoaWVuLWx1b2MtZGF1LWtoaS1jdWEtbXktdHJvbmctYm9pLWNhbmgteHVuZy1kb3QtdWtyYWluZS1wb3N0OTU4NDQ4LnZvdiJ9&shareType=0
Requested by
Host: sp.zalo.me
URL: https://sp.zalo.me/plugins/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.114.132 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
a5a91afde6166339312821dabbb9d5825870be980b77446affe71ef1658d80f2
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://vov.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
363
date
Fri, 12 Aug 2022 00:47:19 GMT
server
za-ngx-srv
strict-transport-security
max-age=86400
vary
Accept-Encoding, User-Agent
102.json
id5-sync.com/g/v2/ 		453 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/2060/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.66 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216537.ip-141-95-98.eu
Software
/
Resource Hash
3465c0ab339a6c551fe0d3a648e91e3afacbeff5d0ab12502975b678d8fce951
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://vov.vn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 00:47:18 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://vov.vn
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
call
adnetwork.adasiaholdings.com/2060/
Redirect Chain
  • https://adnetwork.adasiaholdings.com/2060/call
  • https://adnetwork.adasiaholdings.com/2060/call?cklb=1
686 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adnetwork.adasiaholdings.com/2060/call?cklb=1
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
23.106.127.48 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
08160b2fae845f7711922ce4d5b650749d42d3ae2ee6293aebddaffd073026eb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:20 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://vov.vn
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:20 GMT
access-control-allow-origin
https://vov.vn
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://adnetwork.adasiaholdings.com/2060/call?cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
call
adnetwork.adasiaholdings.com/2060/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adnetwork.adasiaholdings.com/2060/call
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.48 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://vov.vn
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://vov.vn
date
Fri, 12 Aug 2022 00:47:19 GMT
vary
Origin
a5b3716d-8a77-45b4-9a65-669e5a69a8e8.min.js
cmp.optad360.io/items/ 		497 B
849 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/a5b3716d-8a77-45b4-9a65-669e5a69a8e8.min.js
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:202c:5e00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:05:02 GMT
via
1.1 360031d112e5d98f967632ba717f6cfe.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
age
2540
etag
"7acdc116a0830ba0aef5e087010246ba"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR52-C2
accept-ranges
bytes
content-length
497
x-amz-cf-id
sug9HKhN9xJfiZpJ3KwI-3djf2EWc669bve24rrf29BKFWanUsAwjQ==
zJ56Igv-QbLk1sWpnYL02fGRlX3IS3d1TnAPsKgPlVqsVkbAzRjBUakQibaB_5_owe6OtKZE-WpsG7FeD4CxCj9szVtuzmkDD0JjCTthGrwA2Xz-gezrjk-2LbrjJkSk8J82TbpOXTq_NMbE4TZdEYqhGvL8eRtP6tux8AWWovnZenhyXog2zqE_w_0DtuAz0WzNy...
aj1559.online/ 		43 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aj1559.online/zJ56Igv-QbLk1sWpnYL02fGRlX3IS3d1TnAPsKgPlVqsVkbAzRjBUakQibaB_5_owe6OtKZE-WpsG7FeD4CxCj9szVtuzmkDD0JjCTthGrwA2Xz-gezrjk-2LbrjJkSk8J82TbpOXTq_NMbE4TZdEYqhGvL8eRtP6tux8AWWovnZenhyXog2zqE_w_0DtuAz0WzNyH8VmdgMywm5HK9WupFjUfEEg_6FMp9YRFdjSWdP6sX01Cb3Z7TNKyKAav7x--Ue65JQGwYY4qsSREdUF_rjzxji7sennK7b-zLifdQyVOc2X4u72d_b2AO9XJQhrYC6_z8Fq7HaDXTc4fGdgwu-QlndPYClyYgmPyaRjM_eZvTIFg854fuES4lkc19DullYYAzXfzog0DCo9yIE?DC=DO
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.8 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:18 GMT
last-modified
Tue, 07 Jun 2022 09:16:38 GMT
etag
W/"43-1654593398000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-309591-8&cid=1875797282.1660265238&jid=625974120&gjid=685963483&_gid=1858486193.1660265239&_u=YADAAUAAAAAAAC~&z=977187695
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vov.vn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 12 Aug 2022 00:47:19 GMT
content-type
text/plain
access-control-allow-origin
https://vov.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-172506091-1&cid=1875797282.1660265238&jid=880007587&gjid=400091128&_gid=1858486193.1660265239&_u=YADAAUABAAAAAC~&z=969622068
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vov.vn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 12 Aug 2022 00:47:19 GMT
content-type
text/plain
access-control-allow-origin
https://vov.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
browsing
user.trackpush.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://user.trackpush.com/browsing?pid=WprvbyO8vzYWh95Vka8gZg&_ref=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&uid=62f5a3173ea0c1dbf86f9140
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.245.193.86 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://vov.vn
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://vov.vn
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection
keep-alive
Date
Fri, 12 Aug 2022 00:47:20 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
browsing
user.trackpush.com/ 		24 B
754 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://user.trackpush.com/browsing?pid=WprvbyO8vzYWh95Vka8gZg&_ref=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&uid=62f5a3173ea0c1dbf86f9140
Requested by
Host: api.trackpush.com
URL: https://api.trackpush.com/sdk/native/v1.js?pid=WprvbyO8vzYWh95Vka8gZg&class=_2f1ed274c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.245.193.86 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
55961159113ecea7dead45a069f3facb65718142777c24f7116aab659e0605a1

Request headers

Referer
https://vov.vn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

Date
Fri, 12 Aug 2022 00:47:21 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
Access-Control-Allow-Origin
https://vov.vn
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
like.php
www.facebook.com/v3.3/plugins/ Frame 85D8 		49 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.3/plugins/like.php?action=like&app_id=2231789990407982&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e5a4e7aa9fc64%26domain%3Dvov.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvov.vn%252Ff177c29a8c9db2c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&layout=button_count&locale=en_US&sdk=joey&share=false&size=small&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=638c4a7f2986130b5ad53705fa6a968d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef7369e4105cceda70b7262fffe694f592bc0362a42f051a0f4482971ca7aa05
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vov.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 12 Aug 2022 00:47:19 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v8.0
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
d1u3h/Df8/inzN+m4UqwxfgFZdquEjb/MCw8Ww6aF41dv5tfkXr731wrjeTod3wDKReKv7CxPm3IKyxSrka+0w==
x-fb-rlafr
0
x-xss-protection
0
like.php
www.facebook.com/v3.3/plugins/ Frame 66B9 		35 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.3/plugins/like.php?action=like&app_id=2231789990407982&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dcea963c4a67c%26domain%3Dvov.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvov.vn%252Ff177c29a8c9db2c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fbaodientuvov.vn%2F&layout=standard&locale=en_US&sdk=joey&share=false&size=large&width=300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=638c4a7f2986130b5ad53705fa6a968d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00092b0d6e5aa54f1314d7898a272f74df9a427b8761d94c21d31578376422c0
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vov.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 12 Aug 2022 00:47:19 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v8.0
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
KD24M3ilT7UQbSmD1475Y+kWbJvLOzcvibK4vMqeWt05nczuG7l2XFJBta+rKl/gouEqE0SWeqvvgly6uGZxLg==
x-fb-rlafr
0
x-xss-protection
0
nid
countervov.emitech.vn/ 		0
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://countervov.emitech.vn/nid
Requested by
Host: media.vov.vn
URL: https://media.vov.vn/sites/default/files/js/js_I8SF2WufOERUd05wBahr86VkigSQlxTm7jg6urfWFwY.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5492 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://vov.vn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-headers
Content-Type
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ChdrHZKK4Rfdl2Mt1rjs3yEpmQ%2FgWkxEH2kP078%2FeJIVIYK4Sf%2BxQa3aymEWPDn4YWhKtzhgWqPXMTAeHqZ9ncJo8s1NBI2jhT3Eh4IOmVDjBR%2FWDs1QCvzWc9TGYMdTOlJ0ZMgXpSR0FA9m3wRhglG5gU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
739532f3eab56dd7-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pubads_impl_2022080801.js
securepubads.g.doubleclick.net/gpt/ 		385 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
227fff75c4236d888dd7f5b7bdb52a1f7128ce90ca02e6e2b4c33a501ea4c89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 18:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23358
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134395
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 08:39:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 11 Aug 2023 18:18:01 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		358 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vov.vn
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
df1468ce14b6f2557957f89fb427bddcc2ad08399dbf49c990c40da80cbde6e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 00:47:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163
x-xss-protection
0
expires
Fri, 12 Aug 2022 00:47:19 GMT
login
vov.vn/account/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vov.vn/account/login?lang=vi
Requested by
Host: vov.vn
URL: https://vov.vn/account/js/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.165 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
openresty/1.13.6.1 /
Resource Hash
46bba724b52b1778093c656c4f694418208e69c34b2c8fe9f5202a509a725a9a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 12 Aug 2022 00:47:19 GMT
Content-Encoding
gzip
Server
openresty/1.13.6.1
Vary
Origin
Content-Type
text/html; charset=UTF-8
Cache-Control
private, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
expires
-1
fa-solid-900.woff2
media.vov.vn/libraries/fontawesome/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.vov.vn/libraries/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: media.vov.vn
URL: https://media.vov.vn/sites/default/files/css/css_9DOmHaMcYRY3IebXTrBAceuegLLCsI2K4mvpQTblA_g.css?rgcxdi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.169 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
/
Resource Hash
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

Request headers

Referer
https://media.vov.vn/sites/default/files/css/css_9DOmHaMcYRY3IebXTrBAceuegLLCsI2K4mvpQTblA_g.css?rgcxdi
Origin
https://vov.vn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
cache
Date
Fri, 12 Aug 2022 00:47:19 GMT
Last-Modified
Tue, 12 Feb 2019 16:25:06 GMT
ETag
"5c62f362-1226c"
X-Cache
HIT1
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
public, private
Connection
keep-alive
Accept-Ranges
bytes
X-Cache-Version
1657591149
Content-Length
74348
get-all-comment
vov.vn/account/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vov.vn/account/get-all-comment?nid=958448&lang=vi
Requested by
Host: vov.vn
URL: https://vov.vn/account/js/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.165 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
openresty/1.13.6.1 /
Resource Hash
45693020ac3f96be6edffd4956b0b6652ef6a9a8dbb1d15da533c0c6d3186934

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 12 Aug 2022 00:47:19 GMT
Server
openresty/1.13.6.1
Vary
Origin
Content-Type
application/json
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Length
1328
expires
-1
plugin.min.js
get.optad360.io/sf/a887bb69-be73-4db7-854b-ce745af9d9ac/ 		273 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/a887bb69-be73-4db7-854b-ce745af9d9ac/plugin.min.js
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:202c:fc00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
665e3d3fe9cde96c776cab7c48dc512c106699fe910a29eacdb7b5427cd260cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:19 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 04:06:01 GMT
server
AmazonS3
age
595
etag
W/"140e6728f3108e72f655c1e4e0ad1299"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 784a91ee0539c02263f0e03f7760900c.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
zzVls24q85RiLIJqyfhHAwk3TmzTUUuGqR31WZNqYyntdT5m-zTrgA==
t
za.zalo.me/v3/w/ 		191 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://za.zalo.me/v3/w/t
Requested by
Host: za.zdn.vn
URL: https://za.zdn.vn/v3/za.js?19216
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.114.149 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
d6a89e323e0a3aca09f48cd49872100a2365c0cd17d0d6d84223006ea0f5d6c6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubdomains;

Request headers

Referer
https://vov.vn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
server
za-ngx-srv
strict-transport-security
max-age=86400; includeSubdomains;
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vov.vn
access-control-allow-credentials
true
content-length
191
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ps.eyeota.net/match/bounce/
Redirect Chain
  • https://id5-sync.com/i/102/8.gif?id5id=ID5*i7O0jseDUoXwLn6FuoBC9iWpdMIhKEIVY9U4iS4MzH0edyFF4_D7l6R1ypArQMRJ&o=api&gdpr_consent=undefined&gdpr=0
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOFnirRCHVh0Rre7s39FKNA_DTu9SyLsFI__c1vA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/7/2.gif?puid=6887161019344777123&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/6/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F102%2F2%2F6%2F3.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/102/2/6/3.gif?puid=7186466054594036066&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOFnirRCHVh0Rre7s39FKNA_DTu9SyLsFI__c1vA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F5%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/102/3/5/4.gif?puid=b31562f5-a319-4300-b731-d61b689c0963&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=3d22c16a-ce31-46f0-ba9c-0283881e2ab7&ttl=%%TTL%%
  • https://match.prod.bidr.io/cookie-sync/id5
  • https://match.prod.bidr.io/cookie-sync/id5?_bee_ppp=1
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAARd07F60YAAA99VNYjCQ
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/102/10/2/7.gif?puid=4031305998091369521&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F1%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/104/1/8.gif?puid=&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
0
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=vov.vn
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 00:47:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		116 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1502070190005198&correlator=3943800040466218&eid=31068854%2C31067706&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fifs&iu_parts=21622890900%3A22543502125%2CVN_vov.vn_mb_GAM_Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2555223929&sfv=1-0-38&ists=1&fas=8&fsapi=false&cust_params=url%3D%252Fthe-gioi%252Fho-so%252Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1660265239665&lmt=1660265239&dlt=1660265230191&idt=9402&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1875797282.1660265238&ga_sid=1660265240&ga_hid=1768630388&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
b4398549a2b3ba87bd611171bf5e40d327e30171d2b5f6a6c9e837c5b720ab32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43968
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vov.vn
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		72 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1502070190005198&correlator=3943800040466218&eid=31068854%2C31067706&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fifs&iu_parts=21622890900%3A22543502125%2CVN_vov.vn_res_article_bottom2_728x90%2Cfluid%2CVN_vov.vn_res_article_mid3_728x90%2C300x250%2C336x280%2CVN_vov.vn_res_article_mid1_728x90&enc_prev_ius=%2F0%2F1%2F%2F2%2C%2F0%2F3%2F%2F4%2F%2F5%2C%2F0%2F6%2F%2F4%2F%2F5&prev_iu_szs=300x250%7C336x280%7C728x90%2C300x250%7C336x280%2C300x250%7C336x280%7C728x90&ifi=2&adks=1636794081%2C499686001%2C501369661&sfv=1-0-38&fsapi=false&cust_params=url%3D%252Fthe-gioi%252Fho-so%252Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1660265239677&lmt=1660265239&dlt=1660265230191&idt=9402&adxs=215%2C-12245933%2C215&adys=4490%2C-12245933%2C637&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1%7C0&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&frm=20&vis=1&psz=846x0%7C0x0%7C846x22&msz=846x0%7C0x0%7C846x0&fws=0%2C128%2C0&ohw=0%2C0%2C0&ga_vid=1875797282.1660265238&ga_sid=1660265240&ga_hid=1768630388&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
92bea222b7e18eecff86fa6b6f5a40dc17a12fcae38f7c5a86689d7d468d6f57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
212292
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20327
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
314457
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vov.vn
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1502070190005198&correlator=3943800040466218&eid=31068854%2C31067706&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fifs&iu_parts=21622890900%3A22543502125%2CVN_vov.vn_res_article_right1_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&adks=3241084542&sfv=1-0-38&fsapi=false&cust_params=url%3D%252Fthe-gioi%252Fho-so%252Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1660265239693&lmt=1660265239&dlt=1660265230191&idt=9402&adxs=1085&adys=731&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=1875797282.1660265238&ga_sid=1660265240&ga_hid=1768630388&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
4df10b7d1db5df596b1c43fca336d7ec9d0c112dd8969d009ca13bb51437c7d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9260
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vov.vn
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1502070190005198&correlator=3943800040466218&eid=31068854%2C31067706&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fifs&iu_parts=21622890900%3A22543502125%2CVN_vov.vn_mb_article_top_320x180%2C320x100&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=320x100%7C320x180&ifi=6&adks=1516792440&sfv=1-0-38&fsapi=false&cust_params=url%3D%252Fthe-gioi%252Fho-so%252Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1660265239699&lmt=1660265239&dlt=1660265230191&idt=9402&adxs=640&adys=169&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=1875797282.1660265238&ga_sid=1660265240&ga_hid=1768630388&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
6eb8c2bf3d0803d246756052088bc696d9d6fbdbec48f3f90491b14b076aa137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11081
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://vov.vn
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 31DF 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vov.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 00:47:19 GMT
expires
Sat, 12 Aug 2023 00:47:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022080801.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022080801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
sffe /
Resource Hash
cb5c1aa8b589dae32427518d4aeaf1d90aade457d593ad54e2ad7560d67e01a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 08 Aug 2022 10:41:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
309944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13586
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 08:39:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 08 Aug 2023 10:41:35 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 85D8 		299 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.3/plugins/like.php?action=like&app_id=2231789990407982&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e5a4e7aa9fc64%26domain%3Dvov.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvov.vn%252Ff177c29a8c9db2c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&layout=button_count&locale=en_US&sdk=joey&share=false&size=small&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
299
x-fb-rlafr
0
x-fb-debug
AJ8a+RROS1q19ljD4akM2tbKIrqQjeQp6GyYxXNJke2Em89xmRWBpFP/3iJ5i9NAO/hPBXXMnOrlbLvAV8gh2w==
x-fb-trip-id
1512268381
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 02 Aug 2023 14:23:58 GMT
main.464a90c9d9505b964443708f3239f885.css
button-share.zalo.me/ Frame DDAE 		31 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://button-share.zalo.me/main.464a90c9d9505b964443708f3239f885.css
Requested by
Host: button-share.zalo.me
URL: https://button-share.zalo.me/share_inline?id=7a7ff4de-a3a8-4b39-acb4-7c2f91655d21&layout=3&color=white&customize=true&width=0px&height=0px&isDesktop=false&url=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&d=eyJ1cmwiOiJodHRwczovL3Zvdi52bi90aGUtZ2lvaS9oby1zby9hemVyYmFpamFuLXRhbS1kaWVtLWNoaWVuLWx1b2MtZGF1LWtoaS1jdWEtbXktdHJvbmctYm9pLWNhbmgteHVuZy1kb3QtdWtyYWluZS1wb3N0OTU4NDQ4LnZvdiJ9&shareType=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.114.132 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
2cc1708731e55999264676de244e2fa3e46ff00878ddda5a3851d3d27eefb836
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://button-share.zalo.me/share_inline?id=7a7ff4de-a3a8-4b39-acb4-7c2f91655d21&layout=3&color=white&customize=true&width=0px&height=0px&isDesktop=false&url=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&d=eyJ1cmwiOiJodHRwczovL3Zvdi52bi90aGUtZ2lvaS9oby1zby9hemVyYmFpamFuLXRhbS1kaWVtLWNoaWVuLWx1b2MtZGF1LWtoaS1jdWEtbXktdHJvbmctYm9pLWNhbmgteHVuZy1kb3QtdWtyYWluZS1wb3N0OTU4NDQ4LnZvdiJ9&shareType=0
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:19 GMT
content-encoding
gzip
last-modified
Fri, 05 Aug 2022 07:50:50 GMT
server
za-ngx-srv
vary
Accept-Encoding, User-Agent
content-type
text/css
strict-transport-security
max-age=86400
accept-ranges
bytes
content-length
5402
main.js
button-share.zalo.me/ Frame DDAE 		350 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://button-share.zalo.me/main.js
Requested by
Host: button-share.zalo.me
URL: https://button-share.zalo.me/share_inline?id=7a7ff4de-a3a8-4b39-acb4-7c2f91655d21&layout=3&color=white&customize=true&width=0px&height=0px&isDesktop=false&url=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&d=eyJ1cmwiOiJodHRwczovL3Zvdi52bi90aGUtZ2lvaS9oby1zby9hemVyYmFpamFuLXRhbS1kaWVtLWNoaWVuLWx1b2MtZGF1LWtoaS1jdWEtbXktdHJvbmctYm9pLWNhbmgteHVuZy1kb3QtdWtyYWluZS1wb3N0OTU4NDQ4LnZvdiJ9&shareType=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.114.132 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
f485263be3c0193e98a7928c3845b392b3e24c4a7e7fbad51367ed81f8519701
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://button-share.zalo.me/share_inline?id=7a7ff4de-a3a8-4b39-acb4-7c2f91655d21&layout=3&color=white&customize=true&width=0px&height=0px&isDesktop=false&url=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&d=eyJ1cmwiOiJodHRwczovL3Zvdi52bi90aGUtZ2lvaS9oby1zby9hemVyYmFpamFuLXRhbS1kaWVtLWNoaWVuLWx1b2MtZGF1LWtoaS1jdWEtbXktdHJvbmctYm9pLWNhbmgteHVuZy1kb3QtdWtyYWluZS1wb3N0OTU4NDQ4LnZvdiJ9&shareType=0
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:19 GMT
content-encoding
gzip
last-modified
Fri, 05 Aug 2022 07:50:50 GMT
server
za-ngx-srv
vary
Accept-Encoding, User-Agent
content-type
application/javascript
strict-transport-security
max-age=86400
accept-ranges
bytes
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 66B9 		299 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.3/plugins/like.php?action=like&app_id=2231789990407982&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dcea963c4a67c%26domain%3Dvov.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvov.vn%252Ff177c29a8c9db2c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fbaodientuvov.vn%2F&layout=standard&locale=en_US&sdk=joey&share=false&size=large&width=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
299
x-fb-rlafr
0
x-fb-debug
AJ8a+RROS1q19ljD4akM2tbKIrqQjeQp6GyYxXNJke2Em89xmRWBpFP/3iJ5i9NAO/hPBXXMnOrlbLvAV8gh2w==
x-fb-trip-id
1512268381
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 02 Aug 2023 14:23:58 GMT
ZTXt2HMksce.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y8/l/en_US/ Frame 85D8 		535 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y8/l/en_US/ZTXt2HMksce.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.3/plugins/like.php?action=like&app_id=2231789990407982&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e5a4e7aa9fc64%26domain%3Dvov.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvov.vn%252Ff177c29a8c9db2c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&layout=button_count&locale=en_US&sdk=joey&share=false&size=small&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
79697badd9b84fcaf6ec314aebb5938b0075ed583d540b3f1d25b834bccbfedd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
r6bA26epJlMbViiUebejPw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
142418
x-fb-rlafr
0
x-fb-debug
G371s08QnTxUozRbz1cZlHJXWU22w8TF9MQ3yLe952TPV5lPyNl6ty3G8iDubSysytzAIvxH8+JOJCdzjcfsoA==
x-fb-trip-id
1512268381
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 10 Aug 2023 21:21:13 GMT
ZTXt2HMksce.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y8/l/en_US/ Frame 66B9 		535 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y8/l/en_US/ZTXt2HMksce.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.3/plugins/like.php?action=like&app_id=2231789990407982&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2dcea963c4a67c%26domain%3Dvov.vn%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvov.vn%252Ff177c29a8c9db2c%26relation%3Dparent.parent&color_scheme=dark&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fbaodientuvov.vn%2F&layout=standard&locale=en_US&sdk=joey&share=false&size=large&width=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
79697badd9b84fcaf6ec314aebb5938b0075ed583d540b3f1d25b834bccbfedd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
r6bA26epJlMbViiUebejPw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
142418
x-fb-rlafr
0
x-fb-debug
G371s08QnTxUozRbz1cZlHJXWU22w8TF9MQ3yLe952TPV5lPyNl6ty3G8iDubSysytzAIvxH8+JOJCdzjcfsoA==
x-fb-trip-id
1512268381
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 10 Aug 2023 21:21:13 GMT
get-by-pid
vov.vn/account/ 		26 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vov.vn/account/get-by-pid?pid=3843&lang=vi
Requested by
Host: vov.vn
URL: https://vov.vn/account/js/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.164.27.165 , Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
static.vnpt.vn
Software
openresty/1.13.6.1 /
Resource Hash
d849288221174ddb470c576ae3d6fe17fbe7ce0e0616b605a5e07308338b404e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 12 Aug 2022 00:47:20 GMT
Server
openresty/1.13.6.1
Vary
Origin
Content-Type
application/json
Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Length
26
expires
-1
/
ui-avatars.com/api/ 		559 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ui-avatars.com/api/?length=1&name=Kenny%20Ng
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eefaa14879f5fd613d2d80e13f058bb803e2749d6e25543648e0d9a14243fc45

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, GET, OPTIONS
pragma
public
last-modified
Fri, 12 Aug 2022 00:40:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
31536000, 31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEwmR6EsVmYYYC6s5QtBjPRav1%2BxamZG6EjXn%2BzJ8Xi4HwRtL6aJzan3iySm3Wbrd0RMRS1%2B2qu5vlLQEtP2y8XtCvnKuNMlh9Y5JRV1cRRlS55vsZwpJ4JFZTAtnGt%2FR8aJ%2Bc1CNt5Znf3c"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*, *
cache-control
public, max-age=31536000
access-control-allow-credentials
true, true
cf-ray
739532f5a88b0a2a-MIA
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me, cache-control, Content-Type, Accept, X-Requested-With, remember-me, cache-control
expires
Sat, 12 Aug 2023 00:40:43 GMT
prebid6.23.1.js
get.optad360.io/sf/ 		495 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid6.23.1.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/a887bb69-be73-4db7-854b-ce745af9d9ac/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:202c:fc00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd02260c5d4f77750ced52c982c33eb066d8d0d8e25eeee50ee5953e7a41f098

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Tue, 17 May 2022 12:15:03 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 12:45:38 GMT
server
AmazonS3
age
7475537
etag
W/"44ba356b06aa5e627ab06abf80f24b6c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 784a91ee0539c02263f0e03f7760900c.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
_095ubtPpbKZbaJ5TxWTtc0B8ysyybfMkKHDiZPRBCgDgdVnGgCiAA==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220812
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b86397e087dba0f354e4279d8e957549335a8384cbb11e9381128f23ae40cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vov.vn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35180
x-jsd-version
1.0.1429
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19122-FRA, cache-iad-kiad7000044-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66e-zNzrEEpPj8suNjLEFeVGTjHpk8w"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFoX%2BPr5I5ABOyHZ%2FNQg3L7lalNOaVZDSGsHNcnVicJ22Ozboq%2FBomdXHKThlMvkPq067hyCcxmAdxB8l0YL5ykdxTtsm0o9F63lSwTLzfrUVMIrO9ldszyvEy1UMor5eB96ISkEgeo5QgH%2FJKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
739532f7c8822227-MIA
access-control-expose-headers
*
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Wed, 13 Jul 2022 17:16:25 GMT
content-encoding
gzip
age
2532655
x-guploader-uploadid
ADPycdtMg1tTK9-tC-xM2v_1zaEo66lsslrhNttP5r2rwYgmvsVsdPgETZFvPyFKUZdeVH5YIqyXuA6vQiqyYiGXKYo72D-CV7Ky
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 13 Jul 2023 17:16:25 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c9bfbc2b802937d34983a32a97f9703769f7dc7a9ffebbe99e186aeb5141add1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 12:51:24 GMT
server
nginx
etag
W/"62e91dcc-9dbd"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 13 Aug 2022 00:47:20 GMT
pubcid.min.js
id.sharedid.org/lib/ 		732 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.17.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-17-135.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
cache-control
public, max-age=86400
last-modified
Thu, 11 Aug 2022 21:41:29 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
cdn.id5-sync.com/api/1.0/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf019a1e03162a3ab267c3dc07d7eb9b1ddb76ce703755c49a7ca9edbd1d87db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
2751
x-amz-server-side-encryption
AES256
x-amz-request-id
58FBWW2YH85HWBDK
x-amz-id-2
MKtKIng9l/AuW2BvGVNMcy9KgLa6BFgZZir8ZRTpaQIkXHri1vtpTsS0QY7QSBRsUaQQoAC9ha0=
last-modified
Wed, 27 Jul 2022 15:06:46 GMT
server
cloudflare
etag
W/"ce8697e279fcae53e3ebebe92f9e8909"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
739532f9bbc06dcb-MIA
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		29 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.146.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-146-36.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 11 Aug 2022 16:54:04 GMT
via
1.1 ac664c0310f2b9554aba4708107d094c.cloudfront.net (CloudFront)
last-modified
Tue, 19 Jul 2022 18:12:40 GMT
server
AmazonS3
age
28397
etag
"2fa1275c04d6208db458c1ec8559f92d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-pop
EWR52-C2
accept-ranges
bytes
content-length
29590
x-amz-cf-id
hhoIPenVwMqaj-TXemTZo6HQ8w4kb7g4ZiegsGPgauM4fOpeS1440w==
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.225.2.19 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-225-2-19.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
cache-control
public, max-age=86400
last-modified
Tue, 17 May 2022 17:30:07 GMT
accept-ranges
bytes
content-length
4559
vary
accept-encoding
content-type
application/javascript
container.html
f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F37B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vov.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 00:47:20 GMT
expires
Sat, 12 Aug 2023 00:47:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&rid=esp&cc=1
85 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&rid=esp&cc=1
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H3
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
4558c6668f5488d3c9ed65d6251adb5fe395013ac380b6dc9b1aea464f196e3a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
via
1.1 google
etag
W/"55-q21evkayJ0MYCbyxBt2F/Gtpqmw"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vov.vn
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 12 Aug 2022 00:47:20 GMT
via
1.1 google
access-control-allow-origin
https://vov.vn
x-powered-by
Express
vary
Origin
location
/esp?url=https%3A%2F%2Fvov.vn%2Fthe-gioi%2Fho-so%2Fazerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
container.html
f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D14A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vov.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 00:47:20 GMT
expires
Sat, 12 Aug 2023 00:47:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame F37B 		2 KB
574 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09f6c540cd8cf2cf4369dd646e360e739c249381dac861f09a969666e4e5521e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 23:08:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 12 Aug 2022 00:47:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Aug 2022 00:47:20 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 93FD 		624 B
976 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPeBDRCI53MYoMnOnQEwAQ&v=APEucNXBMbixtjrE6w87RBkcVHe9FGOZNo-UymJYaIKCdhl9mrMJipoNTWVXXRf0rQ7T-lIFMn5WxsOt2lucTZQsTzgOniWFxg
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 00:47:20 GMT
expires
Fri, 12 Aug 2022 00:47:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220811/r20110914/ Frame 201A 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220811/r20110914/abg_lite_fy2021.js
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 17:32:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26068
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Aug 2022 17:32:52 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220811/r20110914/elements/html/ Frame 201A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220811/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d4f6e28cf855271fabcd5fccb24e71ef842e3ffa3c33795d9ddd9d3a1e3a46b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 17:32:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26068
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2640
x-xss-protection
0
server
cafe
etag
4024001306453174559
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Aug 2022 17:32:52 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 201A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 07:23:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame 201A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/window_focus_fy2021.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 23:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4851
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Aug 2022 23:26:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 201A 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 00:47:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame 201A 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 22:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8191
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Aug 2022 22:30:49 GMT
l
www.google.com/ads/measurement/ Frame 201A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfM080UpCxybWsyf7Cqkrcpb8YnGwAkpTbFyF91Z19LLdbUS16foIRF5m5DxY9eUaglpmrR_BE79myX1AO4TBC4ZLbEQ
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 201A 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B7dtGsInPU04EP_h7-HRUCupcgCbh3O5MgUF4XhlczP52UTocUnHJ2FkREdvxIKEwDy-_EWvwXwGcIPyzetXrqcJnfcKc_kvUmnNuyVYJFoN3L_G4
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/elements/html/ Frame F37B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 17:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26073
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8368
x-xss-protection
0
server
cafe
etag
5162546928090487746
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Aug 2022 17:32:47 GMT
more_vert_white_48dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F37B 		233 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/more_vert_white_48dp.png
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 08 Aug 2022 22:08:47 GMT
x-content-type-options
nosniff
age
268713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 08 Aug 2023 22:08:47 GMT
5436305376877484266
s0.2mdn.net/simgad/ Frame 201A 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5436305376877484266
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13130f2c1739d29b57a8a37d990f3f3771ca3a48f04ce2075210ba786f9829a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Sat, 06 Aug 2022 18:13:19 GMT
x-content-type-options
nosniff
age
455641
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112456
x-xss-protection
0
last-modified
Thu, 11 Feb 2021 20:37:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 06 Aug 2023 18:13:19 GMT
increment
id5-sync.com/api/esp/ 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.66 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216537.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://vov.vn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://vov.vn
date
Fri, 12 Aug 2022 00:47:20 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
pixel
googleads.g.doubleclick.net/xbbe/ Frame E3DE 		624 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBDM7bECGNSVpMoBMAE&v=APEucNXGVksMebNWbddsWpl-FXPM9Of1pLjjBpjGWhXmqJYf3FA5P1kAmGlGe0x2a3dFhq1BaAzLKCFgn6YdCnNi4c7_zcTkWQ
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 00:47:20 GMT
expires
Fri, 12 Aug 2022 00:47:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D14A 		63 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_DXNEG2Q3F0_r9ul4DSyVLDQL25pgpAmEYWqzI-Ae91M23glg8QjR5imrd5KF_Kr_17OQOOSm5fCHokgAxWdxf5HfJhVNyJGovE4SerQsQbK73BO1HKZsyqiOXCyj9w9E8dv2a-XG0oQaW-JlKDpZc2rffQ&dbm_d=AKAmf-B43NNrJAjVY2n_L279loi8Z3k-ZRvSzttOWb7LpHXsZuJ023dbPRoft3fKVpfJPd--AsTOvILxE3FGhef-81bUWQn_2uVMSRfyqjuRje-o4cWNEtDt1gPdVxsppBrC5xmUica_vdJecXMMJRJuqViwPSJyiWRAliArb2vk8teYdgktYXmisQFR7OenlMEcsZy0SM5FFrjM__iIwkIDcNX8LSwkNUK2HgP_kBaVocYlR4qKHj62uHBhBFWBA-F3Stmm5W8NtkII1o_1n5E0deIsi_ueyaq3h8V_farHfKmNnxs7dcO897yheoYifsclBWkH-MB3R83FpfnmpsTdPMXVXLuuAv19g--9qEsnssrTe6V2IFDRWLgjorXeuKnQr5aHCUMFTUdHueCTwL7x_sXGmAUc3IAlSJFpksGip1Hx-CP4vQzGXZYZVX5x6daPJ5yJu2RUMbl9e7RAPmttsMPvBa1jXam449ckyXEshAEO9WCHOv5aKShTl5P3v80A99N0w5iP-GQ40wuYRjq26hQGWH9_tD8n2rZaRVv23HBTopfY3tuiA0cMEpLtxChV1Po3aGgUKmlXkec_6LETdHTuxkZc2bwiIYnNv5uDmYYY8h61NwyDtRHPUoGV4YdzIilkU5QgQxNNrkKx8m8YtwT8Yy1MRmGQuxRApRFctawxEyLI4XIT5OM_FN90KgxH9uLtPTdrKUezIpYGzJT10a__cePCbeyujgSXtdlJgyg95a2csbA-7TDUMMEuUNou5DteLCHD6IQJ_U-U9a_Cc_uPuAZkR1QY5q2yLWEZjFelPgh2NZfjgDV9f5mhJka3DN7cH6YspbIYCuJNrWBasQpRTzSn9nVUcQHHPdf-gco7SPURqgiN1TzEZxyD8Lcs0ARUPnP9AIseyBnnsSw2cKJJMEHjswZJJwfXHKM5FC1sRhOcZ8z9xBR8B4FAAa_r3WuA5Ophj_tej8hKTyaqJ5CdzUn0lG2HMslHmr2thW7OHuw6FVLV_aBVveKsQazDhLuhcJ2hpYmTNVkBOfPRpk-Q3XjYklCV2CMAUBiNk2k9ukOXAsbU7_FLepgQBG5_Dsz3xp0EaLv2GmvhaldKwdwwQI8820BZ5GUDy5vIwAdm8Z4ZNfAv8st4YDm70mJzqCeP13wEIGsRXvUH9MgVZkfhE_J8BTRLatZmnQ_aBr2CX3ZX-_rsORyOzuvlkm9Erq_48-TTQDypcxTbNSbfuESwj_YnfBK1sj4LUVLfxb6H_ChLrWnskVlQTDt6LUGou4Wb1uTOjHIEU4A08I69CYMoWU_xDllM-ADp7iZUaqhgNvmb7hlUwvC4VcQ8hVCucNN3S7bwSkOYDlzR17TTzBNQGlzTuMe85qttKaKH35ourTktPc6cEV67Aij3YWOjudVimD7gzPpD-w0IeKzVPy52bsdkf-WIhaPK0yL_L90uMQqsuXefyRxjaof2AdE3euO6iR6OgjLjWx-GpPZuOsh9uw_gO0N4GVc7pdnVu5xaI9gh7BExKQlGAtXD-Yg9AbL8fmIVl1M3Hd4yR-FcDkHyBmD7OlPxpdLTnMzNWYwDT9Zu6frRB8s_QzMzehJlaw_JYq7jVTT-8FUjTcjLo9fdUpQN6UCe24uUpIlBivhdtEdUhOHFoLUVq-fzXyieBBaY7Qve8cn2OHyzVl8hHHm7fIrz_vK-0ncIwhjdxsFFYJscLqcRE047KC26Oc2FLERlj4L7lu9XK7J1FRkaL-zyUq5pUykFt85InUYl3t9-ZKxHwsec0wWgOIMroKCHmaKZe1Uhpt_KF-fHL9Oxdj0_hFoh8tQVZeJxg1h7NcsSkwlplUXhXpPrnHvm8n9SshQbzGe6rq_jn9jCz9-Fnci4h--hizZWnzYcgHpTRwHqo_RJ98YsV_Wjy96vlRsS7KogQUR0yZcHvC3DVm1uirVp3gnHOaoSixfY2fEXkyNT7YlNRLBbhpXMkukjofu_A6GgPBlW7jZMHh8n3eWCZlcifq85B1Bop2TSHi4URd9RFcBVm-8gdCCKzq7qNsC3weCSaLfVxrcwE3y6amPQlGq3_nDmM_m3AakEyYF2VQpI_l_gb2UIIHj0s4Iie7_iwP525sPlt64YLt4Xo5Zix6PafqcQoPvkXg4jSwIWPLBy2tVNPOaRh4AhNuajSwJWIk2t5LzGYJsmzPfMLoxsH6HPFyQdsIhWbIpGO_Co9bPN-qjlRCb4etxNuPNYssmu1XZKbA4OaKVvwZmsGwidM-YSQ-ttMWMvQkRpzjEXr0VEvHDCuPYi9horcatYG_NeO5VQKfD4xLMFnekB85pMbsWoT5Acxg-6wQMwaNpdelbNKMdOg2jn_IDBfhPT-TMf6GWhNP1ME2AS4oTIEQr6QdiJdxtwk9a8Y8wnHQcHt8iVuPI7PBRoXb9VytmIcp-SPWki3EJhUybAUSZjlBLkoEBcu6lwbugizEsmhXO7okkGH5-yH6jB8LdPtcC87qGJBBI_0et9QbsjY8P01OpPAPaOAEC7XHAnTDCWj3RSub15m4KvViKzti3bYWAYSz78Y-Jvjub5p01MxLzFo1qMhDxNfyyFCBI0TgCsUgdlBD-b9IJt2xyHZ-DZRCI2LwSOvDF13-or3qPDpHRL7NP7XJ45BfF6DhuXiQUCeVHehzQ50f2JCosGLcBlpYWhvSlprGuu69hz2YdL-KwpY_nEcDlOrWg49k7aXkD_8Njt2u8riZy3-j8mk0OqqOkFwJ7j6AuKvtSr_6eXS7uZtVRT9DexfZnkWiuqtHv9MW8KjADiuMOAN6910t6WQ1botvXTSEZ-Y3EZnolqL6gOrzgZUn_Si8t3f6lYRgGHWLv4siLFQHRaK583456aSbPckWsoz2uEFkK9y2OVEkR4td2A9KnOPWecdCfWJJEeNC_zjlU3lZoOtLCojQ_R7fIvqX_YmF0_J-__7LA9h_ZLL7s3vXmavEl7jZjgug8YhW7c8oxI3hotup1wGxMOxJT832xR4ldJw8zC-7-9XyGn3t8Fc28KsScp8XOPXs2EChYs1d3vEwH-35NbtBUzO48CsJzNaF55hqRlF6BtaSSs4IHIy-UAEcAParR7payctZYEVIkrxpB2gQ7mNKxayW1Cmaw-W4w3bRCmpw6qIfB5sYRMC8FzbwBOk-7uR0AbrUNdNhmgj4mbDaZDuXbSBTp0b9-StIC-VB6Uy73Cn9inxEzWE2V9eCmEkAAWw7E40KaztWNDEb-eMD9uzIzMdU-UQXBsmYaDAc-ZSJlTI8sPQk9rfRSQZePWr6EHkgGSOyaEY-bA0DVrYS0GI3OFn_63ql9SYn9S9nUXBjbC-cT9P3KIvf6mMVH1ta0tIItVWWXCjuZ2R4uZ_21dJ6Xg5KIfKwc2x-OlokIN3RCu1rNxBoemPia25JYgUjTmukywbYAuGYQ7gwvRzHAi0-z42tnjFRPhR-T2bd3pS1KJ5XOsLoFRaVBCWtaU-4GrFBAzzL5mh0zeLuSV_2n4urgCljrZryBoW4yixGBYQ1DBd9SyWH1w1VNZXulQxAya0_VTroHF1igL3ujm6hg&cid=CAASKORo36VJ_jOeb7WBw4JEZmu3oH5Q34LEVhoCU7vpbGsf-KePBbST7_o&rfl=1%2Chttps%253A%252F%252Fvov.vn%252F%240
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ebcf1e8759c084d7337263d73019fb61f87c378c228bf7070256cd159230ceee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29858
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D14A 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BMY4vYrDXYMAGp5W_bTCJ6kfa-guTNAxEEtiWL2yl8J-V9fo5gLvd87k-xlobA0kIHL2uz6vhRIPmBLuF3ZrfgD8ZZqeGVLWHNBefO7OJB6N7sth4
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame D14A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:32:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
904
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 00:32:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D14A 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 00:47:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame D14A 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 00:35:23 GMT
l
www.google.com/ads/measurement/ Frame D14A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQA0Di-7d3nttIsVNE6Tw0tUGsbC0InNm1lwG7jpWMcMKXW51h2XFJkxTIBVdeeOkDFxvtQ_zOKNbH5-reNanTZZQCxgQ
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 27AA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
150946
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:51:34 GMT
expires
Thu, 10 Aug 2023 06:51:34 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame A8D4 		623 B
830 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6433fd5bc6f057d1db3a5d3f04a64f56295dbcefc44675ad56889ec9a88181db

Request headers

Referer
https://vov.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
405
content-type
text/html
date
Fri, 12 Aug 2022 00:47:20 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ajax
sp.zalo.me/ Frame DDAE 		12 B
346 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sp.zalo.me/ajax
Requested by
Host: button-share.zalo.me
URL: https://button-share.zalo.me/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.114.132 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
756747db3619ec2d34b02fa199a048b937bc3d207904ca8bafcb2cecca097a8f
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://button-share.zalo.me/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
server
za-ngx-srv
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://button-share.zalo.me
access-control-allow-credentials
true
strict-transport-security
max-age=86400
access-control-allow-headers
X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept
content-length
12
ajax
sp.zalo.me/ Frame DDAE 		204 B
848 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sp.zalo.me/ajax
Requested by
Host: button-share.zalo.me
URL: https://button-share.zalo.me/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.213.114.132 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS
Software
za-ngx-srv /
Resource Hash
677485a2d891e5bf42d7479286519fcf95e123aab28c1bb88f8f97949dc1b413
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://button-share.zalo.me/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
server
za-ngx-srv
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://button-share.zalo.me
access-control-allow-credentials
true
strict-transport-security
max-age=86400
access-control-allow-headers
X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept
content-length
204
map
bcp.crwdcntrl.net/6/ 		227 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.252.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-252-20.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
844ed1e118884880682cb2a3d50fd7922e13fa9528b6a930237e1f9d999b5b8f

Request headers

Referer
https://vov.vn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://vov.vn
cache-control
no-cache
x-server
10.40.12.106
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
227
expires
0
dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
pagead2.googlesyndication.com/bg/ Frame 27AA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
234070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14301
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:46:11 GMT
rum
dsum-sec.casalemedia.com/ Frame 93FD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
43 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPeBDRCI53MYoMnOnQEwAQ&v=APEucNXBMbixtjrE6w87RBkcVHe9FGOZNo-UymJYaIKCdhl9mrMJipoNTWVXXRf0rQ7T-lIFMn5WxsOt2lucTZQsTzgOniWFxg
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

cf-ray
739532fe6f0c02f1-MIA
pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TM9m2hQ1kLiQIGDjNfnUQ28CPMEE4TMTi%2FpjvrVsd1sYq7R4fF4%2FEkSnmqKjFjtmebk%2FdKFbYBS0jV2%2BlRwRKr4UKGCnzRzhMtUInJld9IhALxAhMsa9nlLGN2D2xail%2BIABaxtHd%2B4lQw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 93FD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvWjGXEaGrshXuHbOhvpzwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPeBDRCI53MYoMnOnQEwAQ&v=APEucNXBMbixtjrE6w87RBkcVHe9FGOZNo-UymJYaIKCdhl9mrMJipoNTWVXXRf0rQ7T-lIFMn5WxsOt2lucTZQsTzgOniWFxg
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

cf-ray
739533006aba02f1-MIA
pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zziFJl5AKxpzA7Yi2y9Wl1Pf8oF8Ytnlfhi4YAr209EQNpA6TR7nXoVLdVgqAMgze%2F%2FRboljvVBUxudYrAg87kVN8AdScFlvLKpCo7oqPZ8Sw87uyRjFnrhe9X43Sx1HcYg%2FCiro4vXDg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 93FD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBeYSZ4-8mQdmcLuwtd20fo&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBeYSZ4-8mQdmcLuwtd20fo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPeBDRCI53MYoMnOnQEwAQ&v=APEucNXBMbixtjrE6w87RBkcVHe9FGOZNo-UymJYaIKCdhl9mrMJipoNTWVXXRf0rQ7T-lIFMn5WxsOt2lucTZQsTzgOniWFxg
Protocol
HTTP/1.1
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 00:47:21 GMT
X-Proxy-Origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a33c8beb-990f-41a2-a20c-1a3073e862a7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBeYSZ4-8mQdmcLuwtd20fo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 93FD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4NjQ2NjA1NDU5NDAzNjA2Ng%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4NjQ2NjA1NDU5NDAzNjA2Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPeBDRCI53MYoMnOnQEwAQ&v=APEucNXBMbixtjrE6w87RBkcVHe9FGOZNo-UymJYaIKCdhl9mrMJipoNTWVXXRf0rQ7T-lIFMn5WxsOt2lucTZQsTzgOniWFxg
Protocol
H2
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 00:47:21 GMT
X-Proxy-Origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
db91e0e1-d54e-4fa0-8fe5-fb0dc1cee745
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4NjQ2NjA1NDU5NDAzNjA2Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E3DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
43 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBDM7bECGNSVpMoBMAE&v=APEucNXGVksMebNWbddsWpl-FXPM9Of1pLjjBpjGWhXmqJYf3FA5P1kAmGlGe0x2a3dFhq1BaAzLKCFgn6YdCnNi4c7_zcTkWQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

cf-ray
739532fe6f0802f1-MIA
pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwfXuRDV20Es6fwZCFmUMPD7vX9%2B5zBTozf3siE%2BqDecytJQey9ALcCsFk8MT9Ui6kZahoZCkX8l%2FaGOGIykQKLrKx4D7HUAL8BS4T3WN7JGESyqq6xsBH4FVbLgeiZEKfasLpo4JdjdhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E3DE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvWjGXEaGrshXuHbOhvpzwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBDM7bECGNSVpMoBMAE&v=APEucNXGVksMebNWbddsWpl-FXPM9Of1pLjjBpjGWhXmqJYf3FA5P1kAmGlGe0x2a3dFhq1BaAzLKCFgn6YdCnNi4c7_zcTkWQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

cf-ray
739533006abb02f1-MIA
pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fe0B2q3YcBxuhe3YILNf%2FuSfthZSRKLN8B2a6dW9ul0x2NxIq1NWy9TBGZvu7MxM02AltmWeF1I0eqDC6KkCF2WwFuk1ZSRAh0EdOTNC%2F4NRI1EdNmjIcrxBfTPDGDaWaQyXohrY94YiFA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E3DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBeYSZ4-8mQdmcLuwtd20fo&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBeYSZ4-8mQdmcLuwtd20fo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBDM7bECGNSVpMoBMAE&v=APEucNXGVksMebNWbddsWpl-FXPM9Of1pLjjBpjGWhXmqJYf3FA5P1kAmGlGe0x2a3dFhq1BaAzLKCFgn6YdCnNi4c7_zcTkWQ
Protocol
HTTP/1.1
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 00:47:21 GMT
X-Proxy-Origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b784a7b4-47fe-4f4c-9045-fe498ad3ca6d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBeYSZ4-8mQdmcLuwtd20fo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E3DE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4NjQ2NjA1NDU5NDAzNjA2Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4NjQ2NjA1NDU5NDAzNjA2Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBDM7bECGNSVpMoBMAE&v=APEucNXGVksMebNWbddsWpl-FXPM9Of1pLjjBpjGWhXmqJYf3FA5P1kAmGlGe0x2a3dFhq1BaAzLKCFgn6YdCnNi4c7_zcTkWQ
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 00:47:21 GMT
X-Proxy-Origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fbea09bd-268c-4692-bb18-8cc53f90237f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4NjQ2NjA1NDU5NDAzNjA2Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
syncframe
gum.criteo.com/ Frame 3BD5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=vov.vn
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
179d24471f149868157b3b0ab265d6cc20c30f0e395d84dc1ca558185d6776ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://vov.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6145
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 00:47:21 GMT
server-processing-duration-in-ticks
1806
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame D14A 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_DXNEG2Q3F0_r9ul4DSyVLDQL25pgpAmEYWqzI-Ae91M23glg8QjR5imrd5KF_Kr_17OQOOSm5fCHokgAxWdxf5HfJhVNyJGovE4SerQsQbK73BO1HKZsyqiOXCyj9w9E8dv2a-XG0oQaW-JlKDpZc2rffQ&dbm_d=AKAmf-B43NNrJAjVY2n_L279loi8Z3k-ZRvSzttOWb7LpHXsZuJ023dbPRoft3fKVpfJPd--AsTOvILxE3FGhef-81bUWQn_2uVMSRfyqjuRje-o4cWNEtDt1gPdVxsppBrC5xmUica_vdJecXMMJRJuqViwPSJyiWRAliArb2vk8teYdgktYXmisQFR7OenlMEcsZy0SM5FFrjM__iIwkIDcNX8LSwkNUK2HgP_kBaVocYlR4qKHj62uHBhBFWBA-F3Stmm5W8NtkII1o_1n5E0deIsi_ueyaq3h8V_farHfKmNnxs7dcO897yheoYifsclBWkH-MB3R83FpfnmpsTdPMXVXLuuAv19g--9qEsnssrTe6V2IFDRWLgjorXeuKnQr5aHCUMFTUdHueCTwL7x_sXGmAUc3IAlSJFpksGip1Hx-CP4vQzGXZYZVX5x6daPJ5yJu2RUMbl9e7RAPmttsMPvBa1jXam449ckyXEshAEO9WCHOv5aKShTl5P3v80A99N0w5iP-GQ40wuYRjq26hQGWH9_tD8n2rZaRVv23HBTopfY3tuiA0cMEpLtxChV1Po3aGgUKmlXkec_6LETdHTuxkZc2bwiIYnNv5uDmYYY8h61NwyDtRHPUoGV4YdzIilkU5QgQxNNrkKx8m8YtwT8Yy1MRmGQuxRApRFctawxEyLI4XIT5OM_FN90KgxH9uLtPTdrKUezIpYGzJT10a__cePCbeyujgSXtdlJgyg95a2csbA-7TDUMMEuUNou5DteLCHD6IQJ_U-U9a_Cc_uPuAZkR1QY5q2yLWEZjFelPgh2NZfjgDV9f5mhJka3DN7cH6YspbIYCuJNrWBasQpRTzSn9nVUcQHHPdf-gco7SPURqgiN1TzEZxyD8Lcs0ARUPnP9AIseyBnnsSw2cKJJMEHjswZJJwfXHKM5FC1sRhOcZ8z9xBR8B4FAAa_r3WuA5Ophj_tej8hKTyaqJ5CdzUn0lG2HMslHmr2thW7OHuw6FVLV_aBVveKsQazDhLuhcJ2hpYmTNVkBOfPRpk-Q3XjYklCV2CMAUBiNk2k9ukOXAsbU7_FLepgQBG5_Dsz3xp0EaLv2GmvhaldKwdwwQI8820BZ5GUDy5vIwAdm8Z4ZNfAv8st4YDm70mJzqCeP13wEIGsRXvUH9MgVZkfhE_J8BTRLatZmnQ_aBr2CX3ZX-_rsORyOzuvlkm9Erq_48-TTQDypcxTbNSbfuESwj_YnfBK1sj4LUVLfxb6H_ChLrWnskVlQTDt6LUGou4Wb1uTOjHIEU4A08I69CYMoWU_xDllM-ADp7iZUaqhgNvmb7hlUwvC4VcQ8hVCucNN3S7bwSkOYDlzR17TTzBNQGlzTuMe85qttKaKH35ourTktPc6cEV67Aij3YWOjudVimD7gzPpD-w0IeKzVPy52bsdkf-WIhaPK0yL_L90uMQqsuXefyRxjaof2AdE3euO6iR6OgjLjWx-GpPZuOsh9uw_gO0N4GVc7pdnVu5xaI9gh7BExKQlGAtXD-Yg9AbL8fmIVl1M3Hd4yR-FcDkHyBmD7OlPxpdLTnMzNWYwDT9Zu6frRB8s_QzMzehJlaw_JYq7jVTT-8FUjTcjLo9fdUpQN6UCe24uUpIlBivhdtEdUhOHFoLUVq-fzXyieBBaY7Qve8cn2OHyzVl8hHHm7fIrz_vK-0ncIwhjdxsFFYJscLqcRE047KC26Oc2FLERlj4L7lu9XK7J1FRkaL-zyUq5pUykFt85InUYl3t9-ZKxHwsec0wWgOIMroKCHmaKZe1Uhpt_KF-fHL9Oxdj0_hFoh8tQVZeJxg1h7NcsSkwlplUXhXpPrnHvm8n9SshQbzGe6rq_jn9jCz9-Fnci4h--hizZWnzYcgHpTRwHqo_RJ98YsV_Wjy96vlRsS7KogQUR0yZcHvC3DVm1uirVp3gnHOaoSixfY2fEXkyNT7YlNRLBbhpXMkukjofu_A6GgPBlW7jZMHh8n3eWCZlcifq85B1Bop2TSHi4URd9RFcBVm-8gdCCKzq7qNsC3weCSaLfVxrcwE3y6amPQlGq3_nDmM_m3AakEyYF2VQpI_l_gb2UIIHj0s4Iie7_iwP525sPlt64YLt4Xo5Zix6PafqcQoPvkXg4jSwIWPLBy2tVNPOaRh4AhNuajSwJWIk2t5LzGYJsmzPfMLoxsH6HPFyQdsIhWbIpGO_Co9bPN-qjlRCb4etxNuPNYssmu1XZKbA4OaKVvwZmsGwidM-YSQ-ttMWMvQkRpzjEXr0VEvHDCuPYi9horcatYG_NeO5VQKfD4xLMFnekB85pMbsWoT5Acxg-6wQMwaNpdelbNKMdOg2jn_IDBfhPT-TMf6GWhNP1ME2AS4oTIEQr6QdiJdxtwk9a8Y8wnHQcHt8iVuPI7PBRoXb9VytmIcp-SPWki3EJhUybAUSZjlBLkoEBcu6lwbugizEsmhXO7okkGH5-yH6jB8LdPtcC87qGJBBI_0et9QbsjY8P01OpPAPaOAEC7XHAnTDCWj3RSub15m4KvViKzti3bYWAYSz78Y-Jvjub5p01MxLzFo1qMhDxNfyyFCBI0TgCsUgdlBD-b9IJt2xyHZ-DZRCI2LwSOvDF13-or3qPDpHRL7NP7XJ45BfF6DhuXiQUCeVHehzQ50f2JCosGLcBlpYWhvSlprGuu69hz2YdL-KwpY_nEcDlOrWg49k7aXkD_8Njt2u8riZy3-j8mk0OqqOkFwJ7j6AuKvtSr_6eXS7uZtVRT9DexfZnkWiuqtHv9MW8KjADiuMOAN6910t6WQ1botvXTSEZ-Y3EZnolqL6gOrzgZUn_Si8t3f6lYRgGHWLv4siLFQHRaK583456aSbPckWsoz2uEFkK9y2OVEkR4td2A9KnOPWecdCfWJJEeNC_zjlU3lZoOtLCojQ_R7fIvqX_YmF0_J-__7LA9h_ZLL7s3vXmavEl7jZjgug8YhW7c8oxI3hotup1wGxMOxJT832xR4ldJw8zC-7-9XyGn3t8Fc28KsScp8XOPXs2EChYs1d3vEwH-35NbtBUzO48CsJzNaF55hqRlF6BtaSSs4IHIy-UAEcAParR7payctZYEVIkrxpB2gQ7mNKxayW1Cmaw-W4w3bRCmpw6qIfB5sYRMC8FzbwBOk-7uR0AbrUNdNhmgj4mbDaZDuXbSBTp0b9-StIC-VB6Uy73Cn9inxEzWE2V9eCmEkAAWw7E40KaztWNDEb-eMD9uzIzMdU-UQXBsmYaDAc-ZSJlTI8sPQk9rfRSQZePWr6EHkgGSOyaEY-bA0DVrYS0GI3OFn_63ql9SYn9S9nUXBjbC-cT9P3KIvf6mMVH1ta0tIItVWWXCjuZ2R4uZ_21dJ6Xg5KIfKwc2x-OlokIN3RCu1rNxBoemPia25JYgUjTmukywbYAuGYQ7gwvRzHAi0-z42tnjFRPhR-T2bd3pS1KJ5XOsLoFRaVBCWtaU-4GrFBAzzL5mh0zeLuSV_2n4urgCljrZryBoW4yixGBYQ1DBd9SyWH1w1VNZXulQxAya0_VTroHF1igL3ujm6hg&cid=CAASKORo36VJ_jOeb7WBw4JEZmu3oH5Q34LEVhoCU7vpbGsf-KePBbST7_o&rfl=1%2Chttps%253A%252F%252Fvov.vn%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 00:46:58 GMT
10535115410790518687
s0.2mdn.net/simgad/ Frame D14A 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10535115410790518687
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_DXNEG2Q3F0_r9ul4DSyVLDQL25pgpAmEYWqzI-Ae91M23glg8QjR5imrd5KF_Kr_17OQOOSm5fCHokgAxWdxf5HfJhVNyJGovE4SerQsQbK73BO1HKZsyqiOXCyj9w9E8dv2a-XG0oQaW-JlKDpZc2rffQ&dbm_d=AKAmf-B43NNrJAjVY2n_L279loi8Z3k-ZRvSzttOWb7LpHXsZuJ023dbPRoft3fKVpfJPd--AsTOvILxE3FGhef-81bUWQn_2uVMSRfyqjuRje-o4cWNEtDt1gPdVxsppBrC5xmUica_vdJecXMMJRJuqViwPSJyiWRAliArb2vk8teYdgktYXmisQFR7OenlMEcsZy0SM5FFrjM__iIwkIDcNX8LSwkNUK2HgP_kBaVocYlR4qKHj62uHBhBFWBA-F3Stmm5W8NtkII1o_1n5E0deIsi_ueyaq3h8V_farHfKmNnxs7dcO897yheoYifsclBWkH-MB3R83FpfnmpsTdPMXVXLuuAv19g--9qEsnssrTe6V2IFDRWLgjorXeuKnQr5aHCUMFTUdHueCTwL7x_sXGmAUc3IAlSJFpksGip1Hx-CP4vQzGXZYZVX5x6daPJ5yJu2RUMbl9e7RAPmttsMPvBa1jXam449ckyXEshAEO9WCHOv5aKShTl5P3v80A99N0w5iP-GQ40wuYRjq26hQGWH9_tD8n2rZaRVv23HBTopfY3tuiA0cMEpLtxChV1Po3aGgUKmlXkec_6LETdHTuxkZc2bwiIYnNv5uDmYYY8h61NwyDtRHPUoGV4YdzIilkU5QgQxNNrkKx8m8YtwT8Yy1MRmGQuxRApRFctawxEyLI4XIT5OM_FN90KgxH9uLtPTdrKUezIpYGzJT10a__cePCbeyujgSXtdlJgyg95a2csbA-7TDUMMEuUNou5DteLCHD6IQJ_U-U9a_Cc_uPuAZkR1QY5q2yLWEZjFelPgh2NZfjgDV9f5mhJka3DN7cH6YspbIYCuJNrWBasQpRTzSn9nVUcQHHPdf-gco7SPURqgiN1TzEZxyD8Lcs0ARUPnP9AIseyBnnsSw2cKJJMEHjswZJJwfXHKM5FC1sRhOcZ8z9xBR8B4FAAa_r3WuA5Ophj_tej8hKTyaqJ5CdzUn0lG2HMslHmr2thW7OHuw6FVLV_aBVveKsQazDhLuhcJ2hpYmTNVkBOfPRpk-Q3XjYklCV2CMAUBiNk2k9ukOXAsbU7_FLepgQBG5_Dsz3xp0EaLv2GmvhaldKwdwwQI8820BZ5GUDy5vIwAdm8Z4ZNfAv8st4YDm70mJzqCeP13wEIGsRXvUH9MgVZkfhE_J8BTRLatZmnQ_aBr2CX3ZX-_rsORyOzuvlkm9Erq_48-TTQDypcxTbNSbfuESwj_YnfBK1sj4LUVLfxb6H_ChLrWnskVlQTDt6LUGou4Wb1uTOjHIEU4A08I69CYMoWU_xDllM-ADp7iZUaqhgNvmb7hlUwvC4VcQ8hVCucNN3S7bwSkOYDlzR17TTzBNQGlzTuMe85qttKaKH35ourTktPc6cEV67Aij3YWOjudVimD7gzPpD-w0IeKzVPy52bsdkf-WIhaPK0yL_L90uMQqsuXefyRxjaof2AdE3euO6iR6OgjLjWx-GpPZuOsh9uw_gO0N4GVc7pdnVu5xaI9gh7BExKQlGAtXD-Yg9AbL8fmIVl1M3Hd4yR-FcDkHyBmD7OlPxpdLTnMzNWYwDT9Zu6frRB8s_QzMzehJlaw_JYq7jVTT-8FUjTcjLo9fdUpQN6UCe24uUpIlBivhdtEdUhOHFoLUVq-fzXyieBBaY7Qve8cn2OHyzVl8hHHm7fIrz_vK-0ncIwhjdxsFFYJscLqcRE047KC26Oc2FLERlj4L7lu9XK7J1FRkaL-zyUq5pUykFt85InUYl3t9-ZKxHwsec0wWgOIMroKCHmaKZe1Uhpt_KF-fHL9Oxdj0_hFoh8tQVZeJxg1h7NcsSkwlplUXhXpPrnHvm8n9SshQbzGe6rq_jn9jCz9-Fnci4h--hizZWnzYcgHpTRwHqo_RJ98YsV_Wjy96vlRsS7KogQUR0yZcHvC3DVm1uirVp3gnHOaoSixfY2fEXkyNT7YlNRLBbhpXMkukjofu_A6GgPBlW7jZMHh8n3eWCZlcifq85B1Bop2TSHi4URd9RFcBVm-8gdCCKzq7qNsC3weCSaLfVxrcwE3y6amPQlGq3_nDmM_m3AakEyYF2VQpI_l_gb2UIIHj0s4Iie7_iwP525sPlt64YLt4Xo5Zix6PafqcQoPvkXg4jSwIWPLBy2tVNPOaRh4AhNuajSwJWIk2t5LzGYJsmzPfMLoxsH6HPFyQdsIhWbIpGO_Co9bPN-qjlRCb4etxNuPNYssmu1XZKbA4OaKVvwZmsGwidM-YSQ-ttMWMvQkRpzjEXr0VEvHDCuPYi9horcatYG_NeO5VQKfD4xLMFnekB85pMbsWoT5Acxg-6wQMwaNpdelbNKMdOg2jn_IDBfhPT-TMf6GWhNP1ME2AS4oTIEQr6QdiJdxtwk9a8Y8wnHQcHt8iVuPI7PBRoXb9VytmIcp-SPWki3EJhUybAUSZjlBLkoEBcu6lwbugizEsmhXO7okkGH5-yH6jB8LdPtcC87qGJBBI_0et9QbsjY8P01OpPAPaOAEC7XHAnTDCWj3RSub15m4KvViKzti3bYWAYSz78Y-Jvjub5p01MxLzFo1qMhDxNfyyFCBI0TgCsUgdlBD-b9IJt2xyHZ-DZRCI2LwSOvDF13-or3qPDpHRL7NP7XJ45BfF6DhuXiQUCeVHehzQ50f2JCosGLcBlpYWhvSlprGuu69hz2YdL-KwpY_nEcDlOrWg49k7aXkD_8Njt2u8riZy3-j8mk0OqqOkFwJ7j6AuKvtSr_6eXS7uZtVRT9DexfZnkWiuqtHv9MW8KjADiuMOAN6910t6WQ1botvXTSEZ-Y3EZnolqL6gOrzgZUn_Si8t3f6lYRgGHWLv4siLFQHRaK583456aSbPckWsoz2uEFkK9y2OVEkR4td2A9KnOPWecdCfWJJEeNC_zjlU3lZoOtLCojQ_R7fIvqX_YmF0_J-__7LA9h_ZLL7s3vXmavEl7jZjgug8YhW7c8oxI3hotup1wGxMOxJT832xR4ldJw8zC-7-9XyGn3t8Fc28KsScp8XOPXs2EChYs1d3vEwH-35NbtBUzO48CsJzNaF55hqRlF6BtaSSs4IHIy-UAEcAParR7payctZYEVIkrxpB2gQ7mNKxayW1Cmaw-W4w3bRCmpw6qIfB5sYRMC8FzbwBOk-7uR0AbrUNdNhmgj4mbDaZDuXbSBTp0b9-StIC-VB6Uy73Cn9inxEzWE2V9eCmEkAAWw7E40KaztWNDEb-eMD9uzIzMdU-UQXBsmYaDAc-ZSJlTI8sPQk9rfRSQZePWr6EHkgGSOyaEY-bA0DVrYS0GI3OFn_63ql9SYn9S9nUXBjbC-cT9P3KIvf6mMVH1ta0tIItVWWXCjuZ2R4uZ_21dJ6Xg5KIfKwc2x-OlokIN3RCu1rNxBoemPia25JYgUjTmukywbYAuGYQ7gwvRzHAi0-z42tnjFRPhR-T2bd3pS1KJ5XOsLoFRaVBCWtaU-4GrFBAzzL5mh0zeLuSV_2n4urgCljrZryBoW4yixGBYQ1DBd9SyWH1w1VNZXulQxAya0_VTroHF1igL3ujm6hg&cid=CAASKORo36VJ_jOeb7WBw4JEZmu3oH5Q34LEVhoCU7vpbGsf-KePBbST7_o&rfl=1%2Chttps%253A%252F%252Fvov.vn%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eabb639749e4e2476d1ce91349bb44a33057a256b2bb167f26645fd702ff84b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 08 Aug 2022 10:12:25 GMT
x-content-type-options
nosniff
age
311696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156519
x-xss-protection
0
last-modified
Sun, 22 May 2022 07:20:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 10:12:25 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame D14A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_DXNEG2Q3F0_r9ul4DSyVLDQL25pgpAmEYWqzI-Ae91M23glg8QjR5imrd5KF_Kr_17OQOOSm5fCHokgAxWdxf5HfJhVNyJGovE4SerQsQbK73BO1HKZsyqiOXCyj9w9E8dv2a-XG0oQaW-JlKDpZc2rffQ&dbm_d=AKAmf-B43NNrJAjVY2n_L279loi8Z3k-ZRvSzttOWb7LpHXsZuJ023dbPRoft3fKVpfJPd--AsTOvILxE3FGhef-81bUWQn_2uVMSRfyqjuRje-o4cWNEtDt1gPdVxsppBrC5xmUica_vdJecXMMJRJuqViwPSJyiWRAliArb2vk8teYdgktYXmisQFR7OenlMEcsZy0SM5FFrjM__iIwkIDcNX8LSwkNUK2HgP_kBaVocYlR4qKHj62uHBhBFWBA-F3Stmm5W8NtkII1o_1n5E0deIsi_ueyaq3h8V_farHfKmNnxs7dcO897yheoYifsclBWkH-MB3R83FpfnmpsTdPMXVXLuuAv19g--9qEsnssrTe6V2IFDRWLgjorXeuKnQr5aHCUMFTUdHueCTwL7x_sXGmAUc3IAlSJFpksGip1Hx-CP4vQzGXZYZVX5x6daPJ5yJu2RUMbl9e7RAPmttsMPvBa1jXam449ckyXEshAEO9WCHOv5aKShTl5P3v80A99N0w5iP-GQ40wuYRjq26hQGWH9_tD8n2rZaRVv23HBTopfY3tuiA0cMEpLtxChV1Po3aGgUKmlXkec_6LETdHTuxkZc2bwiIYnNv5uDmYYY8h61NwyDtRHPUoGV4YdzIilkU5QgQxNNrkKx8m8YtwT8Yy1MRmGQuxRApRFctawxEyLI4XIT5OM_FN90KgxH9uLtPTdrKUezIpYGzJT10a__cePCbeyujgSXtdlJgyg95a2csbA-7TDUMMEuUNou5DteLCHD6IQJ_U-U9a_Cc_uPuAZkR1QY5q2yLWEZjFelPgh2NZfjgDV9f5mhJka3DN7cH6YspbIYCuJNrWBasQpRTzSn9nVUcQHHPdf-gco7SPURqgiN1TzEZxyD8Lcs0ARUPnP9AIseyBnnsSw2cKJJMEHjswZJJwfXHKM5FC1sRhOcZ8z9xBR8B4FAAa_r3WuA5Ophj_tej8hKTyaqJ5CdzUn0lG2HMslHmr2thW7OHuw6FVLV_aBVveKsQazDhLuhcJ2hpYmTNVkBOfPRpk-Q3XjYklCV2CMAUBiNk2k9ukOXAsbU7_FLepgQBG5_Dsz3xp0EaLv2GmvhaldKwdwwQI8820BZ5GUDy5vIwAdm8Z4ZNfAv8st4YDm70mJzqCeP13wEIGsRXvUH9MgVZkfhE_J8BTRLatZmnQ_aBr2CX3ZX-_rsORyOzuvlkm9Erq_48-TTQDypcxTbNSbfuESwj_YnfBK1sj4LUVLfxb6H_ChLrWnskVlQTDt6LUGou4Wb1uTOjHIEU4A08I69CYMoWU_xDllM-ADp7iZUaqhgNvmb7hlUwvC4VcQ8hVCucNN3S7bwSkOYDlzR17TTzBNQGlzTuMe85qttKaKH35ourTktPc6cEV67Aij3YWOjudVimD7gzPpD-w0IeKzVPy52bsdkf-WIhaPK0yL_L90uMQqsuXefyRxjaof2AdE3euO6iR6OgjLjWx-GpPZuOsh9uw_gO0N4GVc7pdnVu5xaI9gh7BExKQlGAtXD-Yg9AbL8fmIVl1M3Hd4yR-FcDkHyBmD7OlPxpdLTnMzNWYwDT9Zu6frRB8s_QzMzehJlaw_JYq7jVTT-8FUjTcjLo9fdUpQN6UCe24uUpIlBivhdtEdUhOHFoLUVq-fzXyieBBaY7Qve8cn2OHyzVl8hHHm7fIrz_vK-0ncIwhjdxsFFYJscLqcRE047KC26Oc2FLERlj4L7lu9XK7J1FRkaL-zyUq5pUykFt85InUYl3t9-ZKxHwsec0wWgOIMroKCHmaKZe1Uhpt_KF-fHL9Oxdj0_hFoh8tQVZeJxg1h7NcsSkwlplUXhXpPrnHvm8n9SshQbzGe6rq_jn9jCz9-Fnci4h--hizZWnzYcgHpTRwHqo_RJ98YsV_Wjy96vlRsS7KogQUR0yZcHvC3DVm1uirVp3gnHOaoSixfY2fEXkyNT7YlNRLBbhpXMkukjofu_A6GgPBlW7jZMHh8n3eWCZlcifq85B1Bop2TSHi4URd9RFcBVm-8gdCCKzq7qNsC3weCSaLfVxrcwE3y6amPQlGq3_nDmM_m3AakEyYF2VQpI_l_gb2UIIHj0s4Iie7_iwP525sPlt64YLt4Xo5Zix6PafqcQoPvkXg4jSwIWPLBy2tVNPOaRh4AhNuajSwJWIk2t5LzGYJsmzPfMLoxsH6HPFyQdsIhWbIpGO_Co9bPN-qjlRCb4etxNuPNYssmu1XZKbA4OaKVvwZmsGwidM-YSQ-ttMWMvQkRpzjEXr0VEvHDCuPYi9horcatYG_NeO5VQKfD4xLMFnekB85pMbsWoT5Acxg-6wQMwaNpdelbNKMdOg2jn_IDBfhPT-TMf6GWhNP1ME2AS4oTIEQr6QdiJdxtwk9a8Y8wnHQcHt8iVuPI7PBRoXb9VytmIcp-SPWki3EJhUybAUSZjlBLkoEBcu6lwbugizEsmhXO7okkGH5-yH6jB8LdPtcC87qGJBBI_0et9QbsjY8P01OpPAPaOAEC7XHAnTDCWj3RSub15m4KvViKzti3bYWAYSz78Y-Jvjub5p01MxLzFo1qMhDxNfyyFCBI0TgCsUgdlBD-b9IJt2xyHZ-DZRCI2LwSOvDF13-or3qPDpHRL7NP7XJ45BfF6DhuXiQUCeVHehzQ50f2JCosGLcBlpYWhvSlprGuu69hz2YdL-KwpY_nEcDlOrWg49k7aXkD_8Njt2u8riZy3-j8mk0OqqOkFwJ7j6AuKvtSr_6eXS7uZtVRT9DexfZnkWiuqtHv9MW8KjADiuMOAN6910t6WQ1botvXTSEZ-Y3EZnolqL6gOrzgZUn_Si8t3f6lYRgGHWLv4siLFQHRaK583456aSbPckWsoz2uEFkK9y2OVEkR4td2A9KnOPWecdCfWJJEeNC_zjlU3lZoOtLCojQ_R7fIvqX_YmF0_J-__7LA9h_ZLL7s3vXmavEl7jZjgug8YhW7c8oxI3hotup1wGxMOxJT832xR4ldJw8zC-7-9XyGn3t8Fc28KsScp8XOPXs2EChYs1d3vEwH-35NbtBUzO48CsJzNaF55hqRlF6BtaSSs4IHIy-UAEcAParR7payctZYEVIkrxpB2gQ7mNKxayW1Cmaw-W4w3bRCmpw6qIfB5sYRMC8FzbwBOk-7uR0AbrUNdNhmgj4mbDaZDuXbSBTp0b9-StIC-VB6Uy73Cn9inxEzWE2V9eCmEkAAWw7E40KaztWNDEb-eMD9uzIzMdU-UQXBsmYaDAc-ZSJlTI8sPQk9rfRSQZePWr6EHkgGSOyaEY-bA0DVrYS0GI3OFn_63ql9SYn9S9nUXBjbC-cT9P3KIvf6mMVH1ta0tIItVWWXCjuZ2R4uZ_21dJ6Xg5KIfKwc2x-OlokIN3RCu1rNxBoemPia25JYgUjTmukywbYAuGYQ7gwvRzHAi0-z42tnjFRPhR-T2bd3pS1KJ5XOsLoFRaVBCWtaU-4GrFBAzzL5mh0zeLuSV_2n4urgCljrZryBoW4yixGBYQ1DBd9SyWH1w1VNZXulQxAya0_VTroHF1igL3ujm6hg&cid=CAASKORo36VJ_jOeb7WBw4JEZmu3oH5Q34LEVhoCU7vpbGsf-KePBbST7_o&rfl=1%2Chttps%253A%252F%252Fvov.vn%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:40:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 00:40:37 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D14A 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuL-gnhwEuSeNoRCJrF3_v6Fwhy6630m5C8ghpnHQzrFysrRcmfeM5kEp01JMNCNu0p51YicU-NACK1s5DPk6cSrOaaVf1CQLqcIJ9d5i8Lc0fXMwL1JhyV-RGh2BDG02-KUBMGAWOG4H1i5kqYG2ZLVYLn05-ApmpVGxzblXYgXUvNKlcpLO0Oh5epXPDCTkJxUXhsf7CFOhvJME1iEsEXm2WJvk2IfGLcGj2O6pqAuyM2pHER6Gn6eF74QUpnrE97XF2ZJy9nKjoNRqaL0DaKeTmEyfxmccwoM4-9sBdofPu9-5HuZkq1VoKYwBN1xiKgt7B6k3G8Z9ZuEpnEtoeLe7kpUDjyslZ6o5TZRVyGflL_NeGaKuXq3wLltrMgEr4A53Sv0JaZYq6GN9euyGFgzaP3P-oapRYQK24cPA_jwOoxsuPQKA_doE8qW1JnBov7IO94XASJB4nVqS31Ub5FosJGB2MtqsedNq_Z44YRraWHS6A1RuLBda-cC0sFoJYUxF44dI5JOlli-E73VhVSQVdFPhZAgIESyZJpNp6i79nq_BXgZBgIBKW6ESxnA2FV_CCCgkgjq-b8mCvXMv8l4c9oMWWst7tVL0ao597ZEchW_4cTz6x7Z9YwdL3AJdWw13mTHIL8YB534RAzbSB073q8fDV8OmnsH5T-2iyHSqnBpn5bcqpUDlq8jy3DqbxkicQSlF-ButrYoNznLzGTeg6XWw3ZXhOT22aGdaa7pg-0UHlUOyeK11HgZKUmAzXVCVfrRdXbwpdEvykwjMzjsR5bApmLPKGlJvFlS1O2TzdiBb-J01pCcGkyx3qBF1WkAmgqbgqgMWoLFUDEPOslwmjeompTriZtDbQJ1CFDM5XCTiS8iU27vALuo71pCHt-sb1hmhh9SNr-y3IucLXbqyi2v7bPO9VfHkP0mDlpaDxdbtaQKvQ78p0XZAQH6WC2hrMHqFoJOOi7HGh7s4Sa9zms70jLnLDOBvIsmN48ArBygeNmZilZ-YxILmR1KUvnQgBCJNtvGi3FPPMVn3ikTVN5y-iGDh8iXsac7u8KtEhGp61B0N_iVOo8U-t6ERe4uwhKxkZl4k6BUYOMArmd-2N41lIRQlavGLDFOIlUxg-EQK7L4Ulx776uX026NH2wgYe8TNSV81wUeO7cqtfD11siFinMryc5dTU3890j0JCeabMQTL9NBLn2oOCc7WrPfS4pYcwkAc6JLZlJVia8umEvliTlVtZUWWspOdb-E14E5nx3aOdSawZS1o7Qvn0DDt99QYquizURCKfQChPT9Kz3Y1pmsGrZax6-vqyWqe0-e9XW&sai=AMfl-YSSBXhQKoqHkAdyRPfmN-D3jqzBzmkMh_t9uzZVSBBpIhVV1OaWeo0CS_rt6RAhZEHA6siZc2nKzoxKC7mqT4iZCCNrT2e5F4zPqFIDfJOl8ilSYAvhQOzA7F5PxrNwY6Dx2a56FwlBjvN32dUBI8jW9vKv46Nm_SjQ1Nmj0AGwZ7Ob2LamNCuFqTlcc6HdVbdq4Lq3ub5wRKGX7-eepW3Emsj7fr-SFA&sig=Cg0ArKJSzMSjJoso-DddEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20220810.53957&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_DXNEG2Q3F0_r9ul4DSyVLDQL25pgpAmEYWqzI-Ae91M23glg8QjR5imrd5KF_Kr_17OQOOSm5fCHokgAxWdxf5HfJhVNyJGovE4SerQsQbK73BO1HKZsyqiOXCyj9w9E8dv2a-XG0oQaW-JlKDpZc2rffQ&dbm_d=AKAmf-B43NNrJAjVY2n_L279loi8Z3k-ZRvSzttOWb7LpHXsZuJ023dbPRoft3fKVpfJPd--AsTOvILxE3FGhef-81bUWQn_2uVMSRfyqjuRje-o4cWNEtDt1gPdVxsppBrC5xmUica_vdJecXMMJRJuqViwPSJyiWRAliArb2vk8teYdgktYXmisQFR7OenlMEcsZy0SM5FFrjM__iIwkIDcNX8LSwkNUK2HgP_kBaVocYlR4qKHj62uHBhBFWBA-F3Stmm5W8NtkII1o_1n5E0deIsi_ueyaq3h8V_farHfKmNnxs7dcO897yheoYifsclBWkH-MB3R83FpfnmpsTdPMXVXLuuAv19g--9qEsnssrTe6V2IFDRWLgjorXeuKnQr5aHCUMFTUdHueCTwL7x_sXGmAUc3IAlSJFpksGip1Hx-CP4vQzGXZYZVX5x6daPJ5yJu2RUMbl9e7RAPmttsMPvBa1jXam449ckyXEshAEO9WCHOv5aKShTl5P3v80A99N0w5iP-GQ40wuYRjq26hQGWH9_tD8n2rZaRVv23HBTopfY3tuiA0cMEpLtxChV1Po3aGgUKmlXkec_6LETdHTuxkZc2bwiIYnNv5uDmYYY8h61NwyDtRHPUoGV4YdzIilkU5QgQxNNrkKx8m8YtwT8Yy1MRmGQuxRApRFctawxEyLI4XIT5OM_FN90KgxH9uLtPTdrKUezIpYGzJT10a__cePCbeyujgSXtdlJgyg95a2csbA-7TDUMMEuUNou5DteLCHD6IQJ_U-U9a_Cc_uPuAZkR1QY5q2yLWEZjFelPgh2NZfjgDV9f5mhJka3DN7cH6YspbIYCuJNrWBasQpRTzSn9nVUcQHHPdf-gco7SPURqgiN1TzEZxyD8Lcs0ARUPnP9AIseyBnnsSw2cKJJMEHjswZJJwfXHKM5FC1sRhOcZ8z9xBR8B4FAAa_r3WuA5Ophj_tej8hKTyaqJ5CdzUn0lG2HMslHmr2thW7OHuw6FVLV_aBVveKsQazDhLuhcJ2hpYmTNVkBOfPRpk-Q3XjYklCV2CMAUBiNk2k9ukOXAsbU7_FLepgQBG5_Dsz3xp0EaLv2GmvhaldKwdwwQI8820BZ5GUDy5vIwAdm8Z4ZNfAv8st4YDm70mJzqCeP13wEIGsRXvUH9MgVZkfhE_J8BTRLatZmnQ_aBr2CX3ZX-_rsORyOzuvlkm9Erq_48-TTQDypcxTbNSbfuESwj_YnfBK1sj4LUVLfxb6H_ChLrWnskVlQTDt6LUGou4Wb1uTOjHIEU4A08I69CYMoWU_xDllM-ADp7iZUaqhgNvmb7hlUwvC4VcQ8hVCucNN3S7bwSkOYDlzR17TTzBNQGlzTuMe85qttKaKH35ourTktPc6cEV67Aij3YWOjudVimD7gzPpD-w0IeKzVPy52bsdkf-WIhaPK0yL_L90uMQqsuXefyRxjaof2AdE3euO6iR6OgjLjWx-GpPZuOsh9uw_gO0N4GVc7pdnVu5xaI9gh7BExKQlGAtXD-Yg9AbL8fmIVl1M3Hd4yR-FcDkHyBmD7OlPxpdLTnMzNWYwDT9Zu6frRB8s_QzMzehJlaw_JYq7jVTT-8FUjTcjLo9fdUpQN6UCe24uUpIlBivhdtEdUhOHFoLUVq-fzXyieBBaY7Qve8cn2OHyzVl8hHHm7fIrz_vK-0ncIwhjdxsFFYJscLqcRE047KC26Oc2FLERlj4L7lu9XK7J1FRkaL-zyUq5pUykFt85InUYl3t9-ZKxHwsec0wWgOIMroKCHmaKZe1Uhpt_KF-fHL9Oxdj0_hFoh8tQVZeJxg1h7NcsSkwlplUXhXpPrnHvm8n9SshQbzGe6rq_jn9jCz9-Fnci4h--hizZWnzYcgHpTRwHqo_RJ98YsV_Wjy96vlRsS7KogQUR0yZcHvC3DVm1uirVp3gnHOaoSixfY2fEXkyNT7YlNRLBbhpXMkukjofu_A6GgPBlW7jZMHh8n3eWCZlcifq85B1Bop2TSHi4URd9RFcBVm-8gdCCKzq7qNsC3weCSaLfVxrcwE3y6amPQlGq3_nDmM_m3AakEyYF2VQpI_l_gb2UIIHj0s4Iie7_iwP525sPlt64YLt4Xo5Zix6PafqcQoPvkXg4jSwIWPLBy2tVNPOaRh4AhNuajSwJWIk2t5LzGYJsmzPfMLoxsH6HPFyQdsIhWbIpGO_Co9bPN-qjlRCb4etxNuPNYssmu1XZKbA4OaKVvwZmsGwidM-YSQ-ttMWMvQkRpzjEXr0VEvHDCuPYi9horcatYG_NeO5VQKfD4xLMFnekB85pMbsWoT5Acxg-6wQMwaNpdelbNKMdOg2jn_IDBfhPT-TMf6GWhNP1ME2AS4oTIEQr6QdiJdxtwk9a8Y8wnHQcHt8iVuPI7PBRoXb9VytmIcp-SPWki3EJhUybAUSZjlBLkoEBcu6lwbugizEsmhXO7okkGH5-yH6jB8LdPtcC87qGJBBI_0et9QbsjY8P01OpPAPaOAEC7XHAnTDCWj3RSub15m4KvViKzti3bYWAYSz78Y-Jvjub5p01MxLzFo1qMhDxNfyyFCBI0TgCsUgdlBD-b9IJt2xyHZ-DZRCI2LwSOvDF13-or3qPDpHRL7NP7XJ45BfF6DhuXiQUCeVHehzQ50f2JCosGLcBlpYWhvSlprGuu69hz2YdL-KwpY_nEcDlOrWg49k7aXkD_8Njt2u8riZy3-j8mk0OqqOkFwJ7j6AuKvtSr_6eXS7uZtVRT9DexfZnkWiuqtHv9MW8KjADiuMOAN6910t6WQ1botvXTSEZ-Y3EZnolqL6gOrzgZUn_Si8t3f6lYRgGHWLv4siLFQHRaK583456aSbPckWsoz2uEFkK9y2OVEkR4td2A9KnOPWecdCfWJJEeNC_zjlU3lZoOtLCojQ_R7fIvqX_YmF0_J-__7LA9h_ZLL7s3vXmavEl7jZjgug8YhW7c8oxI3hotup1wGxMOxJT832xR4ldJw8zC-7-9XyGn3t8Fc28KsScp8XOPXs2EChYs1d3vEwH-35NbtBUzO48CsJzNaF55hqRlF6BtaSSs4IHIy-UAEcAParR7payctZYEVIkrxpB2gQ7mNKxayW1Cmaw-W4w3bRCmpw6qIfB5sYRMC8FzbwBOk-7uR0AbrUNdNhmgj4mbDaZDuXbSBTp0b9-StIC-VB6Uy73Cn9inxEzWE2V9eCmEkAAWw7E40KaztWNDEb-eMD9uzIzMdU-UQXBsmYaDAc-ZSJlTI8sPQk9rfRSQZePWr6EHkgGSOyaEY-bA0DVrYS0GI3OFn_63ql9SYn9S9nUXBjbC-cT9P3KIvf6mMVH1ta0tIItVWWXCjuZ2R4uZ_21dJ6Xg5KIfKwc2x-OlokIN3RCu1rNxBoemPia25JYgUjTmukywbYAuGYQ7gwvRzHAi0-z42tnjFRPhR-T2bd3pS1KJ5XOsLoFRaVBCWtaU-4GrFBAzzL5mh0zeLuSV_2n4urgCljrZryBoW4yixGBYQ1DBd9SyWH1w1VNZXulQxAya0_VTroHF1igL3ujm6hg&cid=CAASKORo36VJ_jOeb7WBw4JEZmu3oH5Q34LEVhoCU7vpbGsf-KePBbST7_o&rfl=1%2Chttps%253A%252F%252Fvov.vn%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 12 Aug 2022 00:47:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ca
choices.truste.com/ Frame D14A 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=27797159&js=st0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_DXNEG2Q3F0_r9ul4DSyVLDQL25pgpAmEYWqzI-Ae91M23glg8QjR5imrd5KF_Kr_17OQOOSm5fCHokgAxWdxf5HfJhVNyJGovE4SerQsQbK73BO1HKZsyqiOXCyj9w9E8dv2a-XG0oQaW-JlKDpZc2rffQ&dbm_d=AKAmf-B43NNrJAjVY2n_L279loi8Z3k-ZRvSzttOWb7LpHXsZuJ023dbPRoft3fKVpfJPd--AsTOvILxE3FGhef-81bUWQn_2uVMSRfyqjuRje-o4cWNEtDt1gPdVxsppBrC5xmUica_vdJecXMMJRJuqViwPSJyiWRAliArb2vk8teYdgktYXmisQFR7OenlMEcsZy0SM5FFrjM__iIwkIDcNX8LSwkNUK2HgP_kBaVocYlR4qKHj62uHBhBFWBA-F3Stmm5W8NtkII1o_1n5E0deIsi_ueyaq3h8V_farHfKmNnxs7dcO897yheoYifsclBWkH-MB3R83FpfnmpsTdPMXVXLuuAv19g--9qEsnssrTe6V2IFDRWLgjorXeuKnQr5aHCUMFTUdHueCTwL7x_sXGmAUc3IAlSJFpksGip1Hx-CP4vQzGXZYZVX5x6daPJ5yJu2RUMbl9e7RAPmttsMPvBa1jXam449ckyXEshAEO9WCHOv5aKShTl5P3v80A99N0w5iP-GQ40wuYRjq26hQGWH9_tD8n2rZaRVv23HBTopfY3tuiA0cMEpLtxChV1Po3aGgUKmlXkec_6LETdHTuxkZc2bwiIYnNv5uDmYYY8h61NwyDtRHPUoGV4YdzIilkU5QgQxNNrkKx8m8YtwT8Yy1MRmGQuxRApRFctawxEyLI4XIT5OM_FN90KgxH9uLtPTdrKUezIpYGzJT10a__cePCbeyujgSXtdlJgyg95a2csbA-7TDUMMEuUNou5DteLCHD6IQJ_U-U9a_Cc_uPuAZkR1QY5q2yLWEZjFelPgh2NZfjgDV9f5mhJka3DN7cH6YspbIYCuJNrWBasQpRTzSn9nVUcQHHPdf-gco7SPURqgiN1TzEZxyD8Lcs0ARUPnP9AIseyBnnsSw2cKJJMEHjswZJJwfXHKM5FC1sRhOcZ8z9xBR8B4FAAa_r3WuA5Ophj_tej8hKTyaqJ5CdzUn0lG2HMslHmr2thW7OHuw6FVLV_aBVveKsQazDhLuhcJ2hpYmTNVkBOfPRpk-Q3XjYklCV2CMAUBiNk2k9ukOXAsbU7_FLepgQBG5_Dsz3xp0EaLv2GmvhaldKwdwwQI8820BZ5GUDy5vIwAdm8Z4ZNfAv8st4YDm70mJzqCeP13wEIGsRXvUH9MgVZkfhE_J8BTRLatZmnQ_aBr2CX3ZX-_rsORyOzuvlkm9Erq_48-TTQDypcxTbNSbfuESwj_YnfBK1sj4LUVLfxb6H_ChLrWnskVlQTDt6LUGou4Wb1uTOjHIEU4A08I69CYMoWU_xDllM-ADp7iZUaqhgNvmb7hlUwvC4VcQ8hVCucNN3S7bwSkOYDlzR17TTzBNQGlzTuMe85qttKaKH35ourTktPc6cEV67Aij3YWOjudVimD7gzPpD-w0IeKzVPy52bsdkf-WIhaPK0yL_L90uMQqsuXefyRxjaof2AdE3euO6iR6OgjLjWx-GpPZuOsh9uw_gO0N4GVc7pdnVu5xaI9gh7BExKQlGAtXD-Yg9AbL8fmIVl1M3Hd4yR-FcDkHyBmD7OlPxpdLTnMzNWYwDT9Zu6frRB8s_QzMzehJlaw_JYq7jVTT-8FUjTcjLo9fdUpQN6UCe24uUpIlBivhdtEdUhOHFoLUVq-fzXyieBBaY7Qve8cn2OHyzVl8hHHm7fIrz_vK-0ncIwhjdxsFFYJscLqcRE047KC26Oc2FLERlj4L7lu9XK7J1FRkaL-zyUq5pUykFt85InUYl3t9-ZKxHwsec0wWgOIMroKCHmaKZe1Uhpt_KF-fHL9Oxdj0_hFoh8tQVZeJxg1h7NcsSkwlplUXhXpPrnHvm8n9SshQbzGe6rq_jn9jCz9-Fnci4h--hizZWnzYcgHpTRwHqo_RJ98YsV_Wjy96vlRsS7KogQUR0yZcHvC3DVm1uirVp3gnHOaoSixfY2fEXkyNT7YlNRLBbhpXMkukjofu_A6GgPBlW7jZMHh8n3eWCZlcifq85B1Bop2TSHi4URd9RFcBVm-8gdCCKzq7qNsC3weCSaLfVxrcwE3y6amPQlGq3_nDmM_m3AakEyYF2VQpI_l_gb2UIIHj0s4Iie7_iwP525sPlt64YLt4Xo5Zix6PafqcQoPvkXg4jSwIWPLBy2tVNPOaRh4AhNuajSwJWIk2t5LzGYJsmzPfMLoxsH6HPFyQdsIhWbIpGO_Co9bPN-qjlRCb4etxNuPNYssmu1XZKbA4OaKVvwZmsGwidM-YSQ-ttMWMvQkRpzjEXr0VEvHDCuPYi9horcatYG_NeO5VQKfD4xLMFnekB85pMbsWoT5Acxg-6wQMwaNpdelbNKMdOg2jn_IDBfhPT-TMf6GWhNP1ME2AS4oTIEQr6QdiJdxtwk9a8Y8wnHQcHt8iVuPI7PBRoXb9VytmIcp-SPWki3EJhUybAUSZjlBLkoEBcu6lwbugizEsmhXO7okkGH5-yH6jB8LdPtcC87qGJBBI_0et9QbsjY8P01OpPAPaOAEC7XHAnTDCWj3RSub15m4KvViKzti3bYWAYSz78Y-Jvjub5p01MxLzFo1qMhDxNfyyFCBI0TgCsUgdlBD-b9IJt2xyHZ-DZRCI2LwSOvDF13-or3qPDpHRL7NP7XJ45BfF6DhuXiQUCeVHehzQ50f2JCosGLcBlpYWhvSlprGuu69hz2YdL-KwpY_nEcDlOrWg49k7aXkD_8Njt2u8riZy3-j8mk0OqqOkFwJ7j6AuKvtSr_6eXS7uZtVRT9DexfZnkWiuqtHv9MW8KjADiuMOAN6910t6WQ1botvXTSEZ-Y3EZnolqL6gOrzgZUn_Si8t3f6lYRgGHWLv4siLFQHRaK583456aSbPckWsoz2uEFkK9y2OVEkR4td2A9KnOPWecdCfWJJEeNC_zjlU3lZoOtLCojQ_R7fIvqX_YmF0_J-__7LA9h_ZLL7s3vXmavEl7jZjgug8YhW7c8oxI3hotup1wGxMOxJT832xR4ldJw8zC-7-9XyGn3t8Fc28KsScp8XOPXs2EChYs1d3vEwH-35NbtBUzO48CsJzNaF55hqRlF6BtaSSs4IHIy-UAEcAParR7payctZYEVIkrxpB2gQ7mNKxayW1Cmaw-W4w3bRCmpw6qIfB5sYRMC8FzbwBOk-7uR0AbrUNdNhmgj4mbDaZDuXbSBTp0b9-StIC-VB6Uy73Cn9inxEzWE2V9eCmEkAAWw7E40KaztWNDEb-eMD9uzIzMdU-UQXBsmYaDAc-ZSJlTI8sPQk9rfRSQZePWr6EHkgGSOyaEY-bA0DVrYS0GI3OFn_63ql9SYn9S9nUXBjbC-cT9P3KIvf6mMVH1ta0tIItVWWXCjuZ2R4uZ_21dJ6Xg5KIfKwc2x-OlokIN3RCu1rNxBoemPia25JYgUjTmukywbYAuGYQ7gwvRzHAi0-z42tnjFRPhR-T2bd3pS1KJ5XOsLoFRaVBCWtaU-4GrFBAzzL5mh0zeLuSV_2n4urgCljrZryBoW4yixGBYQ1DBd9SyWH1w1VNZXulQxAya0_VTroHF1igL3ujm6hg&cid=CAASKORo36VJ_jOeb7WBw4JEZmu3oH5Q34LEVhoCU7vpbGsf-KePBbST7_o&rfl=1%2Chttps%253A%252F%252Fvov.vn%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.146.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-146-97.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
45b768273b3c795be7781f07da7628e3b1edaf629833faa6eb30abf61a7d9416
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46696
cross-origin-embedder-policy
unsafe-none
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding, Origin
content-length
8033
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 71f2fed44216f4391ecbb693ee450dce.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
074ihlk22zFaIdZVliy_RwMxngUrWyj4meBUgDhht6W_Mdy6DTPfMg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D14A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_DXNEG2Q3F0_r9ul4DSyVLDQL25pgpAmEYWqzI-Ae91M23glg8QjR5imrd5KF_Kr_17OQOOSm5fCHokgAxWdxf5HfJhVNyJGovE4SerQsQbK73BO1HKZsyqiOXCyj9w9E8dv2a-XG0oQaW-JlKDpZc2rffQ&dbm_d=AKAmf-B43NNrJAjVY2n_L279loi8Z3k-ZRvSzttOWb7LpHXsZuJ023dbPRoft3fKVpfJPd--AsTOvILxE3FGhef-81bUWQn_2uVMSRfyqjuRje-o4cWNEtDt1gPdVxsppBrC5xmUica_vdJecXMMJRJuqViwPSJyiWRAliArb2vk8teYdgktYXmisQFR7OenlMEcsZy0SM5FFrjM__iIwkIDcNX8LSwkNUK2HgP_kBaVocYlR4qKHj62uHBhBFWBA-F3Stmm5W8NtkII1o_1n5E0deIsi_ueyaq3h8V_farHfKmNnxs7dcO897yheoYifsclBWkH-MB3R83FpfnmpsTdPMXVXLuuAv19g--9qEsnssrTe6V2IFDRWLgjorXeuKnQr5aHCUMFTUdHueCTwL7x_sXGmAUc3IAlSJFpksGip1Hx-CP4vQzGXZYZVX5x6daPJ5yJu2RUMbl9e7RAPmttsMPvBa1jXam449ckyXEshAEO9WCHOv5aKShTl5P3v80A99N0w5iP-GQ40wuYRjq26hQGWH9_tD8n2rZaRVv23HBTopfY3tuiA0cMEpLtxChV1Po3aGgUKmlXkec_6LETdHTuxkZc2bwiIYnNv5uDmYYY8h61NwyDtRHPUoGV4YdzIilkU5QgQxNNrkKx8m8YtwT8Yy1MRmGQuxRApRFctawxEyLI4XIT5OM_FN90KgxH9uLtPTdrKUezIpYGzJT10a__cePCbeyujgSXtdlJgyg95a2csbA-7TDUMMEuUNou5DteLCHD6IQJ_U-U9a_Cc_uPuAZkR1QY5q2yLWEZjFelPgh2NZfjgDV9f5mhJka3DN7cH6YspbIYCuJNrWBasQpRTzSn9nVUcQHHPdf-gco7SPURqgiN1TzEZxyD8Lcs0ARUPnP9AIseyBnnsSw2cKJJMEHjswZJJwfXHKM5FC1sRhOcZ8z9xBR8B4FAAa_r3WuA5Ophj_tej8hKTyaqJ5CdzUn0lG2HMslHmr2thW7OHuw6FVLV_aBVveKsQazDhLuhcJ2hpYmTNVkBOfPRpk-Q3XjYklCV2CMAUBiNk2k9ukOXAsbU7_FLepgQBG5_Dsz3xp0EaLv2GmvhaldKwdwwQI8820BZ5GUDy5vIwAdm8Z4ZNfAv8st4YDm70mJzqCeP13wEIGsRXvUH9MgVZkfhE_J8BTRLatZmnQ_aBr2CX3ZX-_rsORyOzuvlkm9Erq_48-TTQDypcxTbNSbfuESwj_YnfBK1sj4LUVLfxb6H_ChLrWnskVlQTDt6LUGou4Wb1uTOjHIEU4A08I69CYMoWU_xDllM-ADp7iZUaqhgNvmb7hlUwvC4VcQ8hVCucNN3S7bwSkOYDlzR17TTzBNQGlzTuMe85qttKaKH35ourTktPc6cEV67Aij3YWOjudVimD7gzPpD-w0IeKzVPy52bsdkf-WIhaPK0yL_L90uMQqsuXefyRxjaof2AdE3euO6iR6OgjLjWx-GpPZuOsh9uw_gO0N4GVc7pdnVu5xaI9gh7BExKQlGAtXD-Yg9AbL8fmIVl1M3Hd4yR-FcDkHyBmD7OlPxpdLTnMzNWYwDT9Zu6frRB8s_QzMzehJlaw_JYq7jVTT-8FUjTcjLo9fdUpQN6UCe24uUpIlBivhdtEdUhOHFoLUVq-fzXyieBBaY7Qve8cn2OHyzVl8hHHm7fIrz_vK-0ncIwhjdxsFFYJscLqcRE047KC26Oc2FLERlj4L7lu9XK7J1FRkaL-zyUq5pUykFt85InUYl3t9-ZKxHwsec0wWgOIMroKCHmaKZe1Uhpt_KF-fHL9Oxdj0_hFoh8tQVZeJxg1h7NcsSkwlplUXhXpPrnHvm8n9SshQbzGe6rq_jn9jCz9-Fnci4h--hizZWnzYcgHpTRwHqo_RJ98YsV_Wjy96vlRsS7KogQUR0yZcHvC3DVm1uirVp3gnHOaoSixfY2fEXkyNT7YlNRLBbhpXMkukjofu_A6GgPBlW7jZMHh8n3eWCZlcifq85B1Bop2TSHi4URd9RFcBVm-8gdCCKzq7qNsC3weCSaLfVxrcwE3y6amPQlGq3_nDmM_m3AakEyYF2VQpI_l_gb2UIIHj0s4Iie7_iwP525sPlt64YLt4Xo5Zix6PafqcQoPvkXg4jSwIWPLBy2tVNPOaRh4AhNuajSwJWIk2t5LzGYJsmzPfMLoxsH6HPFyQdsIhWbIpGO_Co9bPN-qjlRCb4etxNuPNYssmu1XZKbA4OaKVvwZmsGwidM-YSQ-ttMWMvQkRpzjEXr0VEvHDCuPYi9horcatYG_NeO5VQKfD4xLMFnekB85pMbsWoT5Acxg-6wQMwaNpdelbNKMdOg2jn_IDBfhPT-TMf6GWhNP1ME2AS4oTIEQr6QdiJdxtwk9a8Y8wnHQcHt8iVuPI7PBRoXb9VytmIcp-SPWki3EJhUybAUSZjlBLkoEBcu6lwbugizEsmhXO7okkGH5-yH6jB8LdPtcC87qGJBBI_0et9QbsjY8P01OpPAPaOAEC7XHAnTDCWj3RSub15m4KvViKzti3bYWAYSz78Y-Jvjub5p01MxLzFo1qMhDxNfyyFCBI0TgCsUgdlBD-b9IJt2xyHZ-DZRCI2LwSOvDF13-or3qPDpHRL7NP7XJ45BfF6DhuXiQUCeVHehzQ50f2JCosGLcBlpYWhvSlprGuu69hz2YdL-KwpY_nEcDlOrWg49k7aXkD_8Njt2u8riZy3-j8mk0OqqOkFwJ7j6AuKvtSr_6eXS7uZtVRT9DexfZnkWiuqtHv9MW8KjADiuMOAN6910t6WQ1botvXTSEZ-Y3EZnolqL6gOrzgZUn_Si8t3f6lYRgGHWLv4siLFQHRaK583456aSbPckWsoz2uEFkK9y2OVEkR4td2A9KnOPWecdCfWJJEeNC_zjlU3lZoOtLCojQ_R7fIvqX_YmF0_J-__7LA9h_ZLL7s3vXmavEl7jZjgug8YhW7c8oxI3hotup1wGxMOxJT832xR4ldJw8zC-7-9XyGn3t8Fc28KsScp8XOPXs2EChYs1d3vEwH-35NbtBUzO48CsJzNaF55hqRlF6BtaSSs4IHIy-UAEcAParR7payctZYEVIkrxpB2gQ7mNKxayW1Cmaw-W4w3bRCmpw6qIfB5sYRMC8FzbwBOk-7uR0AbrUNdNhmgj4mbDaZDuXbSBTp0b9-StIC-VB6Uy73Cn9inxEzWE2V9eCmEkAAWw7E40KaztWNDEb-eMD9uzIzMdU-UQXBsmYaDAc-ZSJlTI8sPQk9rfRSQZePWr6EHkgGSOyaEY-bA0DVrYS0GI3OFn_63ql9SYn9S9nUXBjbC-cT9P3KIvf6mMVH1ta0tIItVWWXCjuZ2R4uZ_21dJ6Xg5KIfKwc2x-OlokIN3RCu1rNxBoemPia25JYgUjTmukywbYAuGYQ7gwvRzHAi0-z42tnjFRPhR-T2bd3pS1KJ5XOsLoFRaVBCWtaU-4GrFBAzzL5mh0zeLuSV_2n4urgCljrZryBoW4yixGBYQ1DBd9SyWH1w1VNZXulQxAya0_VTroHF1igL3ujm6hg&cid=CAASKORo36VJ_jOeb7WBw4JEZmu3oH5Q34LEVhoCU7vpbGsf-KePBbST7_o&rfl=1%2Chttps%253A%252F%252Fvov.vn%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 07:23:38 GMT
dcm
beacon.sojern.com/imp/ Frame D14A 		42 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/dcm?auc=ABAjH0iOh81FQubBMAA3zjlQEOnS&io=28431545&li=17202185214&cr=424217300&io=28431545&seg=&src=https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&ord=%c
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame A8D4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YvWjGQAFwv6fIQBC
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvWjGQAFwv6fIQBC&_test=YvWjGQAFwv6fIQBC
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvWjGQAFwv6fIQBC&_test=YvWjGQAFwv6fIQBC
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
via
1.1 varnish
server
Varnish
x-timer
S1660265241.300592,VS0,VE0
x-served-by
cache-mia11365-MIA
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvWjGQAFwv6fIQBC&_test=YvWjGQAFwv6fIQBC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
c7e78722-e2a5-e69c-dc5e-9fe979d1ae16
pr-bh.ybp.yahoo.com/sync/openx/ Frame A8D4 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/c7e78722-e2a5-e69c-dc5e-9fe979d1ae16?gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:6caa:c6ef:9a61:2678 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame A8D4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=5320e166-7209-74d5-ed89-891c8686635f&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=5320e166-7209-74d5-ed89-891c8686635f&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=3d22c16a-ce31-46f0-ba9c-0283881e2ab7&ttd_puid=5320e166-7209-74d5-ed89-891c8686635f&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3d22c16a-ce31-46f0-ba9c-0283881e2ab7&ttd_puid=5320e166-7209-74d5-ed89-891c8686635f&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3d22c16a-ce31-46f0-ba9c-0283881e2ab7&ttd_puid=5320e166-7209-74d5-ed89-891c8686635f&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame A8D4 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2Y0ZjMyYWMtYmI3ZS0yYTcxLWY4NjktZDNhNTRjNjRhZDNm
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A8D4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECaSRNoPo01wRvmxe5wHNGg&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECaSRNoPo01wRvmxe5wHNGg&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECaSRNoPo01wRvmxe5wHNGg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3B7B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vov.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 00:47:20 GMT
expires
Sat, 12 Aug 2023 00:47:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1B7C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vov.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 00:47:20 GMT
expires
Sat, 12 Aug 2023 00:47:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5598 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vov.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 00:47:20 GMT
expires
Sat, 12 Aug 2023 00:47:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rid
match.adsrvr.org/track/ 		109 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158497/5589/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
641ffdad946e12b70cf1dce2ee83b83096ff76a5d2553067fc75ffc42ee8dea2

Request headers

Referer
https://vov.vn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://vov.vn
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 11 Sep 2022 00:47:21 GMT
call
adnetwork.adasiaholdings.com/2060/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adnetwork.adasiaholdings.com/2060/call?cklb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.48 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://vov.vn
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://vov.vn
date
Fri, 12 Aug 2022 00:47:20 GMT
vary
Origin
adview
securepubads.g.doubleclick.net/pagead/ Frame 3B7B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4S3SGKP1YprmIuyXj-8P8eaDYP7T969czs-92OoCwI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItOTA1ODI5MTg1NDQ0Mzg4MaAB6ozBtgPIAQngAgCoAwGqBI0DT9DssWGqUFO89ixK5OOzbkWrg0f89wFvQLa_O3yKPT9n3c_FixeQZ3ifniNhA43QryEuBTVR_cOdvr79ecsJZLz6vFF0OlE_m3D3ktmGm7AcybU-sqXsgaMmGK4Zxx5Yw8n0taZIjc5iuVsPjoLRKJ8McHBfhIV5OO0YrzATvSWPLhb1uDMIxHEX93F4cxkkeuTtleJDVPHXFbf4n9rce3ZfX9abjKvSLZipucbFPxDDBWdy4e4FsqxMIpTdEhdkFNuJf1auxn2lpDF16eCwTsAQSUvDH4hfVcIaa44fUK5aVZhWqv1KVinrKwzWiF_Io4P0LkgOOL58_5dDby-uK4bI_X2gVO-vakIIK1WDExpyRdmlqqBtUWGKq8RA38gcB8zl0sqlKaHymnv2fBt-smXjMaKdO5xrYth18XG6cQp9Kpn3-ylbQBi8s5hmVWEkkbG1xJ35Zc_k-ehd_aUwCk0jlFcn8kkE3LFraEO31q01ZCYimo0Aq4ZN8CtfH2G1glunno5qtO8AhRR1FOAEAYAG3urF5-qPgOvYAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA4IiGEQATIDioIBOgKAQPIIG2FkeC1zdWJzeW4tMjUyNjkwMzQzMzMzMjQwOIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MDU4MjkxODU0NDQzODgxGLbXaQ&sigh=BJJentZ0a0M&uach_m=[UACH]&cid=CAQSPwCsnQUxmKYLox-nNIyroMnOoEgllzYHRmdaUxp1eyH_5-rxTe2AEHoJNtLBAXFgF77J8LX6YgO0H-enVEyYABgB&tpd=AGWhJmvBMDno29CeNAL1KwwU7HHoNJ_BI9OKnEroaGPeb4ydEn6JffOGHR-2Wa5OsPKg3EHvO8wSa6S-dhjVvLV6ED4PBAvgCQtyS6hQlzLtDm4UW9HBNIElpyml89oY6Tmv9EFRWUiqkeOVtl9N_JPy14DRLKki-qesrNwuDCOechdJBWPGActMHM3V9CIasr4Q2mtDN8efGPUtinbM76PMJo4DuAE6yIPgjuq04Is2HtTIx3LU9Yna4Imgbyj-dYx4RlGQ6SjIILE3e4V3exm9C4VUV-KbbeYBGj0npSCf4k8EmL5XWy9CO27yD_fFsm1d-8vr-XlBl4mI3ox8mfvy_COrxZjpG9EgRJOMxe-ks2vioLGAOwCVoyNhpHn9SvohgT5wlEgKboTldvuslG85NfjXYdSnb0uwNKvn_F7KyEf71A9KRCzHpOyMRB1vfAui4xgv5omkGuh0tfGWpDrOvsVaUvEo8KywztdbDTWHJU7iBuMT8VhSdhUs_75aRpmTdWEmEh89Ogu0ttA-2LK2_WYrr0vy-nPgCG_DlOi79Rkw3q6a_7dFxpUx27BJb3KNrgdlEzwSEmGiS5PYgwR2Z_gJvTES4-GCaOGQUH2IxMQPhjTvXz1hRLK3M0gLd7bPSwqyecBfiaQp3k2S0KJpipeQKC2dLENy0LYxdnqiqe-BbGsViQPU97Vb_aHFhPVEV8KjlgVI-4Bn2qqnQ-fLaCh6k9eA-3byMY95bZS4fbWgsaq2kNW1UliW2dGZncQGExHaRcIAjYJnvj88P5T1xOADPgSk_MhIrjDpOcSifT3Ve2ecmkxaYIQrpEbZPNFOn5gae9osXeZqkvj7RnqHp8ss2sT8aaFxFUcJCQ3JxWrQnv8LEQ1r32TctCNpnLLBF4QJyRNW_uK7FoTPCq3GKlJWuYNXr6JjcSrDK-RpF68T7Gji0BdeTb2EG5y3rdCC5VuaZC-U6E74JqbajzzTYe6S1wNQfj08I0uEUC3g2nCok-j_UJ6g6Cq7lHAu2yFoknIOXruUTBsciq9o7z4s-lnuZEWWz91NfkMPE7ZatrqO6960poc_kkMAxx7LkkWobXLfTQI9S--1m5Bf0s4lWMl71q7eXV2gb2uOE7ajRaD-q1JVWfekRbayGNHuLxndNIvn5HNGCtyZzv1IgBhgM_LQzwptDs-c1ncKB83tQcwyGyMjPFAtd5UiwDk-ZrCx7BJVXi_lH8DP2c-EA4ZiIus_fwuRWdHvULW3wD9CFGiabhsmBB1tA5BmsZSgrSPeSVSBseCmNsbtsXVdz91tNYqkflmP76v8a9rmOLrTw4C_-5py9NbQOuQA8eeb9PXB1gw9cuEBfI_RDzih4Pgz9kFIAqTtMJUXMSfbTVR0BQdPwdfybhqWGq7K1Fi6ndSaqFMr0ptuj8Zdarts-i2GKKin6SlyEzuvdIw0K_fgT1OHe96LXQb8FdL6g_oeNg5OY88RNE1F5yHgPg3lEeZJng7IpNAFxtrHAu0bYvfTwhv8tYICqZnmhWS3Xbq1VxH0xbLc0zFWN1GnUWuMXGwcgeDT2PXDBgmJ1Gg8SWrMM5ciHI-wTTT0bJ5WoQGpjojj4ZizPbXK3ho_H45ThyTc0LpjB5up2EPq1nSm1EY7a4L-1rln_PtIlXOpdBFJkms8OCO9reZk0uQuXzi5rW1ZZ7uVDkp6p7T3afTLLrE2cQ69zBlzXEQ2-j6rfp5l0CUC8hug4JT3R-glPcyEta8FAPW8tvQY8XUSY_T3z3icyFftCP9LVb5A6PQ9x4EHnRJXbNkrYIt6jT0D02THsIIG98yjJ0xygZ2u7klupkngWqC5h9xdZaELFrx0vZl0x5ouln_YxAcDNIoeQwS1Iuj62P-fi8WyUR4sP8IMSCX4Cvix9I4j49rNPvB7_jYwLSeXYNi7nTwtF-_JkS3nsOaQq5eqPtKxe2AE4M10wPPtLe7YW1w0D1qSCtYoh-A-bLTSsfy6YY-n5d8V90Z9ZJO_Ilv5c8sNMDKcpTL-PdN0_0NEXY0ZEM3W9zcxygmx3PVAoByT3rRA_quZzZZeoTL4VL-eea7VqasqNepBF1UNhtD9cEQ0WyvpbiHCP33a
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers
afr.php
ads.us.criteo.com/delivery/r/ Frame C874 		119 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e1807f8f33c950be5256bbbb97e2cd9dda8cc0b1ab8adf74adc9466e69375d1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 00:47:21 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=_2QNAxJ9tOZLVpLvrFC9PPUX7nNpV40KSTuGbouP8ch7QBnHv3tT8ZIFZF27H2etTwPPNg5EV-4ORWcuvdObma1u7umFcecE7WxigbjKLUzZzrzcBYBsQ5OPibOY3avSfwhCaosVYOybKbIFvH5Pyg9qdnitFlfwh6gHvkVabl-ZwtbzUQoirg2Dohk7n74EoLLstdGblGe3crPiYalrf4Fq93oUXuGonVVPkTr3_cjk598_9v_dRNBRFlLBUP9sXMptFA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
68076392
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4C1D 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 00:47:21 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 3B7B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:29:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 00:29:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B7B 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 00:47:21 GMT
register
token.rubiconproject.com/ Frame 3B7B 		0
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=L6PR22KS-S-9986
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 3B7B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
718
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 00:35:23 GMT
l
www.google.com/ads/measurement/ Frame 3B7B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXxxJsD8rL51LgpdevXdJVPq2r8sYGTclsmdg-GnOo1wPkPaAXTfZUKcYtPaLzS-FMO9_rYJO9Qex4NmZCy2ph7SJOIw
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3B7B 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Sat, 06 Aug 2022 07:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 06 Aug 2023 07:24:19 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A2E7 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
150947
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:51:34 GMT
expires
Thu, 10 Aug 2023 06:51:34 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 1B7C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtHbQGKP1YpvmIuyXj-8P8eaDYJyB77BcosqnqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxoAGs3f7oA8gBCeACAKgDAaoElwNP0HlPG1IA0iTj9VOMdbksq0xG4rpyUGSMxZuoR1beFrsrgCsLr29-zN5y3_DtgGpS8Ils3u0DJJFnpvDnO6HCErRp8RWpFU2L8pCWqExlWfpIp3tkG_Ylsh8Qk3RKjzkVisomgtXg3r-AE4RwaPdpvazgUmMhpX-2bMwz7LP3xKb3P76iyKZMYIpTxFkjqU1MDQiqAEB1mJDYhUBe6sqTXdi1WNzMrB4a3gll-pfJgJX4Sc3HY2NArCycrLAyDxUel-dOGHNDsBhSP14rtSQvGAM7xfOqoC6UM2Z8MR8QcuvKaXC6Uuh3EPwtcevqneNRr5kD7wsw5F5qBYp7vWY_P1jS5Zn8yE2T_cjzLfimdvhflJ8PX_CP7_UuWmMgPSnC50tsIj2FCgUzICWc2kPw8PF1wbTpSRQvqjWF0F5F_cOkMyA-GidFyAmT-GaL5sBYPPtCVCmlVvkYlcuFRwGCIrLjogu-1DE_DiaDOJ_m_nmyb1rc4X7XHKoWyyz2OJ3TG9Gd07IfFBJN-9TYRYgkEaiL4Z3kz-AEAYAGndz7_-j3xdoQoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBA8ggbYWR4LXN1YnN5bi0yNTI2OTAzNDMzMzMyNDA4gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTkwNTgyOTE4NTQ0NDM4ODEYttdp&sigh=X4NyBbOBf9U&uach_m=[UACH]&cid=CAQSPwCsnQUxmKYLox-nNIyroMnOoEgllzYHRmdaUxp1eyH_5-rxTe2AEHoJNtLBAXFgF77J8LX6YgO0H-enVEyYABgB
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers
notify
rtb.va.us.criteo.com/google/auction/ Frame 1B7C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=k7CZFKD_WNACmALiIp0XAgAAAMcVgatAd1V-i8fZagk5jtsQF6P1YhcNCugPlu0bjfs2ABIAAA&wp=YvWjGAAIsxsH48vsAADzccp1FQ4MKp-7SDQB-g
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:20 GMT
server
Kestrel
server-processing-duration-in-ticks
354816
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.us.criteo.com/delivery/r/ Frame E186 		122 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAIsxsH48vsAADzccp1FQ4MKp-7SDQB-g&u=%7C37q5NLbdiZTR5wRbloRO5z4nR9U7lGXCaRE%2FCipRWf8%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62knUQI1z9HYeneK-1Devt8wky9zDFC3GGWJ4OT0gJBtYd4_HdjhA-nVYXxCOchoBuDKJFHA8Y4tzBkiXaIv2Udd4FqNqEWMyld3OmAXFUfiReAOHsfwm3EX2eZuWeCJyydpy0Kezqh4KWHgoSbzNsvCi7eUPnsn8yAH63L4KrxYDf5XYDU2fFo73UkrSyBRzsuWtBmk5CIYscRE7XhIiMWdtbCA7878k1hr4HX6Q-GkXRY6khK7cTqAKmTyVahcdo5bqY7hphTw6fLUzB2-yqAx3sRtWVXt6ARNHhmsNIjSW5EQsflq2wJxot4JhXe_X8wyvk3vETjT8KQuU5O2d84lwVHCH_QH4CH9csaOUt8vXdYHL2vdyV3qH36rvIzyK9GLpH9VSQt_BFvkci6PlDPA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqzboGKP1YpvmIuyXj-8P8eaDYJyB77BcosqnqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxoAGs3f7oA8gBCeACAKgDAaoEmgNP0HlPG1IA0iTj9VOMdbksq0xG4rpyUGSMxZuoR1beFrsrgCsLr29-zN5y3_DtgGpS8Ils3u0DJJFnpvDnO6HCErRp8RWpFU2L8pCWqExlWfpIp3tkG_Ylsh8Qk3RKjzkVisomgtXg3r-AE4RwaPdpvazgUmMhpX-2bMwz7LP3xKb3P76iyKZMYIpTxFkjqU1MDQiqAEB1mJDYhUBe6sqTXdi1WNzMrB4a3gll-pfJgJX4Sc3HY2NArCycrLAyDxUel-dOGHNDsBhSP14rtSQvGAM7xfOqoC6UM2Z8MR8QcuvKaXC6Uuh3EPwtcevqneNRr5kD7wsw5F5qBYp7vWY_P1jS5Zn8yE2T_cjzLfimdvhflJ8PX_CP7_UuWmMgPSnC50tsIj2FCgUzICWc2kPw8PF1wbTpSRQvqjWF0F5F_cOkMyA-GidFyAmT-GaL5sBYPPtCVCmlVvkYlcuFRwGCIrLjogu-1DE_DiaDOJ_m_nmyLVj8c9UllarVQkF60-da2Gah-7sxDNbWCK5RjDY6PbAiNwzkDEQFx-AEAYAGndz7_-j3xdoQoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBA8ggbYWR4LXN1YnN5bi0yNTI2OTAzNDMzMzMyNDA4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DuPeQg6w63rcPGV_kmJwBJHE_Mg%26client%3Dca-pub-9058291854443881%26adurl%3D
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
02e7f29c695147a6fcc6d20350674e4256ad448a80a5864668f52428e47579df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 00:47:20 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=rVZg1BJ9tOZLVpLvh6m7ufTW4vW9rJWx-Ge8YXZ1pLF3LgMrbkY8sof12q8lN1wZZXcljOFPWH7_qVOIz1ztx4zoT4Hhs7sf_QkX6pcaahNFAWwPRFmKwawvs569P7RQWJqaaQyRRRXiM6D95s1EImsFiZChE59hfXv1iuhNG_j5MOfQJlfL4VKAlD3APol1EmK282sIn9cwGPP8oABzKianVXpDxs1uKA_uvHHip0nP1AY3I-8n_XdPuCKB0ZbAnrI1mA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
59166142
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 1B7C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:29:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 00:29:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1B7C 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 00:47:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 1B7C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
718
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 00:35:23 GMT
l
www.google.com/ads/measurement/ Frame 1B7C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3Y4mVA4P8ocTgmPzncGrI0XAGG8u0rPH-do3Dtoa1aCiqrPugDUQQAejxV6uqrD5U0X9AqlotzERKyGEBQPCYpdqpeQ
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1B7C 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Sat, 06 Aug 2022 07:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 06 Aug 2023 07:24:19 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A1C0 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBCEm14Y_8G9zgEwAQ&v=APEucNWZBRvtf7eDkzbB1DHWPh3Lkm5KP0XCH9iJ2nG0aaIjFRX0xkrzBZuFoD7jxv5OGyrOpnh9ujaNNJKhP_ColHGiLgGrpw
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 00:47:21 GMT
expires
Fri, 12 Aug 2022 00:47:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 5598 		81 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhT6yWFpH8Jf3MC-7AEIUNchVT2OGTWNHDIcyJt9U07Uyk4SRN3xBfJPISSH9W0K7-vOxtQrv5UMyQ6zyzZbXw4vfDQ8nU_T5rZ2YtO534-5jU7Nbpzi55TVg9y23j50jpILOOAcTZXdet-62UulffwEY6TA&dbm_d=AKAmf-Di0msKoR32-o-eZom5F3Zsq-1skFKOOrwVm0KhmHU0pWUYZCgCxiARpdJ9kGIvGa29iTQiHVSCClM1jSFwoMfvfLIynqiuoi9LI1AydEAIdezP_awj-aKdyC8lmZ3DltlxIiaUEj4QHrmNSUxDnO3eWLDhmrcEZCLG8zMtEr4viO4bDjGOiGTbMBuCmkg3l97tnFU8fYHTN5caDr57QTQ-JlKDjktRXKASV8pm1DyqQKcAJTp01EEzcnh1glb68SGP8Xu5bp-Y4o-C2hA79RRI8pddoKqhOwrqIw9O5hmqNINStyXuhlYeAqpwE2-RWtBclxZn5fq7IMBFDpwvvCa7RS5ScPis0ZbVswhbsr863qWMSLDTuPUuVsHS7MBUVzWjp9bdUH2AzPNES3xJMAFa4oOBAINeekgMUNzDyEMr0vWfwkZLdW68sj7Wmgk6SEjrEJuXEwXkXwCjkUK3HjE1dZxXly22t5Ob0umC8Xpn0ZuSoC3zGVAmPxmz_Rrd1nR8wXhQBzsc7rtN9bnFGzAhYor10k-6ivq93kmd1PwE84qNBOPm_9bOnRGfRz9DcmUbxkcwyggZ6-ulTqpkfbPEkairO55kbhEZdbJc9LuyrpCu0M1OSEuVWuftLK2qwFJbrlMFj9RPL8--rAxL9Wx4ePEOK0sts4KKr1gdkRNJL1xKcBay1BHCsWg1bVGNNaIJ33plwdsjaV3L-5tylbg2QLMWnmnYnnrOCz16b78v_jSxCZIIS1MIVjcR3nxaObUlUj-YOJB6YRSDQSGHYYCwUC-jFq65orOmxhzn1FElt848O4TgtJQ4AK6LZDoekDUKzMlQ0wXOTVIiSsvhBXOY7FakBz7S_CYcMC_FLiaig33qJRc6VxPMk0XnXseHdQnwVE2U26uH6ko0Iwco0rrpMZFZSkosJmwHJcX2ougtXXNlobQBeg0LXSvSobdt6oLpbDiNJV9HoBX3Szi6XPoVlFkMu2PQysL3MwlQNte-Gy4aiBnQuBPz_NheSTjXkduVHIf-KE3q1Md7sM4UBk5LN0jVJGCG_8z7fDgsbZL9UL2dWErHFeKHfBzveTtu3DWmvbiXnC8BsiSHogeWHmleZoiQmgoVaNG6gepSN5B2AP9EWWaiIHj-xf0subdKN0XR57WUNZ8u0uop6XStDLPCOEq-Rq_Lx98Dj5Dy9oyIz7lmu3Ryr6nsK19ddUy9EROmc6zYrbloR7TIUWk3xG-rCYvO3PnN-tA5VyqCORjNZ1kdTeBOiomT9MlTrHQtFpcxA_HEu4cpcoSSEFqww_VQJThXtfesqUWnSM8eTunRt9Z3qhL5jBMEUvbHY24oJ4bW5-BDGhX7VK56wc1nTj265euBE8WZRu19lse86ySFVYU_wjkYOPrHHqU9L4q3ThjQuL2qPtCgK2cmnKLVTdXQVHPln1JxD9FRnYtprCnumxD-oP11xHQVAq2bGF733ueq9SRMMTZXQqQ4F1YHyXDpLXRm_UvtitF2e3Nvhdj5yxU9emlR-1l_TULnRdNQ_9M7wnLgUjjMrHMtWDC0D8JE0fIRcJ1IUs_lf3MC86Ms8tEqo3qZHBSMbkC3XGEkARJmjAgDKHUaVkf6uJ17ZSzJpJR2det2PZWvAdOYk7GfT8k5EmVG4UAEoBx1u4Q_gXvQNQ0M4Oy1PGhuu1yQ7KHgQcHpJTjqRxGvjI4PBtsDfZIj5-Qej-RdXmOR46AyB6OsyGb0IJVAeUBd4KNIWJCIKyOQnEKw9ilcDsn79q3I0ZIpdURKwLV-hBIaVYuLPG-VVrtCh1pPhEV97Ni_C-vKsPh6ylzAdKpVYkGhuD-CaPYEpcKlaH766YrFR1TbxCU3xNVJBBoqNsper2V-sqYa14UooEfYS9O6Y9XGAa3IzWQLQo6fh0MHXsrguHUqBU8xDo5oT3WaBfPUCwSkF4HtUD5M2H7INPYLPuAITuwzE8LA8SYiW0bkFpN8Nqe_OxrFXZV5_YzgCDNmj-mBfWEZVcFsrOsKJ_h5HX4K_Nh2ouAmYA7pAJfR_azyW8B3sDIjfMsrZiaFPLsI2-nOVkQjkC1_mjihn9rtr7cCcVUdXlfKhVfPzfICVF7AeMnuOW7pW5EjCEa9dBnQat_ZktZVCXpxP7D7j7JkkbmR4KgerMNhGNay1gb7MiGOo7Dn46rp2njwTRcLXl_MaApht8ofTmECb0a1n6J0wxHAlh_3wbvjCY9Ckix2WUTDvsUwF78Uogxw8h5f6pyuAZHmimWL6wilyNV-tpTQ9DXOdJNy8hsl9I3O2og0rx3lacioPlWb8AMUlefTxTGpIlGW2liobRjuiz2uqlFwjMrej4y4JDV5XfbvPNTo_nlDwuiBqdOFFCtbrDi45sFxb6EyKVyAU8IE6ero3KspGhwNcyqnyZX4u8u0csthv6AOTMqwZ7ljerh6uuOBAsC_YThCI5ZDE6QJ-Fbu0j1ZY9eMapgS9UCaCKtSZWIhz3tbV8s_XwzTKJp0e4nEQgc4ykvGX6mrUlnrlMazb7_7bj-Q2XPE53ovT6NSlsbuwhUYfnt7IfDWVFjLiW88qmdgZCB3uGN4dHoplpdfilx7YvH3MgV52A_o5exWHlRKdcUvOcQ5d0dS8rjK8Hs-u8Y7w5raO4VTjVOXWdpbVtZplsZYdgZbVQ-A5okBeHSnEK_z4B-4WLyddAyZoyF6LBm3NB2ZkX94zXPJZzRD0G0usxygQaUnJk1TZyC3z2uy_HSqggKjeJTAs5CZS_Vrj68U99cf2tZ_YD59Q5FgkEBAgLVkE7UOHRIEsGIJDO7vnpu9giFJ9lQ9WULj84Psux4KDLtfiV1ewfL4Q8qxZk9D1yIMTU3lzUvdwubzUv20ZBbcR8Se9g5YjmgxorD_7WI-3iobhJG-Z_j899sY6t8znf-eejD078c__OXW4pj2I78hG3_va2dflgnFqNaLQprvKV9NiXSoPjuYb2ZU_-2rhx0p1CIPeTmYkH-rT_vweCURq5bgviWNcgqGe9HhJDsWyulKgizgLGsXA0kd1O8TgbmOWWg2YvPBQSvjdExnb7bx5zDQWItT0wwJ_3WoJpBjxWKOzVo_ybGry600MtH2_vgnacsVdr5NzuA3OlTdQutvc52O4eyBzrtOWuKQdwWmicRTtT0oOet5HR6gZEnecn0fVfVCe0pUhDl8mNa9c65z9VGB1phZ9MLE0ZYNmrWUphdpFZV8e7halAkmoTuVsgGLkDsAR_aedFJVoIRQg6vOWe5rxBZVaN67mxCN3XDqBHiMXnbJXdsUrbrlan9SNv9GSbtL8nnWTSX59ak7sAQtcku4se_BaZsDcL3K5Ny1c1OJqkSAXwflakoUimIMlUSmT7yNQyBet5IBnsPk1H1i4rmdEdQAq1Eeg0dq4CuHUEVlu4Y_8bmZ29wAw8K_BxuwTuyg3Kt-W4NJZBxvfUQF7esTCwTCMDwkriL5FKKWaX3Ux9O0AJmzQNSqMch3sT7A9uFNUgEazqVctGexkqxMJZ5wv3rbDXwTmZsrAM1VKwKOUOXaOtgeog&cid=CAASKORoV0gU4s1Sluzl4x4IdGLWvyvaoN3gpfi51DATSD4pCm51qGVNrz0&rfl=1%2Chttps%253A%252F%252Fvov.vn%252F%240
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e53b7810b06fdc55298ed37ccff63d13be3b140f18b865a340662ee59f632698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34875
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5598 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BmwexkRT7of9VPite0Y4EmqVvD3bSCQzqVhRP39GPoDko37_mjLjJhlVfYAPJR644cA1j5ENTaBb_bcPf5kWs1H1d7QzYMxCS3imL1OgHwjjJPvnw
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 5598 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:29:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 00:29:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5598 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 00:47:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 5598 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
718
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 00:35:23 GMT
l
www.google.com/ads/measurement/ Frame 5598 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlU9T5Oy5AbVAMcS9-wQiqDjrCODf-r10JUZqsXsrwh1l8NkpWli_fVAs4AfTX8YGLLBx95NQ3hJAPH6CdCKIyFnx1Ag
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers
sid
mug.criteo.com/ Frame 3BD5
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=vov.vn&sn=ChromeSyncframe&so=0&topUrl=vov.vn&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=ex-U33x5WEdHYVptOGpaOGpXbHhJWmJDYXZUbUliZjBpclM3TTBaNENWRW9IK1lUZ2ZSKzc4cmxMTyt6NHQ3QlpGNkZJeW9tMUpaLzRwU203dEZSZHYweEhpSE04SGY5Sy9ub2orTDYvVlVoSTBENEdmdi9SbGU3ZThrY0...
422 B
628 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ex-U33x5WEdHYVptOGpaOGpXbHhJWmJDYXZUbUliZjBpclM3TTBaNENWRW9IK1lUZ2ZSKzc4cmxMTyt6NHQ3QlpGNkZJeW9tMUpaLzRwU203dEZSZHYweEhpSE04SGY5Sy9ub2orTDYvVlVoSTBENEdmdi9SbGU3ZThrY0lsNFFrZVZ4VE1ORzhMdU9NbnVGS1cvazhXZ0lneGpyeG1Ib1dkOExDRUlhbU95blpaMHhNVXFiZ09nRUR4Yzk5WkhTNFEwbE1NL3c1QW9IQmJISnpyVlRrZ2ZXMHllK2JoeXRBOW0xS0x1VzlFcE1QNFBpRTEybVBKZ1N3NEM4dWxjbHh5dUs3cnFSSGNRc2J0dFVCeUZvZmxyU0xuZz09fA&cppv=2
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
7ffb0dbb90a9e85854728c9538784ffee4f42ba412e648f40b9107c900e0c813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5657
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:20 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=ex-U33x5WEdHYVptOGpaOGpXbHhJWmJDYXZUbUliZjBpclM3TTBaNENWRW9IK1lUZ2ZSKzc4cmxMTyt6NHQ3QlpGNkZJeW9tMUpaLzRwU203dEZSZHYweEhpSE04SGY5Sy9ub2orTDYvVlVoSTBENEdmdi9SbGU3ZThrY0lsNFFrZVZ4VE1ORzhMdU9NbnVGS1cvazhXZ0lneGpyeG1Ib1dkOExDRUlhbU95blpaMHhNVXFiZ09nRUR4Yzk5WkhTNFEwbE1NL3c1QW9IQmJISnpyVlRrZ2ZXMHllK2JoeXRBOW0xS0x1VzlFcE1QNFBpRTEybVBKZ1N3NEM4dWxjbHh5dUs3cnFSSGNRc2J0dFVCeUZvZmxyU0xuZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1800
content-length
541
expires
0
container.html
f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4572 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vov.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 00:47:20 GMT
expires
Sat, 12 Aug 2023 00:47:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D14A 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2dce64de0257ae3a561c6f0013aec6564c2e7b96bf31bdaa68025eacd218567

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame D14A 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuL-gnhwEuSeNoRCJrF3_v6Fwhy6630m5C8ghpnHQzrFysrRcmfeM5kEp01JMNCNu0p51YicU-NACK1s5DPk6cSrOaaVf1CQLqcIJ9d5i8Lc0fXMwL1JhyV-RGh2BDG02-KUBMGAWOG4H1i5kqYG2ZLVYLn05-ApmpVGxzblXYgXUvNKlcpLO0Oh5epXPDCTkJxUXhsf7CFOhvJME1iEsEXm2WJvk2IfGLcGj2O6pqAuyM2pHER6Gn6eF74QUpnrE97XF2ZJy9nKjoNRqaL0DaKeTmEyfxmccwoM4-9sBdofPu9-5HuZkq1VoKYwBN1xiKgt7B6k3G8Z9ZuEpnEtoeLe7kpUDjyslZ6o5TZRVyGflL_NeGaKuXq3wLltrMgEr4A53Sv0JaZYq6GN9euyGFgzaP3P-oapRYQK24cPA_jwOoxsuPQKA_doE8qW1JnBov7IO94XASJB4nVqS31Ub5FosJGB2MtqsedNq_Z44YRraWHS6A1RuLBda-cC0sFoJYUxF44dI5JOlli-E73VhVSQVdFPhZAgIESyZJpNp6i79nq_BXgZBgIBKW6ESxnA2FV_CCCgkgjq-b8mCvXMv8l4c9oMWWst7tVL0ao597ZEchW_4cTz6x7Z9YwdL3AJdWw13mTHIL8YB534RAzbSB073q8fDV8OmnsH5T-2iyHSqnBpn5bcqpUDlq8jy3DqbxkicQSlF-ButrYoNznLzGTeg6XWw3ZXhOT22aGdaa7pg-0UHlUOyeK11HgZKUmAzXVCVfrRdXbwpdEvykwjMzjsR5bApmLPKGlJvFlS1O2TzdiBb-J01pCcGkyx3qBF1WkAmgqbgqgMWoLFUDEPOslwmjeompTriZtDbQJ1CFDM5XCTiS8iU27vALuo71pCHt-sb1hmhh9SNr-y3IucLXbqyi2v7bPO9VfHkP0mDlpaDxdbtaQKvQ78p0XZAQH6WC2hrMHqFoJOOi7HGh7s4Sa9zms70jLnLDOBvIsmN48ArBygeNmZilZ-YxILmR1KUvnQgBCJNtvGi3FPPMVn3ikTVN5y-iGDh8iXsac7u8KtEhGp61B0N_iVOo8U-t6ERe4uwhKxkZl4k6BUYOMArmd-2N41lIRQlavGLDFOIlUxg-EQK7L4Ulx776uX026NH2wgYe8TNSV81wUeO7cqtfD11siFinMryc5dTU3890j0JCeabMQTL9NBLn2oOCc7WrPfS4pYcwkAc6JLZlJVia8umEvliTlVtZUWWspOdb-E14E5nx3aOdSawZS1o7Qvn0DDt99QYquizURCKfQChPT9Kz3Y1pmsGrZax6-vqyWqe0-e9XW&sai=AMfl-YSSBXhQKoqHkAdyRPfmN-D3jqzBzmkMh_t9uzZVSBBpIhVV1OaWeo0CS_rt6RAhZEHA6siZc2nKzoxKC7mqT4iZCCNrT2e5F4zPqFIDfJOl8ilSYAvhQOzA7F5PxrNwY6Dx2a56FwlBjvN32dUBI8jW9vKv46Nm_SjQ1Nmj0AGwZ7Ob2LamNCuFqTlcc6HdVbdq4Lq3ub5wRKGX7-eepW3Emsj7fr-SFA&sig=Cg0ArKJSzMSjJoso-DddEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=438&vt=11&dtpt=436&dett=2&cstd=0&cisv=r20220810.53957&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_DXNEG2Q3F0_r9ul4DSyVLDQL25pgpAmEYWqzI-Ae91M23glg8QjR5imrd5KF_Kr_17OQOOSm5fCHokgAxWdxf5HfJhVNyJGovE4SerQsQbK73BO1HKZsyqiOXCyj9w9E8dv2a-XG0oQaW-JlKDpZc2rffQ&dbm_d=AKAmf-B43NNrJAjVY2n_L279loi8Z3k-ZRvSzttOWb7LpHXsZuJ023dbPRoft3fKVpfJPd--AsTOvILxE3FGhef-81bUWQn_2uVMSRfyqjuRje-o4cWNEtDt1gPdVxsppBrC5xmUica_vdJecXMMJRJuqViwPSJyiWRAliArb2vk8teYdgktYXmisQFR7OenlMEcsZy0SM5FFrjM__iIwkIDcNX8LSwkNUK2HgP_kBaVocYlR4qKHj62uHBhBFWBA-F3Stmm5W8NtkII1o_1n5E0deIsi_ueyaq3h8V_farHfKmNnxs7dcO897yheoYifsclBWkH-MB3R83FpfnmpsTdPMXVXLuuAv19g--9qEsnssrTe6V2IFDRWLgjorXeuKnQr5aHCUMFTUdHueCTwL7x_sXGmAUc3IAlSJFpksGip1Hx-CP4vQzGXZYZVX5x6daPJ5yJu2RUMbl9e7RAPmttsMPvBa1jXam449ckyXEshAEO9WCHOv5aKShTl5P3v80A99N0w5iP-GQ40wuYRjq26hQGWH9_tD8n2rZaRVv23HBTopfY3tuiA0cMEpLtxChV1Po3aGgUKmlXkec_6LETdHTuxkZc2bwiIYnNv5uDmYYY8h61NwyDtRHPUoGV4YdzIilkU5QgQxNNrkKx8m8YtwT8Yy1MRmGQuxRApRFctawxEyLI4XIT5OM_FN90KgxH9uLtPTdrKUezIpYGzJT10a__cePCbeyujgSXtdlJgyg95a2csbA-7TDUMMEuUNou5DteLCHD6IQJ_U-U9a_Cc_uPuAZkR1QY5q2yLWEZjFelPgh2NZfjgDV9f5mhJka3DN7cH6YspbIYCuJNrWBasQpRTzSn9nVUcQHHPdf-gco7SPURqgiN1TzEZxyD8Lcs0ARUPnP9AIseyBnnsSw2cKJJMEHjswZJJwfXHKM5FC1sRhOcZ8z9xBR8B4FAAa_r3WuA5Ophj_tej8hKTyaqJ5CdzUn0lG2HMslHmr2thW7OHuw6FVLV_aBVveKsQazDhLuhcJ2hpYmTNVkBOfPRpk-Q3XjYklCV2CMAUBiNk2k9ukOXAsbU7_FLepgQBG5_Dsz3xp0EaLv2GmvhaldKwdwwQI8820BZ5GUDy5vIwAdm8Z4ZNfAv8st4YDm70mJzqCeP13wEIGsRXvUH9MgVZkfhE_J8BTRLatZmnQ_aBr2CX3ZX-_rsORyOzuvlkm9Erq_48-TTQDypcxTbNSbfuESwj_YnfBK1sj4LUVLfxb6H_ChLrWnskVlQTDt6LUGou4Wb1uTOjHIEU4A08I69CYMoWU_xDllM-ADp7iZUaqhgNvmb7hlUwvC4VcQ8hVCucNN3S7bwSkOYDlzR17TTzBNQGlzTuMe85qttKaKH35ourTktPc6cEV67Aij3YWOjudVimD7gzPpD-w0IeKzVPy52bsdkf-WIhaPK0yL_L90uMQqsuXefyRxjaof2AdE3euO6iR6OgjLjWx-GpPZuOsh9uw_gO0N4GVc7pdnVu5xaI9gh7BExKQlGAtXD-Yg9AbL8fmIVl1M3Hd4yR-FcDkHyBmD7OlPxpdLTnMzNWYwDT9Zu6frRB8s_QzMzehJlaw_JYq7jVTT-8FUjTcjLo9fdUpQN6UCe24uUpIlBivhdtEdUhOHFoLUVq-fzXyieBBaY7Qve8cn2OHyzVl8hHHm7fIrz_vK-0ncIwhjdxsFFYJscLqcRE047KC26Oc2FLERlj4L7lu9XK7J1FRkaL-zyUq5pUykFt85InUYl3t9-ZKxHwsec0wWgOIMroKCHmaKZe1Uhpt_KF-fHL9Oxdj0_hFoh8tQVZeJxg1h7NcsSkwlplUXhXpPrnHvm8n9SshQbzGe6rq_jn9jCz9-Fnci4h--hizZWnzYcgHpTRwHqo_RJ98YsV_Wjy96vlRsS7KogQUR0yZcHvC3DVm1uirVp3gnHOaoSixfY2fEXkyNT7YlNRLBbhpXMkukjofu_A6GgPBlW7jZMHh8n3eWCZlcifq85B1Bop2TSHi4URd9RFcBVm-8gdCCKzq7qNsC3weCSaLfVxrcwE3y6amPQlGq3_nDmM_m3AakEyYF2VQpI_l_gb2UIIHj0s4Iie7_iwP525sPlt64YLt4Xo5Zix6PafqcQoPvkXg4jSwIWPLBy2tVNPOaRh4AhNuajSwJWIk2t5LzGYJsmzPfMLoxsH6HPFyQdsIhWbIpGO_Co9bPN-qjlRCb4etxNuPNYssmu1XZKbA4OaKVvwZmsGwidM-YSQ-ttMWMvQkRpzjEXr0VEvHDCuPYi9horcatYG_NeO5VQKfD4xLMFnekB85pMbsWoT5Acxg-6wQMwaNpdelbNKMdOg2jn_IDBfhPT-TMf6GWhNP1ME2AS4oTIEQr6QdiJdxtwk9a8Y8wnHQcHt8iVuPI7PBRoXb9VytmIcp-SPWki3EJhUybAUSZjlBLkoEBcu6lwbugizEsmhXO7okkGH5-yH6jB8LdPtcC87qGJBBI_0et9QbsjY8P01OpPAPaOAEC7XHAnTDCWj3RSub15m4KvViKzti3bYWAYSz78Y-Jvjub5p01MxLzFo1qMhDxNfyyFCBI0TgCsUgdlBD-b9IJt2xyHZ-DZRCI2LwSOvDF13-or3qPDpHRL7NP7XJ45BfF6DhuXiQUCeVHehzQ50f2JCosGLcBlpYWhvSlprGuu69hz2YdL-KwpY_nEcDlOrWg49k7aXkD_8Njt2u8riZy3-j8mk0OqqOkFwJ7j6AuKvtSr_6eXS7uZtVRT9DexfZnkWiuqtHv9MW8KjADiuMOAN6910t6WQ1botvXTSEZ-Y3EZnolqL6gOrzgZUn_Si8t3f6lYRgGHWLv4siLFQHRaK583456aSbPckWsoz2uEFkK9y2OVEkR4td2A9KnOPWecdCfWJJEeNC_zjlU3lZoOtLCojQ_R7fIvqX_YmF0_J-__7LA9h_ZLL7s3vXmavEl7jZjgug8YhW7c8oxI3hotup1wGxMOxJT832xR4ldJw8zC-7-9XyGn3t8Fc28KsScp8XOPXs2EChYs1d3vEwH-35NbtBUzO48CsJzNaF55hqRlF6BtaSSs4IHIy-UAEcAParR7payctZYEVIkrxpB2gQ7mNKxayW1Cmaw-W4w3bRCmpw6qIfB5sYRMC8FzbwBOk-7uR0AbrUNdNhmgj4mbDaZDuXbSBTp0b9-StIC-VB6Uy73Cn9inxEzWE2V9eCmEkAAWw7E40KaztWNDEb-eMD9uzIzMdU-UQXBsmYaDAc-ZSJlTI8sPQk9rfRSQZePWr6EHkgGSOyaEY-bA0DVrYS0GI3OFn_63ql9SYn9S9nUXBjbC-cT9P3KIvf6mMVH1ta0tIItVWWXCjuZ2R4uZ_21dJ6Xg5KIfKwc2x-OlokIN3RCu1rNxBoemPia25JYgUjTmukywbYAuGYQ7gwvRzHAi0-z42tnjFRPhR-T2bd3pS1KJ5XOsLoFRaVBCWtaU-4GrFBAzzL5mh0zeLuSV_2n4urgCljrZryBoW4yixGBYQ1DBd9SyWH1w1VNZXulQxAya0_VTroHF1igL3ujm6hg&cid=CAASKORo36VJ_jOeb7WBw4JEZmu3oH5Q34LEVhoCU7vpbGsf-KePBbST7_o&rfl=1%2Chttps%253A%252F%252Fvov.vn%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 00:47:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 3B7B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e8ed04ad09fcc761a195c7392065e052ec02b1430a36208f038d81ed8b65ffc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame A1C0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
43 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBCEm14Y_8G9zgEwAQ&v=APEucNWZBRvtf7eDkzbB1DHWPh3Lkm5KP0XCH9iJ2nG0aaIjFRX0xkrzBZuFoD7jxv5OGyrOpnh9ujaNNJKhP_ColHGiLgGrpw
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

cf-ray
739533014c7502f1-MIA
pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkWcUPP2VuGWz1cJZOt3Al9zLiXUrB8EeufCqA7a4bjvIbtk8a1WgNlvFSfK35tXpsWz79soVPv%2F15t%2F1ERQUnlBiPREEPhoImcwN10acp64dnZHrQgNZHLIXpI3A5Ztkk8IYBza0tv9Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A1C0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvWjGXEaGrshXuHbOhvpzwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBCEm14Y_8G9zgEwAQ&v=APEucNWZBRvtf7eDkzbB1DHWPh3Lkm5KP0XCH9iJ2nG0aaIjFRX0xkrzBZuFoD7jxv5OGyrOpnh9ujaNNJKhP_ColHGiLgGrpw
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

cf-ray
73953303085602f1-MIA
pragma
no-cache
date
Fri, 12 Aug 2022 00:47:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oI0qek593NFPP2fldqsaZ%2F2WHB%2FWMDifSV6vmicEy9rYK34SBMQQ3A%2BKWgBXlKhCnxnIrHwCi3vexWpLY%2BwL3Rd%2BdLYMdeAneLyIoUID1aAEkV8WKx3HYN0vIlmdCLqVg7E0iZbKJ6t2rw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTxlxS-ScxlL3YSNkXdYbA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A1C0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBeYSZ4-8mQdmcLuwtd20fo&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBeYSZ4-8mQdmcLuwtd20fo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBCEm14Y_8G9zgEwAQ&v=APEucNWZBRvtf7eDkzbB1DHWPh3Lkm5KP0XCH9iJ2nG0aaIjFRX0xkrzBZuFoD7jxv5OGyrOpnh9ujaNNJKhP_ColHGiLgGrpw
Protocol
HTTP/1.1
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 00:47:21 GMT
X-Proxy-Origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1a1d4b04-6954-4e23-9fd9-c6cc37c56c80
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBeYSZ4-8mQdmcLuwtd20fo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A1C0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4NjQ2NjA1NDU5NDAzNjA2Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4NjQ2NjA1NDU5NDAzNjA2Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJq9JBCEm14Y_8G9zgEwAQ&v=APEucNWZBRvtf7eDkzbB1DHWPh3Lkm5KP0XCH9iJ2nG0aaIjFRX0xkrzBZuFoD7jxv5OGyrOpnh9ujaNNJKhP_ColHGiLgGrpw
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 00:47:21 GMT
X-Proxy-Origin
38.132.118.70; 38.132.118.70; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c4c6c970-5d1f-4cf4-a853-3fe4da8f5bf5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE4NjQ2NjA1NDU5NDAzNjA2Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
pagead2.googlesyndication.com/bg/ Frame A2E7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
234070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14301
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:46:11 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 5598 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
Origin
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 14:49:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35888
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Aug 2022 14:49:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 5598 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhT6yWFpH8Jf3MC-7AEIUNchVT2OGTWNHDIcyJt9U07Uyk4SRN3xBfJPISSH9W0K7-vOxtQrv5UMyQ6zyzZbXw4vfDQ8nU_T5rZ2YtO534-5jU7Nbpzi55TVg9y23j50jpILOOAcTZXdet-62UulffwEY6TA&dbm_d=AKAmf-Di0msKoR32-o-eZom5F3Zsq-1skFKOOrwVm0KhmHU0pWUYZCgCxiARpdJ9kGIvGa29iTQiHVSCClM1jSFwoMfvfLIynqiuoi9LI1AydEAIdezP_awj-aKdyC8lmZ3DltlxIiaUEj4QHrmNSUxDnO3eWLDhmrcEZCLG8zMtEr4viO4bDjGOiGTbMBuCmkg3l97tnFU8fYHTN5caDr57QTQ-JlKDjktRXKASV8pm1DyqQKcAJTp01EEzcnh1glb68SGP8Xu5bp-Y4o-C2hA79RRI8pddoKqhOwrqIw9O5hmqNINStyXuhlYeAqpwE2-RWtBclxZn5fq7IMBFDpwvvCa7RS5ScPis0ZbVswhbsr863qWMSLDTuPUuVsHS7MBUVzWjp9bdUH2AzPNES3xJMAFa4oOBAINeekgMUNzDyEMr0vWfwkZLdW68sj7Wmgk6SEjrEJuXEwXkXwCjkUK3HjE1dZxXly22t5Ob0umC8Xpn0ZuSoC3zGVAmPxmz_Rrd1nR8wXhQBzsc7rtN9bnFGzAhYor10k-6ivq93kmd1PwE84qNBOPm_9bOnRGfRz9DcmUbxkcwyggZ6-ulTqpkfbPEkairO55kbhEZdbJc9LuyrpCu0M1OSEuVWuftLK2qwFJbrlMFj9RPL8--rAxL9Wx4ePEOK0sts4KKr1gdkRNJL1xKcBay1BHCsWg1bVGNNaIJ33plwdsjaV3L-5tylbg2QLMWnmnYnnrOCz16b78v_jSxCZIIS1MIVjcR3nxaObUlUj-YOJB6YRSDQSGHYYCwUC-jFq65orOmxhzn1FElt848O4TgtJQ4AK6LZDoekDUKzMlQ0wXOTVIiSsvhBXOY7FakBz7S_CYcMC_FLiaig33qJRc6VxPMk0XnXseHdQnwVE2U26uH6ko0Iwco0rrpMZFZSkosJmwHJcX2ougtXXNlobQBeg0LXSvSobdt6oLpbDiNJV9HoBX3Szi6XPoVlFkMu2PQysL3MwlQNte-Gy4aiBnQuBPz_NheSTjXkduVHIf-KE3q1Md7sM4UBk5LN0jVJGCG_8z7fDgsbZL9UL2dWErHFeKHfBzveTtu3DWmvbiXnC8BsiSHogeWHmleZoiQmgoVaNG6gepSN5B2AP9EWWaiIHj-xf0subdKN0XR57WUNZ8u0uop6XStDLPCOEq-Rq_Lx98Dj5Dy9oyIz7lmu3Ryr6nsK19ddUy9EROmc6zYrbloR7TIUWk3xG-rCYvO3PnN-tA5VyqCORjNZ1kdTeBOiomT9MlTrHQtFpcxA_HEu4cpcoSSEFqww_VQJThXtfesqUWnSM8eTunRt9Z3qhL5jBMEUvbHY24oJ4bW5-BDGhX7VK56wc1nTj265euBE8WZRu19lse86ySFVYU_wjkYOPrHHqU9L4q3ThjQuL2qPtCgK2cmnKLVTdXQVHPln1JxD9FRnYtprCnumxD-oP11xHQVAq2bGF733ueq9SRMMTZXQqQ4F1YHyXDpLXRm_UvtitF2e3Nvhdj5yxU9emlR-1l_TULnRdNQ_9M7wnLgUjjMrHMtWDC0D8JE0fIRcJ1IUs_lf3MC86Ms8tEqo3qZHBSMbkC3XGEkARJmjAgDKHUaVkf6uJ17ZSzJpJR2det2PZWvAdOYk7GfT8k5EmVG4UAEoBx1u4Q_gXvQNQ0M4Oy1PGhuu1yQ7KHgQcHpJTjqRxGvjI4PBtsDfZIj5-Qej-RdXmOR46AyB6OsyGb0IJVAeUBd4KNIWJCIKyOQnEKw9ilcDsn79q3I0ZIpdURKwLV-hBIaVYuLPG-VVrtCh1pPhEV97Ni_C-vKsPh6ylzAdKpVYkGhuD-CaPYEpcKlaH766YrFR1TbxCU3xNVJBBoqNsper2V-sqYa14UooEfYS9O6Y9XGAa3IzWQLQo6fh0MHXsrguHUqBU8xDo5oT3WaBfPUCwSkF4HtUD5M2H7INPYLPuAITuwzE8LA8SYiW0bkFpN8Nqe_OxrFXZV5_YzgCDNmj-mBfWEZVcFsrOsKJ_h5HX4K_Nh2ouAmYA7pAJfR_azyW8B3sDIjfMsrZiaFPLsI2-nOVkQjkC1_mjihn9rtr7cCcVUdXlfKhVfPzfICVF7AeMnuOW7pW5EjCEa9dBnQat_ZktZVCXpxP7D7j7JkkbmR4KgerMNhGNay1gb7MiGOo7Dn46rp2njwTRcLXl_MaApht8ofTmECb0a1n6J0wxHAlh_3wbvjCY9Ckix2WUTDvsUwF78Uogxw8h5f6pyuAZHmimWL6wilyNV-tpTQ9DXOdJNy8hsl9I3O2og0rx3lacioPlWb8AMUlefTxTGpIlGW2liobRjuiz2uqlFwjMrej4y4JDV5XfbvPNTo_nlDwuiBqdOFFCtbrDi45sFxb6EyKVyAU8IE6ero3KspGhwNcyqnyZX4u8u0csthv6AOTMqwZ7ljerh6uuOBAsC_YThCI5ZDE6QJ-Fbu0j1ZY9eMapgS9UCaCKtSZWIhz3tbV8s_XwzTKJp0e4nEQgc4ykvGX6mrUlnrlMazb7_7bj-Q2XPE53ovT6NSlsbuwhUYfnt7IfDWVFjLiW88qmdgZCB3uGN4dHoplpdfilx7YvH3MgV52A_o5exWHlRKdcUvOcQ5d0dS8rjK8Hs-u8Y7w5raO4VTjVOXWdpbVtZplsZYdgZbVQ-A5okBeHSnEK_z4B-4WLyddAyZoyF6LBm3NB2ZkX94zXPJZzRD0G0usxygQaUnJk1TZyC3z2uy_HSqggKjeJTAs5CZS_Vrj68U99cf2tZ_YD59Q5FgkEBAgLVkE7UOHRIEsGIJDO7vnpu9giFJ9lQ9WULj84Psux4KDLtfiV1ewfL4Q8qxZk9D1yIMTU3lzUvdwubzUv20ZBbcR8Se9g5YjmgxorD_7WI-3iobhJG-Z_j899sY6t8znf-eejD078c__OXW4pj2I78hG3_va2dflgnFqNaLQprvKV9NiXSoPjuYb2ZU_-2rhx0p1CIPeTmYkH-rT_vweCURq5bgviWNcgqGe9HhJDsWyulKgizgLGsXA0kd1O8TgbmOWWg2YvPBQSvjdExnb7bx5zDQWItT0wwJ_3WoJpBjxWKOzVo_ybGry600MtH2_vgnacsVdr5NzuA3OlTdQutvc52O4eyBzrtOWuKQdwWmicRTtT0oOet5HR6gZEnecn0fVfVCe0pUhDl8mNa9c65z9VGB1phZ9MLE0ZYNmrWUphdpFZV8e7halAkmoTuVsgGLkDsAR_aedFJVoIRQg6vOWe5rxBZVaN67mxCN3XDqBHiMXnbJXdsUrbrlan9SNv9GSbtL8nnWTSX59ak7sAQtcku4se_BaZsDcL3K5Ny1c1OJqkSAXwflakoUimIMlUSmT7yNQyBet5IBnsPk1H1i4rmdEdQAq1Eeg0dq4CuHUEVlu4Y_8bmZ29wAw8K_BxuwTuyg3Kt-W4NJZBxvfUQF7esTCwTCMDwkriL5FKKWaX3Ux9O0AJmzQNSqMch3sT7A9uFNUgEazqVctGexkqxMJZ5wv3rbDXwTmZsrAM1VKwKOUOXaOtgeog&cid=CAASKORoV0gU4s1Sluzl4x4IdGLWvyvaoN3gpfi51DATSD4pCm51qGVNrz0&rfl=1%2Chttps%253A%252F%252Fvov.vn%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:40:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 00:40:37 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 5598 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhT6yWFpH8Jf3MC-7AEIUNchVT2OGTWNHDIcyJt9U07Uyk4SRN3xBfJPISSH9W0K7-vOxtQrv5UMyQ6zyzZbXw4vfDQ8nU_T5rZ2YtO534-5jU7Nbpzi55TVg9y23j50jpILOOAcTZXdet-62UulffwEY6TA&dbm_d=AKAmf-Di0msKoR32-o-eZom5F3Zsq-1skFKOOrwVm0KhmHU0pWUYZCgCxiARpdJ9kGIvGa29iTQiHVSCClM1jSFwoMfvfLIynqiuoi9LI1AydEAIdezP_awj-aKdyC8lmZ3DltlxIiaUEj4QHrmNSUxDnO3eWLDhmrcEZCLG8zMtEr4viO4bDjGOiGTbMBuCmkg3l97tnFU8fYHTN5caDr57QTQ-JlKDjktRXKASV8pm1DyqQKcAJTp01EEzcnh1glb68SGP8Xu5bp-Y4o-C2hA79RRI8pddoKqhOwrqIw9O5hmqNINStyXuhlYeAqpwE2-RWtBclxZn5fq7IMBFDpwvvCa7RS5ScPis0ZbVswhbsr863qWMSLDTuPUuVsHS7MBUVzWjp9bdUH2AzPNES3xJMAFa4oOBAINeekgMUNzDyEMr0vWfwkZLdW68sj7Wmgk6SEjrEJuXEwXkXwCjkUK3HjE1dZxXly22t5Ob0umC8Xpn0ZuSoC3zGVAmPxmz_Rrd1nR8wXhQBzsc7rtN9bnFGzAhYor10k-6ivq93kmd1PwE84qNBOPm_9bOnRGfRz9DcmUbxkcwyggZ6-ulTqpkfbPEkairO55kbhEZdbJc9LuyrpCu0M1OSEuVWuftLK2qwFJbrlMFj9RPL8--rAxL9Wx4ePEOK0sts4KKr1gdkRNJL1xKcBay1BHCsWg1bVGNNaIJ33plwdsjaV3L-5tylbg2QLMWnmnYnnrOCz16b78v_jSxCZIIS1MIVjcR3nxaObUlUj-YOJB6YRSDQSGHYYCwUC-jFq65orOmxhzn1FElt848O4TgtJQ4AK6LZDoekDUKzMlQ0wXOTVIiSsvhBXOY7FakBz7S_CYcMC_FLiaig33qJRc6VxPMk0XnXseHdQnwVE2U26uH6ko0Iwco0rrpMZFZSkosJmwHJcX2ougtXXNlobQBeg0LXSvSobdt6oLpbDiNJV9HoBX3Szi6XPoVlFkMu2PQysL3MwlQNte-Gy4aiBnQuBPz_NheSTjXkduVHIf-KE3q1Md7sM4UBk5LN0jVJGCG_8z7fDgsbZL9UL2dWErHFeKHfBzveTtu3DWmvbiXnC8BsiSHogeWHmleZoiQmgoVaNG6gepSN5B2AP9EWWaiIHj-xf0subdKN0XR57WUNZ8u0uop6XStDLPCOEq-Rq_Lx98Dj5Dy9oyIz7lmu3Ryr6nsK19ddUy9EROmc6zYrbloR7TIUWk3xG-rCYvO3PnN-tA5VyqCORjNZ1kdTeBOiomT9MlTrHQtFpcxA_HEu4cpcoSSEFqww_VQJThXtfesqUWnSM8eTunRt9Z3qhL5jBMEUvbHY24oJ4bW5-BDGhX7VK56wc1nTj265euBE8WZRu19lse86ySFVYU_wjkYOPrHHqU9L4q3ThjQuL2qPtCgK2cmnKLVTdXQVHPln1JxD9FRnYtprCnumxD-oP11xHQVAq2bGF733ueq9SRMMTZXQqQ4F1YHyXDpLXRm_UvtitF2e3Nvhdj5yxU9emlR-1l_TULnRdNQ_9M7wnLgUjjMrHMtWDC0D8JE0fIRcJ1IUs_lf3MC86Ms8tEqo3qZHBSMbkC3XGEkARJmjAgDKHUaVkf6uJ17ZSzJpJR2det2PZWvAdOYk7GfT8k5EmVG4UAEoBx1u4Q_gXvQNQ0M4Oy1PGhuu1yQ7KHgQcHpJTjqRxGvjI4PBtsDfZIj5-Qej-RdXmOR46AyB6OsyGb0IJVAeUBd4KNIWJCIKyOQnEKw9ilcDsn79q3I0ZIpdURKwLV-hBIaVYuLPG-VVrtCh1pPhEV97Ni_C-vKsPh6ylzAdKpVYkGhuD-CaPYEpcKlaH766YrFR1TbxCU3xNVJBBoqNsper2V-sqYa14UooEfYS9O6Y9XGAa3IzWQLQo6fh0MHXsrguHUqBU8xDo5oT3WaBfPUCwSkF4HtUD5M2H7INPYLPuAITuwzE8LA8SYiW0bkFpN8Nqe_OxrFXZV5_YzgCDNmj-mBfWEZVcFsrOsKJ_h5HX4K_Nh2ouAmYA7pAJfR_azyW8B3sDIjfMsrZiaFPLsI2-nOVkQjkC1_mjihn9rtr7cCcVUdXlfKhVfPzfICVF7AeMnuOW7pW5EjCEa9dBnQat_ZktZVCXpxP7D7j7JkkbmR4KgerMNhGNay1gb7MiGOo7Dn46rp2njwTRcLXl_MaApht8ofTmECb0a1n6J0wxHAlh_3wbvjCY9Ckix2WUTDvsUwF78Uogxw8h5f6pyuAZHmimWL6wilyNV-tpTQ9DXOdJNy8hsl9I3O2og0rx3lacioPlWb8AMUlefTxTGpIlGW2liobRjuiz2uqlFwjMrej4y4JDV5XfbvPNTo_nlDwuiBqdOFFCtbrDi45sFxb6EyKVyAU8IE6ero3KspGhwNcyqnyZX4u8u0csthv6AOTMqwZ7ljerh6uuOBAsC_YThCI5ZDE6QJ-Fbu0j1ZY9eMapgS9UCaCKtSZWIhz3tbV8s_XwzTKJp0e4nEQgc4ykvGX6mrUlnrlMazb7_7bj-Q2XPE53ovT6NSlsbuwhUYfnt7IfDWVFjLiW88qmdgZCB3uGN4dHoplpdfilx7YvH3MgV52A_o5exWHlRKdcUvOcQ5d0dS8rjK8Hs-u8Y7w5raO4VTjVOXWdpbVtZplsZYdgZbVQ-A5okBeHSnEK_z4B-4WLyddAyZoyF6LBm3NB2ZkX94zXPJZzRD0G0usxygQaUnJk1TZyC3z2uy_HSqggKjeJTAs5CZS_Vrj68U99cf2tZ_YD59Q5FgkEBAgLVkE7UOHRIEsGIJDO7vnpu9giFJ9lQ9WULj84Psux4KDLtfiV1ewfL4Q8qxZk9D1yIMTU3lzUvdwubzUv20ZBbcR8Se9g5YjmgxorD_7WI-3iobhJG-Z_j899sY6t8znf-eejD078c__OXW4pj2I78hG3_va2dflgnFqNaLQprvKV9NiXSoPjuYb2ZU_-2rhx0p1CIPeTmYkH-rT_vweCURq5bgviWNcgqGe9HhJDsWyulKgizgLGsXA0kd1O8TgbmOWWg2YvPBQSvjdExnb7bx5zDQWItT0wwJ_3WoJpBjxWKOzVo_ybGry600MtH2_vgnacsVdr5NzuA3OlTdQutvc52O4eyBzrtOWuKQdwWmicRTtT0oOet5HR6gZEnecn0fVfVCe0pUhDl8mNa9c65z9VGB1phZ9MLE0ZYNmrWUphdpFZV8e7halAkmoTuVsgGLkDsAR_aedFJVoIRQg6vOWe5rxBZVaN67mxCN3XDqBHiMXnbJXdsUrbrlan9SNv9GSbtL8nnWTSX59ak7sAQtcku4se_BaZsDcL3K5Ny1c1OJqkSAXwflakoUimIMlUSmT7yNQyBet5IBnsPk1H1i4rmdEdQAq1Eeg0dq4CuHUEVlu4Y_8bmZ29wAw8K_BxuwTuyg3Kt-W4NJZBxvfUQF7esTCwTCMDwkriL5FKKWaX3Ux9O0AJmzQNSqMch3sT7A9uFNUgEazqVctGexkqxMJZ5wv3rbDXwTmZsrAM1VKwKOUOXaOtgeog&cid=CAASKORoV0gU4s1Sluzl4x4IdGLWvyvaoN3gpfi51DATSD4pCm51qGVNrz0&rfl=1%2Chttps%253A%252F%252Fvov.vn%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:46:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 00:46:58 GMT
usync.js
eus.rubiconproject.com/ Frame 4C1D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
28a10ec7cb172ca7b3c233179d156c3f28bdef7894887f398b34cc6033ee5c98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=na&co=us
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 00:47:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12542
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Fri, 12 Aug 2022 04:16:23 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4572 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CO7V1GKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSHA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5hn5pQwr01tLjECCcG0-pO_pLe_8rvMxasfjng6WFsfjA00XfZDgBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDiACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=ckRpIBGhX4U&uach_m=[UACH]&cid=CAQSPwCsnQUxFHa8Db7EY9QHNEeTAdfs6lPn_GSjnvTo9qe7esrRL-M7siTDpZZjKYUdb3jyvrZXdc0JHDjJyU_dvhgB
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers
notify
rtb.va.us.criteo.com/google/auction/ Frame 4572 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=k_bgEKD_WMACtAHiIp0XAgAAAMcVgatAd1V-i8fZagk5jtsQGKP1Yt2uFWeblzKtSwd2ABIAAA&wp=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
server
Kestrel
server-processing-duration-in-ticks
222135
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.us.criteo.com/delivery/r/ Frame D1DD 		122 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c81d785f56700f92e0f230f4f8d878a4be655c41a76081997fc9a2eaeefba021
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 00:47:21 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=2vK31BJ9tOZLVpLv3v4HFRmMlCBvDRIJXU5jahKr8uOuN66LR39oHYVP5fBULIjgr8lL4QV7PJM-IjNlwHZW8J30RnuVrPLm1xAs31HEW0MXOOAPm5kBWnVhwJKeJCEGsbQp8zaNad_6tYZbSzfRzvh0_CAcSAX-Abg9248C2wwiQOnUa8DJvQEG1D2kjK6YeHxo3L7trC-UO992qfNaSDos973RX2vBouSP15dYxmX5j3RI5VB21VSbCJpULtiWow313yS8F1ZbudTd"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
70867914
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 4572 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:29:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 00:29:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4572 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 00:47:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 4572 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
718
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Aug 2022 00:35:23 GMT
l
www.google.com/ads/measurement/ Frame 4572 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTj0HZL9ptaKjdrNrp9ZoGjz8iP4Aln96gR3arwEW8COw21HBtwPhqZAZFxnZzHjWykGdV5ZBJaHz-ix6C2IqvgRMUmbA
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4572 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Sat, 06 Aug 2022 07:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 06 Aug 2023 07:24:19 GMT
maip
adnetwork.adasiaholdings.com/h/ 		43 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adnetwork.adasiaholdings.com/h/maip?uii=937420479589358129&tmstp=8914587710&ckid=4439413278513721288&systgt=%24qc%3d1311284246%3b%24ql%3dHigh%3b%24qpc%3d33144%3b%24qt%3d152_581_33100t%3b%24dma%3d528%3b%24b%3d16920%3b%24o%3d23110%3b%24sw%3d1600%3b%24sh%3d1200%3b%24mdwi%3d800t%3b%24mdhi%3d1200t&acd=1660265241614&envtype=1&opid=5636d0f5-0127-43fd-b53d-2b6eb54c3108&opdt=1660265241614&siteid=272915&tgt=undefinedplatform%3dandroid%3b%24dt%3d2t%3b%24dma%3d528%3b%24mv%3dunknownt%3b%24mm%3d2887676t%3b%24mdw%3d1600%3b%24mdh%3d1200%3b%24mdt%3d2t%3b%24mct%3d1t%3b%24mctQuova%3d1t%3b%24hc&gdpr=0&pgid=1492332&fmtid=44269&statid=3&visit=s
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.48 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
privacy_small.svg
static.criteo.net/flash/icon/ Frame E186 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAIsxsH48vsAADzccp1FQ4MKp-7SDQB-g&u=%7C37q5NLbdiZTR5wRbloRO5z4nR9U7lGXCaRE%2FCipRWf8%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62knUQI1z9HYeneK-1Devt8wky9zDFC3GGWJ4OT0gJBtYd4_HdjhA-nVYXxCOchoBuDKJFHA8Y4tzBkiXaIv2Udd4FqNqEWMyld3OmAXFUfiReAOHsfwm3EX2eZuWeCJyydpy0Kezqh4KWHgoSbzNsvCi7eUPnsn8yAH63L4KrxYDf5XYDU2fFo73UkrSyBRzsuWtBmk5CIYscRE7XhIiMWdtbCA7878k1hr4HX6Q-GkXRY6khK7cTqAKmTyVahcdo5bqY7hphTw6fLUzB2-yqAx3sRtWVXt6ARNHhmsNIjSW5EQsflq2wJxot4JhXe_X8wyvk3vETjT8KQuU5O2d84lwVHCH_QH4CH9csaOUt8vXdYHL2vdyV3qH36rvIzyK9GLpH9VSQt_BFvkci6PlDPA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqzboGKP1YpvmIuyXj-8P8eaDYJyB77BcosqnqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxoAGs3f7oA8gBCeACAKgDAaoEmgNP0HlPG1IA0iTj9VOMdbksq0xG4rpyUGSMxZuoR1beFrsrgCsLr29-zN5y3_DtgGpS8Ils3u0DJJFnpvDnO6HCErRp8RWpFU2L8pCWqExlWfpIp3tkG_Ylsh8Qk3RKjzkVisomgtXg3r-AE4RwaPdpvazgUmMhpX-2bMwz7LP3xKb3P76iyKZMYIpTxFkjqU1MDQiqAEB1mJDYhUBe6sqTXdi1WNzMrB4a3gll-pfJgJX4Sc3HY2NArCycrLAyDxUel-dOGHNDsBhSP14rtSQvGAM7xfOqoC6UM2Z8MR8QcuvKaXC6Uuh3EPwtcevqneNRr5kD7wsw5F5qBYp7vWY_P1jS5Zn8yE2T_cjzLfimdvhflJ8PX_CP7_UuWmMgPSnC50tsIj2FCgUzICWc2kPw8PF1wbTpSRQvqjWF0F5F_cOkMyA-GidFyAmT-GaL5sBYPPtCVCmlVvkYlcuFRwGCIrLjogu-1DE_DiaDOJ_m_nmyLVj8c9UllarVQkF60-da2Gah-7sxDNbWCK5RjDY6PbAiNwzkDEQFx-AEAYAGndz7_-j3xdoQoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBA8ggbYWR4LXN1YnN5bi0yNTI2OTAzNDMzMzMyNDA4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DuPeQg6w63rcPGV_kmJwBJHE_Mg%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame E186 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAIsxsH48vsAADzccp1FQ4MKp-7SDQB-g&u=%7C37q5NLbdiZTR5wRbloRO5z4nR9U7lGXCaRE%2FCipRWf8%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62knUQI1z9HYeneK-1Devt8wky9zDFC3GGWJ4OT0gJBtYd4_HdjhA-nVYXxCOchoBuDKJFHA8Y4tzBkiXaIv2Udd4FqNqEWMyld3OmAXFUfiReAOHsfwm3EX2eZuWeCJyydpy0Kezqh4KWHgoSbzNsvCi7eUPnsn8yAH63L4KrxYDf5XYDU2fFo73UkrSyBRzsuWtBmk5CIYscRE7XhIiMWdtbCA7878k1hr4HX6Q-GkXRY6khK7cTqAKmTyVahcdo5bqY7hphTw6fLUzB2-yqAx3sRtWVXt6ARNHhmsNIjSW5EQsflq2wJxot4JhXe_X8wyvk3vETjT8KQuU5O2d84lwVHCH_QH4CH9csaOUt8vXdYHL2vdyV3qH36rvIzyK9GLpH9VSQt_BFvkci6PlDPA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqzboGKP1YpvmIuyXj-8P8eaDYJyB77BcosqnqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxoAGs3f7oA8gBCeACAKgDAaoEmgNP0HlPG1IA0iTj9VOMdbksq0xG4rpyUGSMxZuoR1beFrsrgCsLr29-zN5y3_DtgGpS8Ils3u0DJJFnpvDnO6HCErRp8RWpFU2L8pCWqExlWfpIp3tkG_Ylsh8Qk3RKjzkVisomgtXg3r-AE4RwaPdpvazgUmMhpX-2bMwz7LP3xKb3P76iyKZMYIpTxFkjqU1MDQiqAEB1mJDYhUBe6sqTXdi1WNzMrB4a3gll-pfJgJX4Sc3HY2NArCycrLAyDxUel-dOGHNDsBhSP14rtSQvGAM7xfOqoC6UM2Z8MR8QcuvKaXC6Uuh3EPwtcevqneNRr5kD7wsw5F5qBYp7vWY_P1jS5Zn8yE2T_cjzLfimdvhflJ8PX_CP7_UuWmMgPSnC50tsIj2FCgUzICWc2kPw8PF1wbTpSRQvqjWF0F5F_cOkMyA-GidFyAmT-GaL5sBYPPtCVCmlVvkYlcuFRwGCIrLjogu-1DE_DiaDOJ_m_nmyLVj8c9UllarVQkF60-da2Gah-7sxDNbWCK5RjDY6PbAiNwzkDEQFx-AEAYAGndz7_-j3xdoQoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBA8ggbYWR4LXN1YnN5bi0yNTI2OTAzNDMzMzMyNDA4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DuPeQg6w63rcPGV_kmJwBJHE_Mg%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame E186 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAIsxsH48vsAADzccp1FQ4MKp-7SDQB-g&u=%7C37q5NLbdiZTR5wRbloRO5z4nR9U7lGXCaRE%2FCipRWf8%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62knUQI1z9HYeneK-1Devt8wky9zDFC3GGWJ4OT0gJBtYd4_HdjhA-nVYXxCOchoBuDKJFHA8Y4tzBkiXaIv2Udd4FqNqEWMyld3OmAXFUfiReAOHsfwm3EX2eZuWeCJyydpy0Kezqh4KWHgoSbzNsvCi7eUPnsn8yAH63L4KrxYDf5XYDU2fFo73UkrSyBRzsuWtBmk5CIYscRE7XhIiMWdtbCA7878k1hr4HX6Q-GkXRY6khK7cTqAKmTyVahcdo5bqY7hphTw6fLUzB2-yqAx3sRtWVXt6ARNHhmsNIjSW5EQsflq2wJxot4JhXe_X8wyvk3vETjT8KQuU5O2d84lwVHCH_QH4CH9csaOUt8vXdYHL2vdyV3qH36rvIzyK9GLpH9VSQt_BFvkci6PlDPA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqzboGKP1YpvmIuyXj-8P8eaDYJyB77BcosqnqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxoAGs3f7oA8gBCeACAKgDAaoEmgNP0HlPG1IA0iTj9VOMdbksq0xG4rpyUGSMxZuoR1beFrsrgCsLr29-zN5y3_DtgGpS8Ils3u0DJJFnpvDnO6HCErRp8RWpFU2L8pCWqExlWfpIp3tkG_Ylsh8Qk3RKjzkVisomgtXg3r-AE4RwaPdpvazgUmMhpX-2bMwz7LP3xKb3P76iyKZMYIpTxFkjqU1MDQiqAEB1mJDYhUBe6sqTXdi1WNzMrB4a3gll-pfJgJX4Sc3HY2NArCycrLAyDxUel-dOGHNDsBhSP14rtSQvGAM7xfOqoC6UM2Z8MR8QcuvKaXC6Uuh3EPwtcevqneNRr5kD7wsw5F5qBYp7vWY_P1jS5Zn8yE2T_cjzLfimdvhflJ8PX_CP7_UuWmMgPSnC50tsIj2FCgUzICWc2kPw8PF1wbTpSRQvqjWF0F5F_cOkMyA-GidFyAmT-GaL5sBYPPtCVCmlVvkYlcuFRwGCIrLjogu-1DE_DiaDOJ_m_nmyLVj8c9UllarVQkF60-da2Gah-7sxDNbWCK5RjDY6PbAiNwzkDEQFx-AEAYAGndz7_-j3xdoQoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBA8ggbYWR4LXN1YnN5bi0yNTI2OTAzNDMzMzMyNDA4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DuPeQg6w63rcPGV_kmJwBJHE_Mg%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 07 Aug 2023 00:47:22 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame E186 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAIsxsH48vsAADzccp1FQ4MKp-7SDQB-g&u=%7C37q5NLbdiZTR5wRbloRO5z4nR9U7lGXCaRE%2FCipRWf8%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62knUQI1z9HYeneK-1Devt8wky9zDFC3GGWJ4OT0gJBtYd4_HdjhA-nVYXxCOchoBuDKJFHA8Y4tzBkiXaIv2Udd4FqNqEWMyld3OmAXFUfiReAOHsfwm3EX2eZuWeCJyydpy0Kezqh4KWHgoSbzNsvCi7eUPnsn8yAH63L4KrxYDf5XYDU2fFo73UkrSyBRzsuWtBmk5CIYscRE7XhIiMWdtbCA7878k1hr4HX6Q-GkXRY6khK7cTqAKmTyVahcdo5bqY7hphTw6fLUzB2-yqAx3sRtWVXt6ARNHhmsNIjSW5EQsflq2wJxot4JhXe_X8wyvk3vETjT8KQuU5O2d84lwVHCH_QH4CH9csaOUt8vXdYHL2vdyV3qH36rvIzyK9GLpH9VSQt_BFvkci6PlDPA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqzboGKP1YpvmIuyXj-8P8eaDYJyB77BcosqnqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxoAGs3f7oA8gBCeACAKgDAaoEmgNP0HlPG1IA0iTj9VOMdbksq0xG4rpyUGSMxZuoR1beFrsrgCsLr29-zN5y3_DtgGpS8Ils3u0DJJFnpvDnO6HCErRp8RWpFU2L8pCWqExlWfpIp3tkG_Ylsh8Qk3RKjzkVisomgtXg3r-AE4RwaPdpvazgUmMhpX-2bMwz7LP3xKb3P76iyKZMYIpTxFkjqU1MDQiqAEB1mJDYhUBe6sqTXdi1WNzMrB4a3gll-pfJgJX4Sc3HY2NArCycrLAyDxUel-dOGHNDsBhSP14rtSQvGAM7xfOqoC6UM2Z8MR8QcuvKaXC6Uuh3EPwtcevqneNRr5kD7wsw5F5qBYp7vWY_P1jS5Zn8yE2T_cjzLfimdvhflJ8PX_CP7_UuWmMgPSnC50tsIj2FCgUzICWc2kPw8PF1wbTpSRQvqjWF0F5F_cOkMyA-GidFyAmT-GaL5sBYPPtCVCmlVvkYlcuFRwGCIrLjogu-1DE_DiaDOJ_m_nmyLVj8c9UllarVQkF60-da2Gah-7sxDNbWCK5RjDY6PbAiNwzkDEQFx-AEAYAGndz7_-j3xdoQoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBA8ggbYWR4LXN1YnN5bi0yNTI2OTAzNDMzMzMyNDA4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DuPeQg6w63rcPGV_kmJwBJHE_Mg%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 07 Aug 2023 00:47:22 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame E186 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=XieMDgGYtcBpi3sQOIldG7fwfxVoAbvU--S195pO1M31SNc8pqC4RYcuM5e3apCMvolwj0xZY3LCAbbkXdMV2tYae2nz1frb28nxyfrqonJb5VtYls9uH0NYFvOIjhZWUf9YouGXOZCyWdvmF3MCcBFWhHuPFTBPmyIM663vv33XN0J5W6Ye7dzvVd-EPB7Ul1bNWHyLemIJ3uGZt-Jsb2nunspqyWxpWRrzcTF1o0gVIvipD589ssrK7W_FlfMBc4fSq7iz9WjIKnzHVP6og9OvcpNdOqVXqFGEg9ixzLn2DTsH-lqJggBaxZnbvqCv8HXHC0-lwP7Q64Ulyy32YxGhBpl4t9-I19mTAHcN3hHZSJVD3G1vdbYG-PYusb7GbKY0zXRuBPYpw3xPOhHpy_AxFOG-CiVrrVRrNt2hHHiM6KzY
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAIsxsH48vsAADzccp1FQ4MKp-7SDQB-g&u=%7C37q5NLbdiZTR5wRbloRO5z4nR9U7lGXCaRE%2FCipRWf8%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62knUQI1z9HYeneK-1Devt8wky9zDFC3GGWJ4OT0gJBtYd4_HdjhA-nVYXxCOchoBuDKJFHA8Y4tzBkiXaIv2Udd4FqNqEWMyld3OmAXFUfiReAOHsfwm3EX2eZuWeCJyydpy0Kezqh4KWHgoSbzNsvCi7eUPnsn8yAH63L4KrxYDf5XYDU2fFo73UkrSyBRzsuWtBmk5CIYscRE7XhIiMWdtbCA7878k1hr4HX6Q-GkXRY6khK7cTqAKmTyVahcdo5bqY7hphTw6fLUzB2-yqAx3sRtWVXt6ARNHhmsNIjSW5EQsflq2wJxot4JhXe_X8wyvk3vETjT8KQuU5O2d84lwVHCH_QH4CH9csaOUt8vXdYHL2vdyV3qH36rvIzyK9GLpH9VSQt_BFvkci6PlDPA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqzboGKP1YpvmIuyXj-8P8eaDYJyB77BcosqnqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxoAGs3f7oA8gBCeACAKgDAaoEmgNP0HlPG1IA0iTj9VOMdbksq0xG4rpyUGSMxZuoR1beFrsrgCsLr29-zN5y3_DtgGpS8Ils3u0DJJFnpvDnO6HCErRp8RWpFU2L8pCWqExlWfpIp3tkG_Ylsh8Qk3RKjzkVisomgtXg3r-AE4RwaPdpvazgUmMhpX-2bMwz7LP3xKb3P76iyKZMYIpTxFkjqU1MDQiqAEB1mJDYhUBe6sqTXdi1WNzMrB4a3gll-pfJgJX4Sc3HY2NArCycrLAyDxUel-dOGHNDsBhSP14rtSQvGAM7xfOqoC6UM2Z8MR8QcuvKaXC6Uuh3EPwtcevqneNRr5kD7wsw5F5qBYp7vWY_P1jS5Zn8yE2T_cjzLfimdvhflJ8PX_CP7_UuWmMgPSnC50tsIj2FCgUzICWc2kPw8PF1wbTpSRQvqjWF0F5F_cOkMyA-GidFyAmT-GaL5sBYPPtCVCmlVvkYlcuFRwGCIrLjogu-1DE_DiaDOJ_m_nmyLVj8c9UllarVQkF60-da2Gah-7sxDNbWCK5RjDY6PbAiNwzkDEQFx-AEAYAGndz7_-j3xdoQoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBA8ggbYWR4LXN1YnN5bi0yNTI2OTAzNDMzMzMyNDA4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DuPeQg6w63rcPGV_kmJwBJHE_Mg%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:22 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3871233
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5598 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:23:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 07:23:38 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E186 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAIsxsH48vsAADzccp1FQ4MKp-7SDQB-g&u=%7C37q5NLbdiZTR5wRbloRO5z4nR9U7lGXCaRE%2FCipRWf8%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62knUQI1z9HYeneK-1Devt8wky9zDFC3GGWJ4OT0gJBtYd4_HdjhA-nVYXxCOchoBuDKJFHA8Y4tzBkiXaIv2Udd4FqNqEWMyld3OmAXFUfiReAOHsfwm3EX2eZuWeCJyydpy0Kezqh4KWHgoSbzNsvCi7eUPnsn8yAH63L4KrxYDf5XYDU2fFo73UkrSyBRzsuWtBmk5CIYscRE7XhIiMWdtbCA7878k1hr4HX6Q-GkXRY6khK7cTqAKmTyVahcdo5bqY7hphTw6fLUzB2-yqAx3sRtWVXt6ARNHhmsNIjSW5EQsflq2wJxot4JhXe_X8wyvk3vETjT8KQuU5O2d84lwVHCH_QH4CH9csaOUt8vXdYHL2vdyV3qH36rvIzyK9GLpH9VSQt_BFvkci6PlDPA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqzboGKP1YpvmIuyXj-8P8eaDYJyB77BcosqnqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxoAGs3f7oA8gBCeACAKgDAaoEmgNP0HlPG1IA0iTj9VOMdbksq0xG4rpyUGSMxZuoR1beFrsrgCsLr29-zN5y3_DtgGpS8Ils3u0DJJFnpvDnO6HCErRp8RWpFU2L8pCWqExlWfpIp3tkG_Ylsh8Qk3RKjzkVisomgtXg3r-AE4RwaPdpvazgUmMhpX-2bMwz7LP3xKb3P76iyKZMYIpTxFkjqU1MDQiqAEB1mJDYhUBe6sqTXdi1WNzMrB4a3gll-pfJgJX4Sc3HY2NArCycrLAyDxUel-dOGHNDsBhSP14rtSQvGAM7xfOqoC6UM2Z8MR8QcuvKaXC6Uuh3EPwtcevqneNRr5kD7wsw5F5qBYp7vWY_P1jS5Zn8yE2T_cjzLfimdvhflJ8PX_CP7_UuWmMgPSnC50tsIj2FCgUzICWc2kPw8PF1wbTpSRQvqjWF0F5F_cOkMyA-GidFyAmT-GaL5sBYPPtCVCmlVvkYlcuFRwGCIrLjogu-1DE_DiaDOJ_m_nmyLVj8c9UllarVQkF60-da2Gah-7sxDNbWCK5RjDY6PbAiNwzkDEQFx-AEAYAGndz7_-j3xdoQoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBA8ggbYWR4LXN1YnN5bi0yNTI2OTAzNDMzMzMyNDA4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DuPeQg6w63rcPGV_kmJwBJHE_Mg%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
113099
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3Nr2PoW%2FxLDG5fYNfHrZDFGL%2BJcKlA1kgEZEj%2Fds62bwbGvkJy7ar%2B9dgoMv6V9LWcOWir%2Ffzbz27k02Oo1GYQ3vOmcCllxR3WCqCrCd%2BolWub1qYXR4nSP9eG%2FsuQsp0wQ1AfA14b8bk4kKe2q65lF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
739533042fe68db4-MIA
expires
Wed, 02 Aug 2023 00:47:22 GMT
animejs.js
static.criteo.net/animejs/ Frame E186 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAIsxsH48vsAADzccp1FQ4MKp-7SDQB-g&u=%7C37q5NLbdiZTR5wRbloRO5z4nR9U7lGXCaRE%2FCipRWf8%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62knUQI1z9HYeneK-1Devt8wky9zDFC3GGWJ4OT0gJBtYd4_HdjhA-nVYXxCOchoBuDKJFHA8Y4tzBkiXaIv2Udd4FqNqEWMyld3OmAXFUfiReAOHsfwm3EX2eZuWeCJyydpy0Kezqh4KWHgoSbzNsvCi7eUPnsn8yAH63L4KrxYDf5XYDU2fFo73UkrSyBRzsuWtBmk5CIYscRE7XhIiMWdtbCA7878k1hr4HX6Q-GkXRY6khK7cTqAKmTyVahcdo5bqY7hphTw6fLUzB2-yqAx3sRtWVXt6ARNHhmsNIjSW5EQsflq2wJxot4JhXe_X8wyvk3vETjT8KQuU5O2d84lwVHCH_QH4CH9csaOUt8vXdYHL2vdyV3qH36rvIzyK9GLpH9VSQt_BFvkci6PlDPA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqzboGKP1YpvmIuyXj-8P8eaDYJyB77BcosqnqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxoAGs3f7oA8gBCeACAKgDAaoEmgNP0HlPG1IA0iTj9VOMdbksq0xG4rpyUGSMxZuoR1beFrsrgCsLr29-zN5y3_DtgGpS8Ils3u0DJJFnpvDnO6HCErRp8RWpFU2L8pCWqExlWfpIp3tkG_Ylsh8Qk3RKjzkVisomgtXg3r-AE4RwaPdpvazgUmMhpX-2bMwz7LP3xKb3P76iyKZMYIpTxFkjqU1MDQiqAEB1mJDYhUBe6sqTXdi1WNzMrB4a3gll-pfJgJX4Sc3HY2NArCycrLAyDxUel-dOGHNDsBhSP14rtSQvGAM7xfOqoC6UM2Z8MR8QcuvKaXC6Uuh3EPwtcevqneNRr5kD7wsw5F5qBYp7vWY_P1jS5Zn8yE2T_cjzLfimdvhflJ8PX_CP7_UuWmMgPSnC50tsIj2FCgUzICWc2kPw8PF1wbTpSRQvqjWF0F5F_cOkMyA-GidFyAmT-GaL5sBYPPtCVCmlVvkYlcuFRwGCIrLjogu-1DE_DiaDOJ_m_nmyLVj8c9UllarVQkF60-da2Gah-7sxDNbWCK5RjDY6PbAiNwzkDEQFx-AEAYAGndz7_-j3xdoQoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBA8ggbYWR4LXN1YnN5bi0yNTI2OTAzNDMzMzMyNDA4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DuPeQg6w63rcPGV_kmJwBJHE_Mg%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
truncated
/ Frame 5598 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
68d268d6f427356cb91bc75cfb06c6c54a8dfc2e2ec5ca8fab8b0f1e9542be2e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame C874 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame C874 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C874 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 07 Aug 2023 00:47:22 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C874 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 07 Aug 2023 00:47:22 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame C874 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=QPsL8wwDLj5E9nasNLS_HAyVe1lkp1ZsU5ViBJOgcG3AbJe7V_qXwDrXR5V4f2rm4D_zY4GkLzxV8GZvGSjSYZviXJFdN5h17tHOWDcaZdszuSs_W1BB_Z1nFWTElyz1LdkZoy-t7r4P8l5Ok_PuuKXCZX2aJ71ihRSV6M-9b7BfvNWpOoWDxyRiE6IwshPSpsPbiiwW6OgfDGq0Lv_ZO5h1GE6gnobr02Splz7or9bgt3Sdic57iE1Y1fNt8-KlwljPBhPiJTV0BoY4Lo8sfBJ4rKxmUDiIhYvQIVufFzK1aoGe1FIXZF3-Y8AHFQcfT9wibr4780WND82Etx9GpbkbwqNR-ckK0Lnq-zgAHIPKfxph90DxE9zLUrj7tmQZychzrN9WMOO1fGEXbYmb7t5-Do5v8s_MlQQW0RkyZRoXaFVXDN0MmssJuZbryj3zuqPRww
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3214801
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
d.agkn.com/pixel/8538/ Frame C874 		43 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/8538/?che=62f5a3192260a613e56aeb76fc84f27d&col=274550,0,0,0,11176536,62f5a3192260a613e56aeb76fc84f27d
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:a600:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:22 GMT
via
1.1 777c0716c0ef8010208c3559195306d6.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
qLigOpFD2A23mWLNiWyUxWBfT0bLLU92Y8blG2tYqoGMTj5y4IKTJw==
expires
Sat, 01 Jan 2000 00:00:00 GMT
all
csm.us.criteo.net/ Frame E186 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=rVZg1BJ9tOZLVpLvh6m7ufTW4vW9rJWx-Ge8YXZ1pLF3LgMrbkY8sof12q8lN1wZZXcljOFPWH7_qVOIz1ztx4zoT4Hhs7sf_QkX6pcaahNFAWwPRFmKwawvs569P7RQWJqaaQyRRRXiM6D95s1EImsFiZChE59hfXv1iuhNG_j5MOfQJlfL4VKAlD3APol1EmK282sIn9cwGPP8oABzKianVXpDxs1uKA_uvHHip0nP1AY3I-8n_XdPuCKB0ZbAnrI1mA&sds=2&rev=82415&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAIsxsH48vsAADzccp1FQ4MKp-7SDQB-g&u=%7C37q5NLbdiZTR5wRbloRO5z4nR9U7lGXCaRE%2FCipRWf8%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62knUQI1z9HYeneK-1Devt8wky9zDFC3GGWJ4OT0gJBtYd4_HdjhA-nVYXxCOchoBuDKJFHA8Y4tzBkiXaIv2Udd4FqNqEWMyld3OmAXFUfiReAOHsfwm3EX2eZuWeCJyydpy0Kezqh4KWHgoSbzNsvCi7eUPnsn8yAH63L4KrxYDf5XYDU2fFo73UkrSyBRzsuWtBmk5CIYscRE7XhIiMWdtbCA7878k1hr4HX6Q-GkXRY6khK7cTqAKmTyVahcdo5bqY7hphTw6fLUzB2-yqAx3sRtWVXt6ARNHhmsNIjSW5EQsflq2wJxot4JhXe_X8wyvk3vETjT8KQuU5O2d84lwVHCH_QH4CH9csaOUt8vXdYHL2vdyV3qH36rvIzyK9GLpH9VSQt_BFvkci6PlDPA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqzboGKP1YpvmIuyXj-8P8eaDYJyB77BcosqnqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxoAGs3f7oA8gBCeACAKgDAaoEmgNP0HlPG1IA0iTj9VOMdbksq0xG4rpyUGSMxZuoR1beFrsrgCsLr29-zN5y3_DtgGpS8Ils3u0DJJFnpvDnO6HCErRp8RWpFU2L8pCWqExlWfpIp3tkG_Ylsh8Qk3RKjzkVisomgtXg3r-AE4RwaPdpvazgUmMhpX-2bMwz7LP3xKb3P76iyKZMYIpTxFkjqU1MDQiqAEB1mJDYhUBe6sqTXdi1WNzMrB4a3gll-pfJgJX4Sc3HY2NArCycrLAyDxUel-dOGHNDsBhSP14rtSQvGAM7xfOqoC6UM2Z8MR8QcuvKaXC6Uuh3EPwtcevqneNRr5kD7wsw5F5qBYp7vWY_P1jS5Zn8yE2T_cjzLfimdvhflJ8PX_CP7_UuWmMgPSnC50tsIj2FCgUzICWc2kPw8PF1wbTpSRQvqjWF0F5F_cOkMyA-GidFyAmT-GaL5sBYPPtCVCmlVvkYlcuFRwGCIrLjogu-1DE_DiaDOJ_m_nmyLVj8c9UllarVQkF60-da2Gah-7sxDNbWCK5RjDY6PbAiNwzkDEQFx-AEAYAGndz7_-j3xdoQoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBA8ggbYWR4LXN1YnN5bi0yNTI2OTAzNDMzMzMyNDA4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DuPeQg6w63rcPGV_kmJwBJHE_Mg%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 12 Aug 2022 00:47:22 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E186 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAIsxsH48vsAADzccp1FQ4MKp-7SDQB-g&u=%7C37q5NLbdiZTR5wRbloRO5z4nR9U7lGXCaRE%2FCipRWf8%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62knUQI1z9HYeneK-1Devt8wky9zDFC3GGWJ4OT0gJBtYd4_HdjhA-nVYXxCOchoBuDKJFHA8Y4tzBkiXaIv2Udd4FqNqEWMyld3OmAXFUfiReAOHsfwm3EX2eZuWeCJyydpy0Kezqh4KWHgoSbzNsvCi7eUPnsn8yAH63L4KrxYDf5XYDU2fFo73UkrSyBRzsuWtBmk5CIYscRE7XhIiMWdtbCA7878k1hr4HX6Q-GkXRY6khK7cTqAKmTyVahcdo5bqY7hphTw6fLUzB2-yqAx3sRtWVXt6ARNHhmsNIjSW5EQsflq2wJxot4JhXe_X8wyvk3vETjT8KQuU5O2d84lwVHCH_QH4CH9csaOUt8vXdYHL2vdyV3qH36rvIzyK9GLpH9VSQt_BFvkci6PlDPA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqzboGKP1YpvmIuyXj-8P8eaDYJyB77BcosqnqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxoAGs3f7oA8gBCeACAKgDAaoEmgNP0HlPG1IA0iTj9VOMdbksq0xG4rpyUGSMxZuoR1beFrsrgCsLr29-zN5y3_DtgGpS8Ils3u0DJJFnpvDnO6HCErRp8RWpFU2L8pCWqExlWfpIp3tkG_Ylsh8Qk3RKjzkVisomgtXg3r-AE4RwaPdpvazgUmMhpX-2bMwz7LP3xKb3P76iyKZMYIpTxFkjqU1MDQiqAEB1mJDYhUBe6sqTXdi1WNzMrB4a3gll-pfJgJX4Sc3HY2NArCycrLAyDxUel-dOGHNDsBhSP14rtSQvGAM7xfOqoC6UM2Z8MR8QcuvKaXC6Uuh3EPwtcevqneNRr5kD7wsw5F5qBYp7vWY_P1jS5Zn8yE2T_cjzLfimdvhflJ8PX_CP7_UuWmMgPSnC50tsIj2FCgUzICWc2kPw8PF1wbTpSRQvqjWF0F5F_cOkMyA-GidFyAmT-GaL5sBYPPtCVCmlVvkYlcuFRwGCIrLjogu-1DE_DiaDOJ_m_nmyLVj8c9UllarVQkF60-da2Gah-7sxDNbWCK5RjDY6PbAiNwzkDEQFx-AEAYAGndz7_-j3xdoQoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBA8ggbYWR4LXN1YnN5bi0yNTI2OTAzNDMzMzMyNDA4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DuPeQg6w63rcPGV_kmJwBJHE_Mg%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame E186 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAIsxsH48vsAADzccp1FQ4MKp-7SDQB-g&u=%7C37q5NLbdiZTR5wRbloRO5z4nR9U7lGXCaRE%2FCipRWf8%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62knUQI1z9HYeneK-1Devt8wky9zDFC3GGWJ4OT0gJBtYd4_HdjhA-nVYXxCOchoBuDKJFHA8Y4tzBkiXaIv2Udd4FqNqEWMyld3OmAXFUfiReAOHsfwm3EX2eZuWeCJyydpy0Kezqh4KWHgoSbzNsvCi7eUPnsn8yAH63L4KrxYDf5XYDU2fFo73UkrSyBRzsuWtBmk5CIYscRE7XhIiMWdtbCA7878k1hr4HX6Q-GkXRY6khK7cTqAKmTyVahcdo5bqY7hphTw6fLUzB2-yqAx3sRtWVXt6ARNHhmsNIjSW5EQsflq2wJxot4JhXe_X8wyvk3vETjT8KQuU5O2d84lwVHCH_QH4CH9csaOUt8vXdYHL2vdyV3qH36rvIzyK9GLpH9VSQt_BFvkci6PlDPA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqzboGKP1YpvmIuyXj-8P8eaDYJyB77BcosqnqnTAjbcBEAEgAGDJhoCA3KPEEIIBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxoAGs3f7oA8gBCeACAKgDAaoEmgNP0HlPG1IA0iTj9VOMdbksq0xG4rpyUGSMxZuoR1beFrsrgCsLr29-zN5y3_DtgGpS8Ils3u0DJJFnpvDnO6HCErRp8RWpFU2L8pCWqExlWfpIp3tkG_Ylsh8Qk3RKjzkVisomgtXg3r-AE4RwaPdpvazgUmMhpX-2bMwz7LP3xKb3P76iyKZMYIpTxFkjqU1MDQiqAEB1mJDYhUBe6sqTXdi1WNzMrB4a3gll-pfJgJX4Sc3HY2NArCycrLAyDxUel-dOGHNDsBhSP14rtSQvGAM7xfOqoC6UM2Z8MR8QcuvKaXC6Uuh3EPwtcevqneNRr5kD7wsw5F5qBYp7vWY_P1jS5Zn8yE2T_cjzLfimdvhflJ8PX_CP7_UuWmMgPSnC50tsIj2FCgUzICWc2kPw8PF1wbTpSRQvqjWF0F5F_cOkMyA-GidFyAmT-GaL5sBYPPtCVCmlVvkYlcuFRwGCIrLjogu-1DE_DiaDOJ_m_nmyLVj8c9UllarVQkF60-da2Gah-7sxDNbWCK5RjDY6PbAiNwzkDEQFx-AEAYAGndz7_-j3xdoQoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDgiIYRABMgOKggE6AoBA8ggbYWR4LXN1YnN5bi0yNTI2OTAzNDMzMzMyNDA4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0DuPeQg6w63rcPGV_kmJwBJHE_Mg%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
ca
choices.truste.com/ Frame 5598 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=28122411&js=st0
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.146.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-146-97.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
8ad9b31f88cb684b50ce3cd7b0bc2aa31f778c80d9e3e992f2034bb14512b1e7
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63606
cross-origin-embedder-policy
unsafe-none
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding, Origin
content-length
8034
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 71f2fed44216f4391ecbb693ee450dce.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
eh8thculsyGOn9KlyCjgvQ2RgygccKdYbnjfk1a8S0hIyzQqzgSXiQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
index.html
s0.2mdn.net/sadbundle/4709297047384098136/ Frame 5C3D 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cb6186db1cae0f4695d7d1ed3907c754a820588373edbf4e49ca577e99f6156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
322573
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4905
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 07:11:09 GMT
expires
Tue, 08 Aug 2023 07:11:09 GMT
last-modified
Thu, 30 Jun 2022 16:56:54 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5598 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9NivWGNTZsPbMt26t7cgvS8JNpUHK88zwJ1z7ccNKcEt2kLZ2cekgNfj3zBwsryCZuEQNZNmNrmRFvjNTpzRb6HAJ2ggNbUFvTA4D29XiotnbUbx_3PIhoaFmL_czBzBqs8P4KrW0fFU1fIDPxrnS_v1RI1ECohC1x5oe4q4v_DwRrkPuexJ60zeJw28Z8Uij44nrlkcP04aQ8D7c1rZYyOT7XpIBZGms3XyyBlY03xssfM0aMZbnQxvDlDHbYzeawQELmJjjy0K6Zia0b-UxO-iY-_2p1F1SsoCwTLK7j_AZttHcKQVzkQwCc5af165pwvM-nWZhmd_wjWmJd9IKF-Lc5Q3j-7JH4WIaKFMh6qPQsbfP7d-lmK-Xac4gGUvgWgN6-Cdc9AGbw6xDGf6WCu_Z2dlv3w-nMlfKi3NEjlcmDPkbW0IJbkwL0YFeW2BfJ1NF-Ezs88xXk6AMrBCSA-arYO8LSB2VAdZOMgsIgRsUnfExKWSP3oeDVqxS-9Zd_aIJMczgGFc1ArA1gyNBqKo245t1HLSOGuOj00CKrtZbqpNDjSd53a-PUvX8JMEiwuCz4kzy1pJjdcWAwis5VACjOHTuOCld8WsD5ybHs8HnjSsYJMYEcxI5NduOiWidlKxQ86DHjDvdL8rlG2axIavg8LXPwPA1x-0bF6Ohu50InwAV9GiYTLhNgDYXk3Y3Q3gW72sPgel2tTWuLp1y-qEaaobldXrMqaqjZCYaGIOF6SXLskpKaMOEdGFNtRDHB0N65j6xVZkhuVhdcjHdk03dYx8zJJnzY9reZO72AM5HTIgAHZeGOJCEzd4eydNVYIDbUV0ft83CMvRXlxtjBrR1_tW-tLHoJanscvD7sQBXIw2Az5JiUyp-LaoBcNEQeeCdDtQJukwO_t6S-ClLFKDRZE8_BborHVlvJpqrW_kWsX12Gx2XiGmkoH92r1LekEsctyB23up31Cv0E-XYhyInwhWbuiGcFPNA3QMIxhJprgXGwoI6WpuuRefhWstSSyET2t0aaug451RYFZTEkA8nNSYLC32PHSKB7tlUpUI6mSWREHv1c_gaIW6Fi-N0eZkHls1x_sb9cRkPqgRJPRljbYho3Rg0hJyb5b8VX4Cii8c8jNAHf8OfUbQCNj1-csw62h6Lf8XH3u_AFrOrVUoo6QK_IMqrSVPlrxypggxYchSSrPt910kwX9Vv4zOmLaYXvh0G_h-k1_ZHWvES_Ae5RQYyR-ZrWJLTG5FPHEUJQhLw7n0a0Qz0DDReBOyJRiQbCD9XQanR65plMpF3yHf3_DdtsHS3PH57_Np3fuQ&sai=AMfl-YRyx6FLRsoD707b-PrHQqDHZbq7WpA7RW548kDgKROs1Bd7Z9_cZrAJsFPx6KLpsEb0DKKM-79zrGPqTz-N6ULiRva8mPEP0IcbIqxypVCE9dc2JKiRvp7Q7xFKzhuZpX2VjlYqepBsuHCTQuAB0xmrjdFt-mhOOeR8bW9GhIkZ0PsgX3LI96yJ2lqR_vZtQhtAAN5kp-Dx9n5e0UQX4LPx5zVgdgz3cQ&sig=Cg0ArKJSzP5epdskPQLdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=563&cbvp=1&cstd=557&cisv=r20220810.58805&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 12 Aug 2022 00:47:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dcm
beacon.sojern.com/imp/ Frame 5598 		42 B
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/dcm?auc=ABAjH0iNLTagOxF8BbWwlWRis9fA&io=1008346663&li=17622767469&cr=433021183&io=1008346663&seg=&src=https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov&ord=%c
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
dis.aspx
widget.va.us.criteo.com/dis/ Frame 4ED9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=62f5a3192260a613e56aeb76fc84f27d
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
554160b62a960045c1bda9836106bb92734b5c7a77b3210b330e24c026328cb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 00:47:22 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
3681612
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame 4C1D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTFmNGY0MzNlZWRhMGJlYjNmYmJjMTcxZjhkZGY5Yzg1YTU2YjdmZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTFmNGY0MzNlZWRhMGJlYjNmYmJjMTcxZjhkZGY5Yzg1YTU2YjdmZg
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTFmNGY0MzNlZWRhMGJlYjNmYmJjMTcxZjhkZGY5Yzg1YTU2YjdmZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 4C1D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZANblPmyQkOuMGNlgSqCxg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZANblPmyQkOuMGNlgSqCxg
43 B
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZANblPmyQkOuMGNlgSqCxg
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 00:47:23 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NZP6EK03N8F8PWYZE0NT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZANblPmyQkOuMGNlgSqCxg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9a0c641c0479142b55591fdf2031b15f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4C1D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3d22c16a-ce31-46f0-ba9c-0283881e2ab7&gdpr=0&gdpr_consent=&expires=30
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3d22c16a-ce31-46f0-ba9c-0283881e2ab7&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3d22c16a-ce31-46f0-ba9c-0283881e2ab7&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 4C1D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=36uvk6_qSmWxZT4GSqu8uQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=36uvk6_qSmWxZT4GSqu8uQ
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=36uvk6_qSmWxZT4GSqu8uQ
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Aug 2022 00:47:23 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
R0GYCSQQT11GTW5B9FQF
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=36uvk6_qSmWxZT4GSqu8uQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 4C1D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQUjIyS1MtUy05OTg2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQUjIyS1MtUy05OTg2
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZQUjIyS1MtUy05OTg2
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
esync
token.rubiconproject.com/ Frame 4C1D
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 12 Aug 2022 00:47:22 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 4C1D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/EQwEkHn49QotrJNqiB2pMA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7112488264129755622
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7112488264129755622
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
Content-Type
image/gif

Redirect headers

date
Fri, 12 Aug 2022 00:47:22 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7112488264129755622
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
setuid
px.ads.linkedin.com/ Frame 4C1D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6PR22KS-S-9986
0
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6PR22KS-S-9986
Requested by
Host: f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 2F4D0C2E7CA54997AB100C3FE0B319C3 Ref B: MIAEDGE1410 Ref C: 2022-08-12T00:47:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXmAKAGcBJ7kFoyWci0sA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L6PR22KS-S-9986
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
privacy_small.svg
static.criteo.net/flash/icon/ Frame D1DD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame D1DD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame D1DD 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 07 Aug 2023 00:47:22 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame D1DD 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 07 Aug 2023 00:47:22 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame D1DD 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=kDLtj91H7KXiw9VtHlKrUeFDq7RE5M58Xty0knQWEDW4mymKYqB2uHXGM1v60Xam-g-CxzqMWZxrqjQfw0IXSHKeZIk-km07aoe83MRXKKWd4G-s5fIU5vIVDvCV4Pn-i651Dvi0CKy7fX9zalazNfvojOiQUXTygFeAzQlxl7QMis5sk8DubhcHzBsyWd1VxLu2aR58C5z-ZkfsT0451U98dcqI33kTWAyYAjFP6iPhSyKSljqtsKGr4wl4RAPvf_13kuQGrLkQBjzqIZ1xdBgYFK8oMjDPVpQljYEleCvziiZFRVuQYNh-yvVUVwm2qnKLJfj6fzv1QTtCl7eb7Metjs8D1LbRPtyMbCfuRdTp0dA4EZAdOM298qqYhHzCYJv8MeWY8MwTwpvcnAVss4GnMH5UrbQlpCOCYxECdR2vi6x0pPStrzXnjE3W1Ls1hbVbzA
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2887471
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
d.agkn.com/pixel/8538/ Frame D1DD 		43 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/8538/?che=62f5a3190fa01f845595eaca6f94a2d0&col=274550,0,0,0,11176536,62f5a3190fa01f845595eaca6f94a2d0
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:a600:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:21 GMT
via
1.1 777c0716c0ef8010208c3559195306d6.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
XDQn0M69O0gGejmqa7eNUWpWXN1p-j3NCqrDYis8VC7OCwylG8Scaw==
expires
Sat, 01 Jan 2000 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 27AA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8D6BF6P1Yv78L4SWlAP9oqTwAwAAAAA4AeAEAg&bg=!V1SlVBDNAAa4hXTbmIU7ACkAdvg8WtprpBTNJUE5SjxqlfJAX-MVZYTqAXknspFhaXfsun1wmmGfPAIAAALlUgAAAANoAQeZAyMiONDUOYTNoniIBTjhFyfQzqzTvv3wTzssEci-kyZiDM2kJXZWkhIh-bew72-L8Bfxc15Am7Z0FkduYhOkf_9hGGMz5C_rRAFYGWqXd2Ho2x5h_Rk_F7SZn2ZW2MevhUw8NrBocsBUbL6NQ7rs-rc4GfFP0d8hhEqBazaNlfsPQ2s1VevsryRFj4d6YzkjR5XBrwTFbPfxvteH4DKAvnbRrO_l1U6yAFJKJ2sTYJn00-hniHxd9D5WNoKBbqNmn8Eux2SaLASw5DUmCve-IWpD1OhHOEIawzvzN2pVNC9EjQNvGrOTyCNadEpwCX65j7n13dCn1HZv7jVmqWmnHYIAEsIVZ_nquyp_l1eHnEEh54WmJrmCjZhJ9j0NuJapThatzlTii73xaZ0rtHe5z_HSJk1-2R-mvSpreFlPOt6TSFTRb6OQ7j3RRW2Ch3EMgYG-KuNCTqizsVg4GU1OJnDkS-GHL2cE5nq8UqrYRWM0aGdvQg1jWVgq0NIRrlfGHaw5zT6OqGxu_LgkIJQ1r4XqegchP39I8SU5I88PBkAvFpmoYcEJSwqzjXu158ubyGe_yqGHjIQXZBGtLAcAE1bRO-6HeSwVIHyzVlO_I0PpXnHx8tAao8j2om4x3Jhvgh2BfwZmHje3scL55nmhU_gRUenUMRw0Df2Jpv_6av4ptOtqtWutoZ_s8k5-7Y2eg4I_EZdj9G9YVbJFn7QOEKkEqU3BIKjAIJcluPTgT7n7_cx5oSuJuHlzqSQfuuca_CeCkjpfwV6ySu0PmO_G-hsCE_MRZDrPfszHQAHYpa0605Yo7omut-x-17fXFEbozLZD5jOphW6c4KPODoouYfLIyqwXY_H8JSOWXm6_-j9shDli7kq8QyHrRPujOVFkw7Kfx53HhTaGACpdDQ9ePbi7VcylJi7sIPNoKzFdOLxV92Of-lUyRhIIVuUfeKBKpLUYl1jXXSw3qxua7Ti8HjpGJBz94rziU0R42KefnYhP4un0AUOyys4XbPxCFECrRJ3P8xMNusgjhl0i8M-IfMS1nsZ7c_0ng-O2JkEq5psG8fk0TQ
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C874 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
113099
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afWztOHJS9a1ssoFHINtAefZ9Pm64maxDLGM7gOZSs2%2BJdAF%2FU2jsqppeIAf0gfqg43t14qMZRHIW3aNwXWRmEAXumiMzxB8w5F12EqsHz2WnAt%2BpO9nndLccF6spqWB0bL1oUH6rmhs0lnx1SBaqEKu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7395330539e58db4-MIA
expires
Wed, 02 Aug 2023 00:47:22 GMT
animejs.js
static.criteo.net/animejs/ Frame C874 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
95f88fc626f1432fa432382e4bfd47db_tradegothiclt-bold.woff
static.criteo.net/design/dt/ Frame C874 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/95f88fc626f1432fa432382e4bfd47db_tradegothiclt-bold.woff
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
71fec08136db4f39744016e39725613faa040db5da9f01cbcdf3b1ef6e5000d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2021 21:58:27 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"601dbf83-65e8"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
img
pix.us.criteo.net/img/ Frame C874 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=152&m=0&partner=40380&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F40380%2F220701%2F1cc82d6269304e228316443e8587b7c1_logo_n_horizontal.png&v=3&w=668&s=00ZuHmm6mjI9ZjWxSCAUPLdK
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9a443893c3a2c6ba1c570e5946c0651670ebd479058046447876febf44dd043b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27530890
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
51995
expires
Mon, 26 Jun 2023 16:15:32 GMT
img
pix.us.criteo.net/img/ Frame C874 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=1200&m=0&partner=40380&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F40380%2F220509%2F252008d0c7cd4c9abf1fc0fad0f0f8fd_img_vertical_1.jpg&v=3&w=1200&s=498qyaxIa2ri-KxdSxFPzkbo
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a21abaf28ad6c262161496d76b753ab3cd9c79fcbd1216616af064ebc99da410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30027165
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
91900
expires
Tue, 25 Jul 2023 13:40:08 GMT
img
pix.us.criteo.net/img/ Frame C874 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400013402014_DARKGREY_486x648.jpg&v=3&w=400&s=h8IUxBvwIUhHymQ4Bpg1Eu28&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1397086e5f05778b21d202ada07928f84fe1414e07723bd56399759302c009a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=54840
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8068
expires
Fri, 12 Aug 2022 16:01:23 GMT
img
pix.us.criteo.net/img/ Frame C874 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400016315819_MULTICOLOR_486x648.jpg&v=3&w=400&s=aXE3a6DFppGIcOYXvxHH26np&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f05a1e10b596ceed781ac97fea2ecdd9b3d84e3c0e7f6469368d6a7ddda6b4a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11216
expires
Fri, 12 Aug 2022 00:47:22 GMT
img
pix.us.criteo.net/img/ Frame C874 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400015682167_DARKPINK_486x648.jpg&v=3&w=400&s=6h7_iFUVdE3I9yd-WcwmSKUQ&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
709b80debdc7d3854c0128bed937490b2448e40492c99e40ab73bb2bf8c7b5a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11730
expires
Fri, 12 Aug 2022 00:47:22 GMT
img
pix.us.criteo.net/img/ Frame C874 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400013656035_ROUGEFERRAGAMO_486x648.jpg&v=3&w=400&s=QuPaghYlY1eFTsSSrmzZ41gQ&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9aeb68f8a96814f917a539620c6b7d1ae71a29efe9e5011948cbe442f9bece47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3706
expires
Fri, 12 Aug 2022 00:47:22 GMT
all
csm.us.criteo.net/ Frame C874 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=_2QNAxJ9tOZLVpLvrFC9PPUX7nNpV40KSTuGbouP8ch7QBnHv3tT8ZIFZF27H2etTwPPNg5EV-4ORWcuvdObma1u7umFcecE7WxigbjKLUzZzrzcBYBsQ5OPibOY3avSfwhCaosVYOybKbIFvH5Pyg9qdnitFlfwh6gHvkVabl-ZwtbzUQoirg2Dohk7n74EoLLstdGblGe3crPiYalrf4Fq93oUXuGonVVPkTr3_cjk598_9v_dRNBRFlLBUP9sXMptFA&sds=2&rev=82415&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 12 Aug 2022 00:47:22 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C874 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C874 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0986 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
150948
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:51:34 GMT
expires
Thu, 10 Aug 2023 06:51:34 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D14A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssf7OpwsQaKBaPCIhPteNJL0oCcpo3GAp6pQn1xdFqn9zxuPqxBf2CMsKd4TpkXWKAusbUjCD6Eqr3I3EqfQmQZMK_lamUqy7O5449C3P1UjdvfXu_Nv4MDIdSw6WOY1A&sai=AMfl-YQD07Sz41od2ftOxDSh-99hCfQDB9_d9Znb0rptNpUYfxjQebwQgQ3uRoQni3bdlkreF01HAj716RDX_rJUCDJUoLCjjwVsJAmXCXswnZ7Iz2tahP9qIO9Bw05ZnpI6&sig=Cg0ArKJSzJReKA9Dng95EAE&cid=CAASKORo36VJ_jOeb7WBw4JEZmu3oH5Q34LEVhoCU7vpbGsf-KePBbST7_o&id=lidar2&mcvt=1076&p=949,1085,1199,1385&mtos=1076,1076,1076,1076,1076&tos=1076,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3241084542&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660265240624&rpt=754&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D1DD 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
113099
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6ELmsYvQ225qhA8U4N4CcyXrU4CCIS5tZMAPR22F%2Bf7EwdSoC1Efwy6Ofvm0Z%2B93NxQjGr4qTuqTK8WXXW%2F7qsxTtQkaHvDmTXTWzxqL8Pb%2F0SAtO5YRSBZMYv4NEeFsSbnz6HBmO9KjilTeTmSVeme"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
73953305cb218db4-MIA
expires
Wed, 02 Aug 2023 00:47:22 GMT
animejs.js
static.criteo.net/animejs/ Frame D1DD 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
95f88fc626f1432fa432382e4bfd47db_tradegothiclt-bold.woff
static.criteo.net/design/dt/ Frame D1DD 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/95f88fc626f1432fa432382e4bfd47db_tradegothiclt-bold.woff
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
71fec08136db4f39744016e39725613faa040db5da9f01cbcdf3b1ef6e5000d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2021 21:58:27 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"601dbf83-65e8"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
img
pix.us.criteo.net/img/ Frame D1DD 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=1200&m=0&partner=40380&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F40380%2F220509%2F252008d0c7cd4c9abf1fc0fad0f0f8fd_img_vertical_1.jpg&v=3&w=1200&s=498qyaxIa2ri-KxdSxFPzkbo
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a21abaf28ad6c262161496d76b753ab3cd9c79fcbd1216616af064ebc99da410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30027165
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
91900
expires
Tue, 25 Jul 2023 13:40:08 GMT
img
pix.us.criteo.net/img/ Frame D1DD 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400016315819_MULTICOLOR_486x648.jpg&v=3&w=400&s=aXE3a6DFppGIcOYXvxHH26np&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f05a1e10b596ceed781ac97fea2ecdd9b3d84e3c0e7f6469368d6a7ddda6b4a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11216
expires
Fri, 12 Aug 2022 00:47:22 GMT
img
pix.us.criteo.net/img/ Frame D1DD 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400013402014_DARKGREY_486x648.jpg&v=3&w=400&s=h8IUxBvwIUhHymQ4Bpg1Eu28&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1397086e5f05778b21d202ada07928f84fe1414e07723bd56399759302c009a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=54840
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8068
expires
Fri, 12 Aug 2022 16:01:23 GMT
img
pix.us.criteo.net/img/ Frame D1DD 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=356&m=0&partner=40380&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F40380%2F220701%2F32a105b0cdbc49d0a60b7e7de58f4b4b_logo_n_vertical.png&v=3&w=236&s=HSVCgFk14K6iBBEGsJP_eis5
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
95aebdfa8405045164cccc32879144a63e65c493145c6334c6f0f258e46960ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:21 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30164947
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
32683
expires
Thu, 27 Jul 2023 03:56:30 GMT
all
csm.us.criteo.net/ Frame D1DD 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=2vK31BJ9tOZLVpLv3v4HFRmMlCBvDRIJXU5jahKr8uOuN66LR39oHYVP5fBULIjgr8lL4QV7PJM-IjNlwHZW8J30RnuVrPLm1xAs31HEW0MXOOAPm5kBWnVhwJKeJCEGsbQp8zaNad_6tYZbSzfRzvh0_CAcSAX-Abg9248C2wwiQOnUa8DJvQEG1D2kjK6YeHxo3L7trC-UO992qfNaSDos973RX2vBouSP15dYxmX5j3RI5VB21VSbCJpULtiWow313yS8F1ZbudTd&sds=2&rev=82415&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 12 Aug 2022 00:47:22 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D1DD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame D1DD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 07 Aug 2023 00:47:22 GMT
css
fonts.googleapis.com/ Frame E186 		5 KB
680 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac23c6c7d2317bf500f0b1c8c0226756fac3ea8cb4813bd4c602904e167b0829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 23:16:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 12 Aug 2022 00:47:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Aug 2022 00:47:22 GMT
truncated
/ Frame 4572 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef123f43afbca3effb5b7c2302deace0dd1be5522271ac7f61af657c5710c387

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
image/png
ca
choices.trustarc.com/ Frame D14A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=27797159&js=st_1&sz=1x1&c=te-f77a
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=27797159&js=st0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-8.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
c33c514a08efaac4378c8e0bce260e0f83764c66a33eeea6a939592b6dab484b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
EWR52-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding, Origin
content-length
2139
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id
1eionIRaOm5eMf-P-pTzskKkp7WlXMm9FrQpEWucGA2Xx0NYScvgjw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame D14A 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=27797159&js=st_2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=27797159&js=st0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-8.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:03:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63804
cross-origin-embedder-policy
unsafe-none
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
E4m1lPeqK1ud_ZXpOlaFZUxeHTE8gsp9mCPGdW535gkvRprvc4FNrw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame D14A 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=sojern02&pid=sojern01&cid=27797159&w=1&h=1&c=1bc7
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-8.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
via
1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR52-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
vary
Origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id
DKdHJrcb_lJUOwIfo_Caa0YrDqYdk7BACDc0f15kAzqH50b29qmwRw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
316e869831dfd3700fd73451b993790a.js
s0.2mdn.net/sadbundle/4709297047384098136/ Frame 5C3D 		76 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4709297047384098136/316e869831dfd3700fd73451b993790a.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b56c7cd2dd9e00da12e5d10e117491c92734357a68c457364cacaeacddfe0655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63401
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20406
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 16:56:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Aug 2023 07:10:41 GMT
sync
x.bidswitch.net/ Frame 9822 		0
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 9822
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-kxR4_62BgMou1tZZN2gaRWG1bxlf7EBsNCvSSA&google_cm&google_hm=ay1reFI0XzYyQmdNb3UxdFpaTjJnYVJXRzFieGxmN0VCc...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-kxR4_62BgMou1tZZN2gaRWG1bxlf7EBsNCvSSA&google_gid=CAESEEkeqa662BByZhuCWq009PY&google_cver=1&google_ula=913071,0
43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-kxR4_62BgMou1tZZN2gaRWG1bxlf7EBsNCvSSA&google_gid=CAESEEkeqa662BByZhuCWq009PY&google_cver=1&google_ula=913071,0
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:22 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4877773
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-kxR4_62BgMou1tZZN2gaRWG1bxlf7EBsNCvSSA&google_gid=CAESEEkeqa662BByZhuCWq009PY&google_cver=1&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
ib.adnxs.com/ Frame 9822 		0
0
/
partner.mediawallahscript.com/ Frame 9822 		0
0
tpui
ih.adscale.de/adscale-ih/ Frame 9822 		0
0
rum
r.casalemedia.com/ Frame 9822 		0
0
match
ad.360yield.com/ Frame 9822 		0
0
cksync.php
contextual.media.net/ Frame 9822 		0
0
push
exchange.mediavine.com/usersync/ Frame 9822 		0
0
cookie-sync
sync.outbrain.com/ Frame 9822 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9822 		0
0
tap.php
pixel.rubiconproject.com/ Frame 9822 		0
0
v1
match.sharethrough.com/sync/ Frame 9822 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 9822 		0
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 9822 		0
0
um
criteo-sync.teads.tv/ Frame 9822 		0
0
xuid
eb2.3lift.com/ Frame 9822 		0
0
sync
ups.analytics.yahoo.com/ups/58301/ Frame 9822 		0
0
m
ad.yieldlab.net/ Frame 9822 		0
0
idsync
tg.socdm.com/aux/ Frame 9822 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame 9822 		0
0
sync
gum.criteo.com/ Frame 9822 		0
0
user-registering
ads.stickyadstv.com/ Frame 9822 		0
0
sync
matching.ivitrack.com/ Frame 9822 		0
0
362338.gif
idsync.rlcdn.com/ Frame 9822 		0
0
c.gif
c.bing.com/ Frame 9822 		0
0
1017
jadserve.postrelease.com/suid/ Frame 9822 		0
0
dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
pagead2.googlesyndication.com/bg/ Frame 0986 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
234071
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14301
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:46:11 GMT
halis_r_400_normal.ttf
s0.2mdn.net/sadbundle/4709297047384098136/fonts/ Frame 5C3D 		54 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4709297047384098136/fonts/halis_r_400_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4709297047384098136/316e869831dfd3700fd73451b993790a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e92d29af4d84b8cf1e9988a032ed1ec1f5bb1542a2d00951bdf8835fdb4e4fe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63400
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35630
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 16:56:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Aug 2023 07:10:42 GMT
sora_700_normal.ttf
s0.2mdn.net/sadbundle/4709297047384098136/fonts/ Frame 5C3D 		56 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4709297047384098136/fonts/sora_700_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4709297047384098136/316e869831dfd3700fd73451b993790a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
138eff238a16b6723cdb21ad585d1bf21cefc1dec75098248d969c738af7d18c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63400
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31836
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 16:56:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Aug 2023 07:10:42 GMT
edc1d808620d4e8be4f69b50507f2cf3.png
s0.2mdn.net/sadbundle/4709297047384098136/media/ Frame 5C3D 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4709297047384098136/media/edc1d808620d4e8be4f69b50507f2cf3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6aaf48d2d9688c5b92c360067a99f88c9041b9f9a9261cfff346fc5426a6db98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 08 Aug 2022 07:08:46 GMT
x-content-type-options
nosniff
age
322716
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5849
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 16:56:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 07:08:46 GMT
f01f25d5cd78c546f4ec53037de1920d.jpg
s0.2mdn.net/sadbundle/4709297047384098136/media/ Frame 5C3D 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4709297047384098136/media/f01f25d5cd78c546f4ec53037de1920d.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d90ffea8baa245bc7bf4b5885e044b5f321c95653893e75a6554e5821d4488bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:10:42 GMT
x-content-type-options
nosniff
age
63400
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21350
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 16:56:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Aug 2023 07:10:42 GMT
5486d899ede6897c2d28733a01f715be.jpg
s0.2mdn.net/sadbundle/4709297047384098136/media/ Frame 5C3D 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4709297047384098136/media/5486d899ede6897c2d28733a01f715be.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091bc02923ad7733a72ffafd4bd76c2570dfd08b0757265351e5b0fe88aedb00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:10:42 GMT
x-content-type-options
nosniff
age
63400
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25628
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 16:56:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Aug 2023 07:10:42 GMT
bef660026fe1d737e7461bc40ba384ee.jpg
s0.2mdn.net/sadbundle/4709297047384098136/media/ Frame 5C3D 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4709297047384098136/media/bef660026fe1d737e7461bc40ba384ee.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23aee776a26d9ee064536ce60329620ce3ac6ce24cd3be4989b69091b5cead3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:10:42 GMT
x-content-type-options
nosniff
age
63400
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24979
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 16:56:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Aug 2023 07:10:42 GMT
798594eccdc1fefd2cdc46db7b6f0db1.jpg
s0.2mdn.net/sadbundle/4709297047384098136/media/ Frame 5C3D 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4709297047384098136/media/798594eccdc1fefd2cdc46db7b6f0db1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e896a9ce169c81f8d886ecf76bcda49010dccf1d2634bfce20d6ab972b48207
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 08 Aug 2022 07:08:46 GMT
x-content-type-options
nosniff
age
322716
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19381
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 16:56:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 07:08:46 GMT
51f51ee5baabb19d02f1eb7d49896fce.png
s0.2mdn.net/sadbundle/4709297047384098136/media/ Frame 5C3D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4709297047384098136/media/51f51ee5baabb19d02f1eb7d49896fce.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c8f58b1dfea9a0bce0a79ebfe3ab0c6ef501406c9d9726364b0f2eda79526a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4709297047384098136/index.html
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 08 Aug 2022 07:08:46 GMT
x-content-type-options
nosniff
age
322716
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2685
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 16:56:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 07:08:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A2E7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSqjdGKP1YvTZNMnxowavnYGQDAAAAAA4AeAEAg&bg=!4-Cl4KTNAAa4hXTbmIU7ACkAdvg8Wp1Qz1vvAnTbdDbw_fy53E-ykMXj8soNTSaEcIE8lcmDu24HiAIAAAO2UgAAAAJoAQeZAtlbchMwuRck7HSzfr83OmNyKeK0fr8YR8Pdt09dwbvLih7HQmmVl4nQBytF0mrhmPyoJ8LYV3Sfdat9Rly0DGmXrvovRyliGRyw8y0-f3AjGQdQgDMuO_JUtSize2a2owduzLaFb_CEqtJorxKgZXrmLlrTWsdcEiJAtYuK9U_XeUuBBm7hQDKJlkZflkPUVtYW2A345mtZp-H0niC_5BwbyKlzlJYSCREkFY8WC_2Fzj5v2pt5H37YYHq7M8OjqRIPfPsusSvKVeTsGpYWEEEAJA8pOtVRGz4t8bHC4-GJpfMoR0r3LJLlLfGz9a48v9sR3MAsHCB9c0nPW_U5LTzMv_bk6KftRqyjO50WEaNggbbtaGaMNjfwFrOLVYGw69XrtxwGoQW5zhAx1cRbNUWXwDIILEcHRB0Z1aXRrceLKSZS6K2j9rOFgV0pSghllrmGuEPOVp4VClTk5py78zq6VnoHpfvFF1jzu9ITeDpgf9C9rHczM0QQyckDX9iBqa-LDBeuDCehG3m0Nx664rTNieUCc-q8pQcgAR29NhK3bQ258LlLVGq8Qgpj2SnP-BO_7qmZUNB69DbmEMT0xNj1lene5fsVq6j1hIKkEqIwzB6Y8PYAqe_acShugFFIoF1oAlxPm3Pz5UJ7GtnKoJdjonQjHrRgUEcqu-BwdPkAJggOBEMUkL7Dl4cWVrHFRRI3M4unEdpSGGIVQhUDbChr12LV-CqTExf3O8vV4vqSWyby0ViLuo5kUV7z5IA8STzh8CvVxG353pi_rHO67EnbZiSaOTaH9xsKc_GzMhHhYUDRNVbFjyGTrvWLF3i7ihuBQb5cFnQ_shK2VqC3yJN7bRFdnIklnZYBpS0deJdhW7igxOEQewawoReCvEYq_gkaHbZFmXFx7UPXII-sayF-pxDmzjlT3ssswcDhPo3LKJgXtrqqoJeTx_aL_Q0_JGTfJSMcuiJIjjA
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pix.us.criteo.net/img/ Frame C874 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400016315819_MULTICOLOR_486x648.jpg&v=3&w=400&s=aXE3a6DFppGIcOYXvxHH26np&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=E18F87ABDDA08D73&u=%7C37q5NLbdiZTxk%2FcEyc%2Fa7oNUBLxEjh7iKWskmnkiRcQ%3D%7C&c1=TUPLs6ok1Ig2KJNSe-b68yvzuHuRKtaWV8iy7QNBL8t6wwnb28rggpLn3F7vX-lNcGyZlB8FTbcev4reFVJTYyGjAC1mp4R7U8Vot-muNxrWz_oDZlQ94ckKvLQbOYndsWbO150N6_9IylyJM0MTaCuBmk_qjvkF2VL4OLQgjXyfy5O9iYJJHJOnHJGjQ0FRVSJ0lT6cZxDIQ8rHPFhSPikUkGq2Rbk5oHqSuTjATtv_CrgFKNxbXo-5VjcTK4hhMB24erY3h_2hzb89uIKQpNfBe2Mit6anRgE69tht1gnb3TmD3e5Qk2d0RjaoOiQrTw4S0CTt3_RLQ7LtzlKHpF3nWERLhzJ4iDCI-pe6FhMD7KXIzdpcD1vIY4KGZPjmZ9ts71PW8zQgA_Ng20F7wbM4KeJ73tkt6tzMJWSFgEauM9cZwtxATBo3gX4iabrwDVZOi3UNWyjRv3RM1Hl8TrT05l3yFR6FWAjG7FsTXeS3NqLycNcuyfa-R3nMjWAb5EQBBoTY2Pj_TCV6uDD80IZBvFUcOMwv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
pix.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f05a1e10b596ceed781ac97fea2ecdd9b3d84e3c0e7f6469368d6a7ddda6b4a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:22 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
11216
expires
Fri, 12 Aug 2022 00:47:22 GMT
sync
gum.criteo.com/ Frame 9822 		0
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5598 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9NivWGNTZsPbMt26t7cgvS8JNpUHK88zwJ1z7ccNKcEt2kLZ2cekgNfj3zBwsryCZuEQNZNmNrmRFvjNTpzRb6HAJ2ggNbUFvTA4D29XiotnbUbx_3PIhoaFmL_czBzBqs8P4KrW0fFU1fIDPxrnS_v1RI1ECohC1x5oe4q4v_DwRrkPuexJ60zeJw28Z8Uij44nrlkcP04aQ8D7c1rZYyOT7XpIBZGms3XyyBlY03xssfM0aMZbnQxvDlDHbYzeawQELmJjjy0K6Zia0b-UxO-iY-_2p1F1SsoCwTLK7j_AZttHcKQVzkQwCc5af165pwvM-nWZhmd_wjWmJd9IKF-Lc5Q3j-7JH4WIaKFMh6qPQsbfP7d-lmK-Xac4gGUvgWgN6-Cdc9AGbw6xDGf6WCu_Z2dlv3w-nMlfKi3NEjlcmDPkbW0IJbkwL0YFeW2BfJ1NF-Ezs88xXk6AMrBCSA-arYO8LSB2VAdZOMgsIgRsUnfExKWSP3oeDVqxS-9Zd_aIJMczgGFc1ArA1gyNBqKo245t1HLSOGuOj00CKrtZbqpNDjSd53a-PUvX8JMEiwuCz4kzy1pJjdcWAwis5VACjOHTuOCld8WsD5ybHs8HnjSsYJMYEcxI5NduOiWidlKxQ86DHjDvdL8rlG2axIavg8LXPwPA1x-0bF6Ohu50InwAV9GiYTLhNgDYXk3Y3Q3gW72sPgel2tTWuLp1y-qEaaobldXrMqaqjZCYaGIOF6SXLskpKaMOEdGFNtRDHB0N65j6xVZkhuVhdcjHdk03dYx8zJJnzY9reZO72AM5HTIgAHZeGOJCEzd4eydNVYIDbUV0ft83CMvRXlxtjBrR1_tW-tLHoJanscvD7sQBXIw2Az5JiUyp-LaoBcNEQeeCdDtQJukwO_t6S-ClLFKDRZE8_BborHVlvJpqrW_kWsX12Gx2XiGmkoH92r1LekEsctyB23up31Cv0E-XYhyInwhWbuiGcFPNA3QMIxhJprgXGwoI6WpuuRefhWstSSyET2t0aaug451RYFZTEkA8nNSYLC32PHSKB7tlUpUI6mSWREHv1c_gaIW6Fi-N0eZkHls1x_sb9cRkPqgRJPRljbYho3Rg0hJyb5b8VX4Cii8c8jNAHf8OfUbQCNj1-csw62h6Lf8XH3u_AFrOrVUoo6QK_IMqrSVPlrxypggxYchSSrPt910kwX9Vv4zOmLaYXvh0G_h-k1_ZHWvES_Ae5RQYyR-ZrWJLTG5FPHEUJQhLw7n0a0Qz0DDReBOyJRiQbCD9XQanR65plMpF3yHf3_DdtsHS3PH57_Np3fuQ&sai=AMfl-YRyx6FLRsoD707b-PrHQqDHZbq7WpA7RW548kDgKROs1Bd7Z9_cZrAJsFPx6KLpsEb0DKKM-79zrGPqTz-N6ULiRva8mPEP0IcbIqxypVCE9dc2JKiRvp7Q7xFKzhuZpX2VjlYqepBsuHCTQuAB0xmrjdFt-mhOOeR8bW9GhIkZ0PsgX3LI96yJ2lqR_vZtQhtAAN5kp-Dx9n5e0UQX4LPx5zVgdgz3cQ&sig=Cg0ArKJSzP5epdskPQLdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1381&vt=11&dtpt=818&dett=3&cstd=557&cisv=r20220810.58805&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 00:47:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sync
gum.criteo.com/ Frame 9822 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5598 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRADmNYDmRJ0Q9onx61G1hTqQJegN0PDMklLbOw8MTefmFndE9KCfAjhaZdPe2EEpesr5mKUNtqGVxdEw4zq7EvJOUnjY_vAWYFWTCErZICxtjcyEjreMzxCa2drpgmQ&sai=AMfl-YSHE5xTf8Y9XG-UMRClLXhQVC8Bla2bk5SqWnX_m1ZCP6fub1NgyKJ04vECbbVUnfi_bLGiKkWH61-CVM2SnMi8Qlw_RvVGqXOCDkjad7dXMMTHzxM6N4BRMekgYHu_&sig=Cg0ArKJSzI9HSOf7oXrJEAE&cid=CAASKORoV0gU4s1Sluzl4x4IdGLWvyvaoN3gpfi51DATSD4pCm51qGVNrz0&id=lidar2&mcvt=1024&p=832,488,1082,788&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=501369661&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660265241112&rpt=1049&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
choices.trustarc.com/ Frame 184C 		287 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-8.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
public
date
Fri, 22 Jul 2022 10:22:10 GMT
via
1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
server
nginx
age
1779913
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
EWR52-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
PMQkfuk-ZOVI2Lv6_lCBJc84GX1JHJvJv-uE3ICn9tnMZC1e0oRetw==
expires
Sun, 21 Aug 2022 10:22:10 GMT
get
choices.trustarc.com/ Frame 184C 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-8.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
public
date
Mon, 25 Jul 2022 09:49:44 GMT
via
1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
server
nginx
age
1522659
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
EWR52-C1
timing-allow-origin
*
content-length
739
x-amz-cf-id
waO6xL-Vt2YptuPfV_AuBDY3Hx6ZszqIoxLvb3zKneIpP0l9rcyf2w==
expires
Wed, 24 Aug 2022 09:49:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0986 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BD4HwGaP1YuGmIc_ZowbAhyIAAAAAOAHgBAI&bg=!ZGelZyPNAAa4hXTbmIU7ACkAdvg8Wmhe1bb40ni0eNJpJATM3T9ELqNeCQqzt6gNlYmXQSEHAXeMHwIAAAGfUgAAAANoAQeZAv35lpw6AUU_-C1MuC5ZDbQoaOv0CoZm_6cPpl1ig5jV2tcZuZBJvnqLbo8ZYOKB7KY7_Wk7lVoUn74H32_sYGvX7EvQQuzwtOe6iJNqZKwGmYf3yvAnUuC0BRzEVS5ym2pHTvBWYMGo8LzCasXVgRTGtw3X8WRXEt3iS44cWnKQKhVHSjAFLaPFRWpwkXkv5qtHxvonoO0XOzn_UG-ERTg6TlQOlFf-jSglG1nY4K4B71z-bqHMyr0_JgvdD-sCUspWXakQL3G_tM6OOe_g-b-CaA7VWz9AYop_8suuKLswRqtxAk93vuTmAtS_swd_KbbDwQNGSseTifU9gVSJbVggg2kD8qTfn56P9vhhlmj7PRksuhctjjK6dffxfdQ1zbv-VSpZwKjvmWl9NkoZEd28CjhQWPtr_EddlanWbCx4xjEpN9XGIj5PP1_P7kTL3FlVGXsvdVt6vTVOYU2nSMqAdljnOLgfGqc4Hyd7RJ2awN7l9ElodbkQtrzY2x7OMZKj8e3ObxivxTVlTC8Plpvl_-lCN6LAw8er92EgqdMH_p08BVssfiKDJrnRpkCXWyZyQzEOIxSkQLgOim0YUoaNuEOTFpmlaMIl4gvJAlnpmwEKB-0m2N5GyucNerx73NhtWcFkP7jtcV2xSDR561190awucFygEkajkAX6B2kawiRRKRQqxu4qUeJ4YxtSFTMTEQByIhOz6luvnyqNoSrjWYW5FvV2W_bNI9uJQyszbMUrlsQXBeKGez3_tL4RbR4Xbo3CGpT2WpAkKuvlS5beE8WLiqbRMIE20uKZCJNQl3Q9yVZKQq7R92xGTJKnasfFzY-WSMifGhm3Mt4eYFwekIgU92p7Sc0UYcydGb01uUs9b5fh0R_8oPWoAQGNdYIeifcqsU2JyyfIv5qzbGePRNWbVDGH3_FbvHs8p_NcAmhE0DgfJCf7DRIYnyLMUK6NxgkSFFD7_YD4FLEedClhfS-SvziCdD8gnC8khkPd1krdbwhRG3VkVYJ7-_s
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4572 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoJoctjYR5PTobG0MJGDd3bIb87HRT3dWFPzjKpPdhEAR5C3FLGhmJq4dekOnLePbooLfcO35yIGTI47nqvlAadH2C&sig=Cg0ArKJSzJc8i9tOCG0MEAE&id=lidar2&mcvt=1000&p=169,640,349,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1516792440&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660265241415&rpt=1050&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.us.criteo.net/ Frame D1DD 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=2vK31BJ9tOZLVpLv3v4HFRmMlCBvDRIJXU5jahKr8uOuN66LR39oHYVP5fBULIjgr8lL4QV7PJM-IjNlwHZW8J30RnuVrPLm1xAs31HEW0MXOOAPm5kBWnVhwJKeJCEGsbQp8zaNad_6tYZbSzfRzvh0_CAcSAX-Abg9248C2wwiQOnUa8DJvQEG1D2kjK6YeHxo3L7trC-UO992qfNaSDos973RX2vBouSP15dYxmX5j3RI5VB21VSbCJpULtiWow313yS8F1ZbudTd&sds=2&rev=82415&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 12 Aug 2022 00:47:23 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
ca
choices.trustarc.com/ Frame 5598 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=28122411&js=st_1&sz=1x1&c=te-d0b9
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=28122411&js=st0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-8.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
b3f059a10320009dbf773739fdb02787855b5401976b56d1ef61182834db2c2b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
EWR52-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding, Origin
content-length
2136
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id
NApSeR2vNgn0A95gagwbHC2alddLaPNwb9CfArFhftl14BnvHB5p7w==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 5598 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=28122411&js=st_2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=28122411&js=st0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-8.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 11 Aug 2022 07:11:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63354
cross-origin-embedder-policy
unsafe-none
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
Ljbh3Vff5VoHr-tILnZjI52dVSWb6L9qImYbRRebsX-b8pAfS428mQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 5598 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=sojern02&pid=sojern01&cid=28122411&w=1&h=1&c=62c9
Requested by
Host: vov.vn
URL: https://vov.vn/the-gioi/ho-so/azerbaijan-tam-diem-chien-luoc-dau-khi-cua-my-trong-boi-canh-xung-dot-ukraine-post958448.vov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-8.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:23 GMT
via
1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR52-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
vary
Origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id
UwKfU4EYXbKA-0nE3_cDkh4X7WFEiqauAu5cbKbdDK7QnTtg5WrnGA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
ad.yieldlab.net/ Frame 9822 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba0d2f917bdbd6aab3af59f6d173198050d93ca1dd3fcd33b051713cd88077fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 00:47:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11003
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 00:47:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9138 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vov.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
14937
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 20:38:27 GMT
expires
Fri, 11 Aug 2023 20:38:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C698 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
33ce37d3dbf835d583fbe3fbd41f3630787233cb7ecd8fee2d062337bc2fb65b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9zoWPLztnItaA6k8bTA2WA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vov.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-9zoWPLztnItaA6k8bTA2WA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 00:47:24 GMT
expires
Fri, 12 Aug 2022 00:47:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
get
choices.trustarc.com/ Frame 0A00 		287 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=28122411&js=st_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-8.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
public
date
Fri, 22 Jul 2022 10:22:10 GMT
via
1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
server
nginx
age
1779914
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
EWR52-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
JwTb0LUNU-rqm_Tv8GNJRy35BUxL4hdap1m6mmC4vgba_mmYvKEr8g==
expires
Sun, 21 Aug 2022 10:22:10 GMT
get
choices.trustarc.com/ Frame 0A00 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=28122411&js=st_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-8.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
public
date
Mon, 25 Jul 2022 09:49:44 GMT
via
1.1 66114286e54efb82c700272100713f2e.cloudfront.net (CloudFront)
server
nginx
age
1522660
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
EWR52-C1
timing-allow-origin
*
content-length
739
x-amz-cf-id
72uuvclsB33Rrlm5J-wizBHwk-_kJLS0L5RXUy3m_IJMc7i5VQU7LQ==
expires
Wed, 24 Aug 2022 09:49:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C698 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080801&jk=1502070190005198&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers
dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
pagead2.googlesyndication.com/bg/ Frame 9138 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
234073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14301
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:46:11 GMT
generate_204
tpc.googlesyndication.com/ Frame 9138 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jIUyCA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 12 Aug 2022 00:47:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080801&jk=1502070190005198&bg=!jo2ljcnNAAa4hXTbmIU7ACkAdvg8Wji-6JWBpbH12JrGvrxo2-weRUXokRDIdUOj6nPvWe7yP4PI7QIAAACQUgAAAANoAQcKAE-8ITNAhYW_Goeow3FC2E5TEm7LbQRogoAQh2-htYwuaocv3Iu6hS4hGoW9PFWzurXnmO_wxg9l8KyuKMUBIOdAV1JUvzqSo4i31kh_ejIbmQKStw05q_nweLdAb113pygksOI-V1tAat_CZesr3d0fmptcSTfkfM9c4KbXq_znS5poM5fiMqjN6v85LL5peM6EUS9oDIpB59Tm8CNzoYnSUJKQkAMeXzmkYYTVK_5nXW-GT7LJfAwFam7cQEd034GxjdQi2VFOivdcD5nw3xcPPi4-ssFEOU2grRIKdxcprDF5syjwHrUiajvK99E-gL6qVTwVDVUY-sqqHikzuyvVO47MpXs-QYMM70SCUJ8oiiWucmpGCHXpgzyLbhK8ppmT6LDwM9syrtgy4IRbUAVKeYEJPzGtC61KKMCQyyKk69f4SRhyt24c19cXdrf5FxQmE1oASAzbDEgadyuY-FGaHRIMx9g2zWqi0ldu2jpezFggy4gNzpd3z5Eb7oH5xz8hPH4_sCLtI4DQYkzKij5SEDEZIBoViTi8S24imQFP4rHD8t3YZgq6pF_QYGwhUuIqWweDKdAKqglGFTQJdIiuWhQUeFc9_zuk7lO3Xxeyp8gccFlcDBraHOMnRAqYxksY4yHJxWkSLHgNBDog0ESaV5uIEC3D-bcO3JJqVHTmplwSkLnwzItK8RpPXbA2u46GZVKCj4uCX8M_CpJZnFlWxCKYCJhDaSi5xPJP_FLEidfx4TFgWlRl8vZ_I29v6PJdsDjLji3Ys9h1Wdl2wixRMcTwigm26HavNOJ1cdtOPIYBCY2jmKc_-5FDJ93o_nnv0ixITyuGgF1ZyEmMmpiX2UwrjPPr8MXlU2YHQK7goHJk9uzw9o_4RNChIsvDJEgZPy7XDbOFgnYgHUI2PcpNmjp_qvYOKgsPF2Wr-ZPotwA4sZBIKxs5CX32JuBxuI61WgHSS_ubj14JnRa8P6yzjXozdg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vov.vn/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers
all
csm.us.criteo.net/ Frame D1DD 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=2vK31BJ9tOZLVpLv3v4HFRmMlCBvDRIJXU5jahKr8uOuN66LR39oHYVP5fBULIjgr8lL4QV7PJM-IjNlwHZW8J30RnuVrPLm1xAs31HEW0MXOOAPm5kBWnVhwJKeJCEGsbQp8zaNad_6tYZbSzfRzvh0_CAcSAX-Abg9248C2wwiQOnUa8DJvQEG1D2kjK6YeHxo3L7trC-UO992qfNaSDos973RX2vBouSP15dYxmX5j3RI5VB21VSbCJpULtiWow313yS8F1ZbudTd&sds=2&rev=82415&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YvWjGAAO6pYAsxmNAAVoxR3eoZc2FLig6dttMg&u=%7C2bGmJe%2Bop%2B%2BZk6xaf%2BvEz177Ikj3PvdDlpf%2F5EnjLR0%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOgZOKQZuQnU9m_8DT4lzNfokLO7S6kNKBxT122rM37Vf711c_JmJ8BouhKC4mFt62QL417YE83AQaIsB_Sv-j4N0X2v77bIz65ZXdbfueAPLOxOFB5pE2B5Gw7S39sUmvixBaf0qBGfw_7iOQobk4F_6xBgoN06S2Pjl9qUB8a_C0yDLTle6G2IGPC-hpFjQcPKt3b8Thqh0l6HqXag60wVyb3FbRsT7ElPefVf06jO7ksa34SpZw8rf7iwlmq-oPsZ2ulBTKfOiOO65sf_ga8uTvpByjOHRd8K9P9ZgUI5GGWwCP7f-i7frzPvuhFWQhqn0AJPfTk5dmhv8KeVQyjLDMWVMoZdExEMjKDD2rsDS2JUFBj68JUSMS_fyIRFjiRG4aVUq1ZmjaGcc8l2_OR-TroGHTO9GSHD6XUfEgxI299aO7RF5ut_TXpoSspRzMCPLAtXukBhrORFAu_rAc2g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCydnhGKP1YpbVO42zzLUPxdGVkAKcge-wXJKat4ynAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODGgAazd_ugDyAEJ4AIAqAMBqgSKA0_QNuLPRRnYzA0Hm4nnvutJ3dBJf00QPAONIcmc1whkGar1ZONxVqoGd43j1v1TvKbed3PbrN_Au6gITVkDvDR4kc7Hq59Utw5EuLnZTDCP147nM27ioi1HD6vO_qsAwT2CPsrCC2N_-CwFZwVH9DhiE0RS9m1fOO9QsROi_WFqA1Sv4_F8bfYI3qTXu5aIG9T-XKNuQxlHolvvURQjbmI3YpTShSWrA4Zs3d_SPdjLGVsuoohb5ew-cQ5eEV1BfqS_oc2iInRjMndg-WUT9a7pg8RzWzJd8wYp1ANJH6r4ulQU-8xVlpDV4CTn1rTdM8nm4F0ebNG1VUdubxtUT70ZnjxaEPQc_rqqARrQfgCGIh0oFQdznlKBDSn09yqp1a09IMB8OcgX_6fwAcILeoS8kXaxlr3hSWlm9YWNIagKqHfIx7n7iME5sWuYPK9cfU3zXXQeh9uKf0XqENe6FQdV5lv7hZ6AIdJLT8nv_IZELSxeEcf1gOv18TSZF8coCOv7qpuGfVMZns7gBAGABuWFhIXq4qGu5AGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggOCIhhEAEyA4qCAToCgEDyCBthZHgtc3Vic3luLTI1MjY5MDM0MzMzMzI0MDj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2uU8V_wx-Rbgzd6WFRrIUUwmoUEw%26client%3Dca-pub-9058291854443881%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 12 Aug 2022 00:47:29 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
dc_oe=ChMIoZfS_4nA-QIVz-zICh3AgwgAEAAYACCeyJpTQhMInNKW_4nA-QIV7MvjBx1x8wAM;met=1;&timestamp=1660265253141;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5598 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoZfS_4nA-QIVz-zICh3AgwgAEAAYACCeyJpTQhMInNKW_4nA-QIV7MvjBx1x8wAM;met=1;&timestamp=1660265253141;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 00:47:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ps.eyeota.net
URL
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k--GZDgq2BgMou1tZZN2gaRWG1bxkymt-cYK5SqA&expires=30
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
Domain
partner.mediawallahscript.com
URL
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-kxR4_62BgMou1tZZN2gaRWG1bxlf7EBsNCvSSA&custom=&tag_format=img&tag_action=sync&custom=&cb=2c389abf-380d-40b1-a806-323569947267
Domain
ih.adscale.de
URL
https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-Lr_Rqa2BgMou1tZZN2gaRWG1bxkdSBc9LlnIdw&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__
Domain
r.casalemedia.com
URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-4dlZuK2BgMou1tZZN2gaRWG1bxlYftNs0YjWnA
Domain
ad.360yield.com
URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-9_U6862BgMou1tZZN2gaRWG1bxlPJX19EEMSxw
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-xgVfw62BgMou1tZZN2gaRWG1bxlC-PyxThkaDQ
Domain
exchange.mediavine.com
URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-HmBiKa2BgMou1tZZN2gaRWG1bxkaNNM1vzwvQQ
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-j6Halq2BgMou1tZZN2gaRWG1bxnMmd8h5IL4Qw
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-IaIunq2BgMou1tZZN2gaRWG1bxkb5E115pVASg
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-BQU2d62BgMou1tZZN2gaRWG1bxmthMC7PKRBDQ&expires=30
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-bNVC3q2BgMou1tZZN2gaRWG1bxk6xTfThj3Dkg
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-v_6Wwa2BgMou1tZZN2gaRWG1bxmCrMLS20lS5A
Domain
sync-t1.taboola.com
URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-G_teD62BgMou1tZZN2gaRWG1bxnmyvPGawuqKw
Domain
criteo-sync.teads.tv
URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-BKy4iq2BgMou1tZZN2gaRWG1bxmpwMFGoeDOKg
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-P8K0L62BgMou1tZZN2gaRWG1bxlHD9kMloeBOw&dongle=013b
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-dxsDFa2BgMou1tZZN2gaRWG1bxl5qSIZmccuXw
Domain
ad.yieldlab.net
URL
https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-wf00xK2BgMou1tZZN2gaRWG1bxn884yeHO60QQ
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-q7CEga2BgMou1tZZN2gaRWG1bxkebcXuvaHa6g
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k--rS9k62BgMou1tZZN2gaRWG1bxlxp--TtNJt3A
Domain
gum.criteo.com
URL
https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-PubMJq2BgMou1tZZN2gaRWG1bxkd1Nw4LCfycQ
Domain
matching.ivitrack.com
URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-ap76-62BgMou1tZZN2gaRWG1bxm2vBoYdxKf-Q
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/362338.gif?partner_uid=k--6l9Y62BgMou1tZZN2gaRWG1bxnuuFehA8eESA
Domain
c.bing.com
URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-vZsQ562BgMou1tZZN2gaRWG1bxnaolPKozYGwA
Domain
jadserve.postrelease.com
URL
https://jadserve.postrelease.com/suid/1017?vk=k-1lc8Oa2BgMou1tZZN2gaRWG1bxlSSDASNCZwkQ
Domain
gum.criteo.com
URL
https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
Domain
gum.criteo.com
URL
https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
Domain
ad.yieldlab.net
URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-wf00xK2BgMou1tZZN2gaRWG1bxn884yeHO60QQ

Verdicts & Comments Add Verdict or Comment

219 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer function| $ function| jQuery function| openInChrome function| isAndroid object| googletag object| sas object| adloox_pubint object| anymindTS function| startAnymindTS object| PWT object| atspbjs function| get object| __core-js_shared__ object| Base64 object| ZaloSocialSDK object| _zap object| CryptoJS object| jwDefaults object| webpackChunkjwplayer function| jwplayer object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __buffer function| onYouTubeIframeAPIReady object| gaGlobal object| atspbjsChunk object| _pbjsGlobals function| _toConsumableArray function| domready object| drupalSettings object| drupalTranslations object| Drupal object| picturefillCFG function| picturefill number| uidEvent object| bootstrap function| Chart string| vovAccountLoginUrl object| gaplugins object| gaData string| txt function| postscribe number| blockedPercentForAddtlConsent number| numberBetweenZeroAndOne boolean| isBlockingAddtlConsent boolean| sas_blockAddtlConsent object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode function| owpbjsChunk object| owpbjs object| ucTag object| OWT boolean| ptmTrackedUser object| PSTNativeSDK object| ggeac object| google_js_reporting_queue function| setCookie function| getCookie function| createGeoRestrictionCookie object| PushtimizeSDK string| _za_version object| ZA boolean| R boolean| O boolean| z_tpv_ undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| AdSlotCollection boolean| __isGoogleAllowed object| pbjs325474 object| pbjs325474Chunk object| ADAGIO object| regeneratorRuntime object| ox_esp object| pbjs function| lotameIsCompatible function| sync16589_c function| sync16589_d undefined| sync16589_e undefined| sync16589_f undefined| sync16589_g function| sync16589_h object| sync16589_j function| sync16589_k function| sync16589_l object| sync16589_ object| sync16589_la function| sync16589_a function| sync16589_b function| sync16589_i function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_aa function| sync16589_q function| sync16589_r function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_ba function| sync16589_ca function| sync16589_v function| sync16589_da function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_ea function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_fa function| sync16589_J function| sync16589_K function| sync16589_ga function| sync16589_ha function| sync16589_L function| sync16589_M function| sync16589_ia function| sync16589_ja function| sync16589_ka function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Z function| sync16589_Y function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_4 function| sync16589_5 function| sync16589_ma function| sync16589_3 function| sync16589_7 function| sync16589_6 function| sync16589_na function| sync16589_8 function| sync16589_oa function| sync16589_9 function| sync16589_pa function| sync16589_$ function| sync16589_qa object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_126 object| Criteo object| Criteo_identitytag_126 function| __esp_getUID2Async object| __uid2 object| GoogleGcLKhOms object| google_image_requests

112 Cookies

Domain/Path Name / Value
vov.vn/ Name: vovnews
Value: 302745fb96244001f625c2120446ef5f
.vov.vn/ Name: _ga_R0R7MNMHTC
Value: GS1.1.1660265238.1.0.1660265238.60
.vov.vn/ Name: _ga_9VC6FCZGVJ
Value: GS1.1.1660265238.1.0.1660265238.60
.vov.vn/ Name: _ga_VQWXBHQSVE
Value: GS1.1.1660265238.1.0.1660265238.60
.vov.vn/ Name: _ga
Value: GA1.2.1875797282.1660265238
.vov.vn/ Name: _gid
Value: GA1.2.1858486193.1660265239
.vov.vn/ Name: _gat_gtag_UA_309591_8
Value: 1
.vov.vn/ Name: _gat_gtag_UA_172506091_1
Value: 1
.aj1559.online/ Name: UUID
Value: f9a1da6a-084a-5014-a2fd-19aa1dbb8884
.facebook.com/ Name: fr
Value: 0WsE7R1XMweOvT5OK..Bi9aMW...1.0.Bi9aMW.
.vov.vn/ Name: _pubcid
Value: 28888a74-265d-43ee-a5ad-2ca3beb71829
.aj1559.online/ Name: ucv
Value: 509-US-1660351639110-24--
vov.vn/ Name: __oagr
Value: true
.id5-sync.com/ Name: id5
Value: d19fccb8-2223-4f16-b59d-c3290d26efc1#1660265239419#2
.id5-sync.com/ Name: callback
Value:
.smartadserver.com/ Name: pid
Value: 6887161019344777123
.smartadserver.com/ Name: TestIfCookieP
Value: ok
vov.vn/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.vov.vn/ Name: _sharedID
Value: 3bb12b69-74d3-4975-9542-9d70c298413b
vov.vn/ Name: XSRF-TOKEN
Value: eyJpdiI6IjJqM3lLeXVtNG5UU3pxTTV1WkpGUEE9PSIsInZhbHVlIjoicEtNeWUzMTBjMjV4cGg2T2s3OGJBOWFadXJnOVRzT1dFbEFBTnVObmYwQzRJYzVPdmZKR2tOa3dTd2YxUnNaeDVxZ29IbU5mSmZmb3k5WXJBWmZ1UkNVUmZuTHVYTThqZ005VjQvZDg3ZWcvbjB5Ylo2Y2puRnZ2S2Q3UGhWQVEiLCJtYWMiOiI0ZWExZmI2YjFlOTdmMzFjMTFlY2Q3NTQwMTdmM2ZjOTFhYTA5MjQzNTA5NWFmMWIzYjk4MmM5ZDQ4NjZiNzUwIn0%3D
vov.vn/ Name: bao_dien_tu_vov_session
Value: eyJpdiI6IkxDMkhaNkhmK0hJbUEyNWd0aVMvZkE9PSIsInZhbHVlIjoicmtiVHdRd2N5bzNXMkh1aS9sdlBjNW1HZzRFemgrblVya1kxbXZxa1BPWkc4a3J3NHFSbUxjL1pPemoxWnNlL1F2QTRMaDFKU0JtM0R6TExDRzJsaFZQbUtpR1pEM1ErUFRqL0JRNzVsQTVjNUE3ejZ0NCtuV3N3bERmMGk4WjEiLCJtYWMiOiJkYTk2YTUwZGNhZGY5MmZiNmNlNzMwZjUxM2FiM2I4MWU4ZWRkMjFmYWM1M2NkMzY5MjYwYjMzNjMyY2E3MTI5In0%3D
.adnxs.com/ Name: uuid2
Value: 7186466054594036066
.zalo.me/ Name: __zi
Value: 2000.V8NuhfuC0O0wsBsfdmuEWJdQzwoR2qA2ETdrgfqDI8y.1
.vov.vn/ Name: __zi
Value: 2000.SSZzejyD3j4znFsZYmzQptFAvU7N7L3HOOZtzyKI3jbXnhBmn101s6B4-FN05KtROiVwyyOJHzO.1
.openx.net/ Name: i
Value: 808cde3f-db8e-4b22-b75f-41f4e2a150a2|1660265240
.doubleclick.net/ Name: IDE
Value: AHWqTUkRnylUIysdqktYAOjAepSMZajREU0wQnSoGT0p2daD5buKe28zb_tnBg7-wSY
.openx.net/ Name: pd
Value: v2|1660265240|vMgakWgyiK
.mathtag.com/ Name: uuid
Value: b31562f5-a319-4300-b731-d61b689c0963
.adasiaholdings.com/ Name: TestIfCookie
Value: ok
.adasiaholdings.com/ Name: TestIfCookieP
Value: ok
media.vov.vn/ Name: ff2dc2da0eeba9fc31882deab663ef30
Value: cf85063df52f1cde73db93a3d90a7f6a
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: c6956adb94bb1eb657e0d3a318e3149a
.casalemedia.com/ Name: CMID
Value: YvWjGXEaGrshXuHbOhvpzwAA
.casalemedia.com/ Name: CMPS
Value: 102
.casalemedia.com/ Name: CMPRO
Value: 102
sp.zalo.me/ Name: zshare_data
Value: eyJ1cmwiOiJodHRwczovL3Zvdi52bi90aGUtZ2lvaS9oby1zby9hemVyYmFpamFuLXRhbS1kaWVtLWNoaWVuLWx1b2MtZGF1LWtoaS1jdWEtbXktdHJvbmctYm9pLWNhbmgteHVuZy1kb3QtdWtyYWluZS1wb3N0OTU4NDQ4LnZvdiJ9
sp.zalo.me/ Name: zshare_oa
Value: undefined
sp.zalo.me/ Name: zclient_version
Value: 2
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YvWjGQAFwv6fIQBC
.criteo.com/ Name: uid
Value: ab5a9e8e-831f-4809-8cff-5114f87d08e9
.vov.vn/ Name: _cc_id
Value: c6956adb94bb1eb657e0d3a318e3149a
.vov.vn/ Name: panoramaId_expiry
Value: 1660870041152
.vov.vn/ Name: panoramaId
Value: a6711a9d4b362f987a6e9bedaaff16d53938882906746a561997ca75de6d045c
.yahoo.com/ Name: A3
Value: d=AQABBBmj9WICELn9fyA3-DjEZAvxyFNccvkFEgEBAQH09mL_YgAAAAAA_eMAAA&S=AQAAAuHpOiByEZ85mSrnAxpG4rg
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GUfFG4!i!@wnfH8K6pQK`!5=E<*L5?%K15+:29:.[ZE3M<`5ZrS+ceU32VC][%%G]cwc*bpRz*qF1`*b^A%)vKA+
.adsrvr.org/ Name: TDID
Value: 3d22c16a-ce31-46f0-ba9c-0283881e2ab7
.vov.vn/ Name: __gads
Value: ID=ce9a5568348d06c7-22bdede11eb40002:T=1660265239:S=ALNI_MaCjjJP1ixdsL7V0kPudMsCxNiG1g
.vov.vn/ Name: __gpi
Value: UID=000006edd1567f60:T=1660265239:RT=1660265239:S=ALNI_MY7X5EkfoL9SexZ_WqhrwR6-NMN7Q
vov.vn/ Name: pubmatic-unifiedid
Value: %7B%22TDID%22%3A%22fda21313-341d-4d28-a07e-157a64c4ed94%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-12T00%3A47%3A21%22%7D
.openx.net/ Name: univ_id
Value: 537072971|3d22c16a-ce31-46f0-ba9c-0283881e2ab7|1660265241626590
.rubiconproject.com/ Name: khaos
Value: L6PR22KS-S-9986
.adasiaholdings.com/ Name: pbw
Value: %24b%3d16920%3b%24o%3d23110%3b%24sw%3d1600%3b%24sh%3d1200
.adasiaholdings.com/ Name: vs
Value: 272915=5054447
.adasiaholdings.com/ Name: pid
Value: 4439413278513721288
.adasiaholdings.com/ Name: sasd2
Value: q=%24qc%3D1311284246%3B%24ql%3DHigh%3B%24qpc%3D33144%3B%24qt%3D152_581_33100t%3B%24dma%3D528&c=1&l=-2054882845&lo=1090010158&lt=637958620416199770&o=1
.adasiaholdings.com/ Name: sasd
Value: %24qc%3D1311284246%3B%24ql%3DHigh%3B%24qpc%3D33144%3B%24qt%3D152_581_33100t%3B%24dma%3D528
.trackpush.com/ Name: _ud
Value: 62f5a3173ea0c1dbf86f9140
.adasiaholdings.com/ Name: Trk0
Value: Value=1492332&Creation=12%2f08%2f2022+00%3a47%3a21
.bidr.io/ Name: bito
Value: AAARd07F60YAAA99VNYjCQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCLzp1IDIgf46EAUYBSACKAIyCwjQw_Sj3oH-OhAFOAE.
.vov.vn/ Name: cto_bundle
Value: u_Oud19mNDlGb3U5TTBYZHVZTnR0dFBFUnM1SkhiZjdaaTRYbllEZHRvcmlGU3J2VSUyRmZ0Wmo4OThCdWJiVkZQMlJRWFpnZHNVTXZWRUduZ0dhNWZvZzVFQ3Zka2hwWXVXNmJsQWpXQWdjUkRKWGFvcTdwTm9DSVlQTW4lMkJaS2ZNVlZ5OTU5dHNjWmJCbWJPa3g5Q3FsN2g3SzhnJTNEJTNE
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.rlcdn.com/ Name: pxrc
Value: CJrG1pcGEgYIkLwrEAA=
.agkn.com/ Name: u
Value: C|0AAAqiF-aKohfmgAAAAAA
.agkn.com/ Name: ab
Value: 0001%3AYlgo0Ey7wNiPzw%2F%2B8auBT9sr52q%2BljwW
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&57c8b025-1353-4d6b-8be6-53bf1b04b421"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2678:u=1:x=1:i=1660265242:t=1660351642:v=2:sig=AQEkgf1aHCdwwJAP65lpqIsqFRpCtdT5"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-IaIunq2BgMou1tZZN2gaRWG1bxkb5E115pVASg&KRTB&23144-uid:k-IaIunq2BgMou1tZZN2gaRWG1bxkb5E115pVASg&KRTB&23286-uid:k-IaIunq2BgMou1tZZN2gaRWG1bxkb5E115pVASg&KRTB&23287-uid:k-IaIunq2BgMou1tZZN2gaRWG1bxkb5E115pVASg
.pubmatic.com/ Name: PugT
Value: 1660265243
.adform.net/ Name: uid
Value: 4031305998091369521
.casalemedia.com/ Name: CMTS
Value: 569
.smartadserver.com/ Name: csync
Value: 79:k-v_6Wwa2BgMou1tZZN2gaRWG1bxmCrMLS20lS5A|111:ID5-ZHMOFnirRCHVh0Rre7s39FKNA_DTu9SyLsFI__c1vA
.amazon-adsystem.com/ Name: ad-id
Value: A2lJtYUvy0DRs1T9lTK1NYg
.360yield.com/ Name: tuuid
Value: d087fe4e-c691-4c8a-8130-f4e8e59f14e0
.360yield.com/ Name: tuuid_lu
Value: 1660265243
.sharethrough.com/ Name: stx_user_id
Value: 3a68f371-a75b-4d01-a238-763ca02fa4fa
.bidswitch.net/ Name: tuuid
Value: 8bad396c-0f84-4a13-a712-70d58596bd3a
.bidswitch.net/ Name: c
Value: 1660265243
.bidswitch.net/ Name: tuuid_lu
Value: 1660265243
.media.net/ Name: visitor-id
Value: 3032668431523881000V10
.media.net/ Name: data-c-ts
Value: 1660265243
.media.net/ Name: data-c
Value: k-xgVfw62BgMou1tZZN2gaRWG1bxlC-PyxThkaDQ~~3
.taboola.com/ Name: t_gid
Value: bea9f98d-665c-4be6-b79d-669719e38a73-tuct9ef289b
.adscale.de/ Name: uu
Value: d4420e06667c4b52bed013c044e981c6
.adscale.de/ Name: cct
Value: 1660265243379
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22542da020-19d8-11ed-859b-53fe2a64183c%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: mv_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%22542da020-19d8-11ed-859b-53fe2a64183c%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-HmBiKa2BgMou1tZZN2gaRWG1bxkaNNM1vzwvQQ%22%2C%22version%22%3A%22criteo%22%7D
.rubiconproject.com/ Name: audit
Value: 1|3F04pPTuHSdWLD2WyxsqIWoDETJMNUhHoBFGG9KmL388fCYmOTvXgyxoWgdvRKLcHBMTh3Ft4KOSvQYf+1wo+hu+wyJJwuUpJrkl/Ijuw2ZSutZwnyYshtAPlTu0R9RN
.rlcdn.com/ Name: rlas3
Value: rsguCLhE1ixZDUdf2zsFFQOV2mL7LMNflow1o9ujN5s=
.3lift.com/ Name: tluid
Value: 1146391568763049938519
.id5-sync.com/ Name: 3pi
Value: 2#1660265240535#149402938#7186466054594036066|3#1660265241102#-673465593#b31562f5-a319-4300-b731-d61b689c0963|102#1660265239962#348352289|264#1660265241636#1342220962#3d22c16a-ce31-46f0-ba9c-0283881e2ab7|104#1660265243526#48#0|10#1660265243214#936614604#4031305998091369521|155#1660265242439#7394597#AAARd07F60YAAA99VNYjCQ
.bing.com/ Name: MUID
Value: 20264EF53AD566B4192E5F0B3BB967C4
.c.bing.com/ Name: MR
Value: 0
.analytics.yahoo.com/ Name: IDSYNC
Value: 18zh~26jc
.postrelease.com/ Name: visitor
Value: 0ce32cdd-c1ec-422f-bc5d-499374688c22
.postrelease.com/ Name: status
Value: 0
.omnitagjs.com/ Name: ayl_visitor
Value: 7c7641193156f66edfde40e1fc0a5a35
.teads.tv/ Name: tt_viewer
Value: b55ba1c1-5c62-49f7-8eb9-8601552d6ddf
.eyeota.net/ Name: mako_uid
Value: 1828f852579-659d0000010a4e29
.eyeota.net/ Name: SERVERID
Value: 20009~DM
.yieldlab.net/ Name: id
Value: c5cc8041-9163-41ea-8eca-761bc7661f3f
.socdm.com/ Name: SOC
Value: YvWjHMCo5sIAAJjJy7YAAAAA

31 Console Messages

Source Level URL
Text
other warning URL: https://f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-IaIunq2BgMou1tZZN2gaRWG1bxkb5E115pVASg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-4dlZuK2BgMou1tZZN2gaRWG1bxlYftNs0YjWnA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-v_6Wwa2BgMou1tZZN2gaRWG1bxmCrMLS20lS5A
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-BQU2d62BgMou1tZZN2gaRWG1bxmthMC7PKRBDQ&expires=30
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-9_U6862BgMou1tZZN2gaRWG1bxlPJX19EEMSxw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-bNVC3q2BgMou1tZZN2gaRWG1bxk6xTfThj3Dkg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k--GZDgq2BgMou1tZZN2gaRWG1bxkymt-cYK5SqA&expires=30
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-xgVfw62BgMou1tZZN2gaRWG1bxlC-PyxThkaDQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-G_teD62BgMou1tZZN2gaRWG1bxnmyvPGawuqKw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-j6Halq2BgMou1tZZN2gaRWG1bxnMmd8h5IL4Qw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-Lr_Rqa2BgMou1tZZN2gaRWG1bxkdSBc9LlnIdw&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-HmBiKa2BgMou1tZZN2gaRWG1bxkaNNM1vzwvQQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k--6l9Y62BgMou1tZZN2gaRWG1bxnuuFehA8eESA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-kxR4_62BgMou1tZZN2gaRWG1bxlf7EBsNCvSSA&custom=&tag_format=img&tag_action=sync&custom=&cb=2c389abf-380d-40b1-a806-323569947267
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-P8K0L62BgMou1tZZN2gaRWG1bxlHD9kMloeBOw&dongle=013b
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-vZsQ562BgMou1tZZN2gaRWG1bxnaolPKozYGwA
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-dxsDFa2BgMou1tZZN2gaRWG1bxl5qSIZmccuXw
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://jadserve.postrelease.com/suid/1017?vk=k-1lc8Oa2BgMou1tZZN2gaRWG1bxlSSDASNCZwkQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k--rS9k62BgMou1tZZN2gaRWG1bxlxp--TtNJt3A
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-BKy4iq2BgMou1tZZN2gaRWG1bxmpwMFGoeDOKg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-ap76-62BgMou1tZZN2gaRWG1bxm2vBoYdxKf-Q
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-wf00xK2BgMou1tZZN2gaRWG1bxn884yeHO60QQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-q7CEga2BgMou1tZZN2gaRWG1bxkebcXuvaHa6g
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F0%2F9.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-PubMJq2BgMou1tZZN2gaRWG1bxkd1Nw4LCfycQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network error URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-wf00xK2BgMou1tZZN2gaRWG1bxn884yeHO60QQ
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ad.360yield.com
ad.yieldlab.net
ade.googlesyndication.com
adnetwork.adasiaholdings.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.criteo.com
adservice.google.com
aj1559.online
ajax.googleapis.com
analytics.google.com
anymind360.com
api.trackpush.com
bcp.crwdcntrl.net
beacon.sojern.com
button-share.zalo.me
c.bing.com
cat.va.us.criteo.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdnjs.cloudflare.com
ced.sascdn.com
choices.trustarc.com
choices.truste.com
client.trackpush.com
cm.g.doubleclick.net
cmp.optad360.io
connect.facebook.net
contextual.media.net
countervov.emitech.vn
criteo-sync.teads.tv
csm.us.criteo.net
d.agkn.com
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
exchange.mediavine.com
f7623173cd201968d42f66cbe97bc386.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.rlcdn.com
id.sharedid.org
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
jadserve.postrelease.com
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
media.vov.vn
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.mediawallahscript.com
pix.us.criteo.net
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prod.uidapi.com
ps.eyeota.net
px.ads.linkedin.com
r.casalemedia.com
rtb-csync.smartadserver.com
rtb.va.us.criteo.com
s.amazon-adsystem.com
s0.2mdn.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
sp.zalo.me
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.outbrain.com
tags.crwdcntrl.net
tg.socdm.com
tinnhiemmang.vn
token.rubiconproject.com
tpc.googlesyndication.com
ui-avatars.com
ups.analytics.yahoo.com
us-u.openx.net
user.trackpush.com
visitor.omnitagjs.com
vov.vn
widget.va.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
za.zalo.me
za.zdn.vn
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
c.bing.com
contextual.media.net
criteo-sync.teads.tv
eb2.3lift.com
exchange.mediavine.com
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
ih.adscale.de
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
partner.mediawallahscript.com
pixel.rubiconproject.com
ps.eyeota.net
r.casalemedia.com
rtb-csync.smartadserver.com
simage2.pubmatic.com
sync-t1.taboola.com
sync.outbrain.com
tg.socdm.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
x.bidswitch.net
104.18.18.126
107.178.244.119
113.164.27.165
113.164.27.169
120.138.69.5
13.33.60.8
141.95.98.66
142.250.65.162
142.250.80.66
142.250.80.98
142.251.40.162
143.204.146.36
143.204.146.97
15.197.193.217
151.101.130.49
157.245.193.86
18.225.2.19
2001:4860:4802:34::181
212.124.124.8
23.106.127.48
23.215.130.57
23.73.244.44
2600:1f18:4e9:5a02:6caa:c6ef:9a61:2678
2600:9000:202c:5e00:6:b871:4f00:93a1
2600:9000:202c:fc00:11:a4de:2580:93a1
2600:9000:2140:1200:1:a3fa:7cc0:93a1
2600:9000:2140:a600:19:fc2c:a140:93a1
2606:4700:10::6816:3456
2606:4700:20::ac43:4b78
2606:4700:3033::6815:2c03
2606:4700:3037::6815:5492
2606:4700::6810:5614
2606:4700::6811:190e
2607:f8b0:4004:c09::9d
2607:f8b0:4006:807::2006
2607:f8b0:4006:809::2008
2607:f8b0:4006:80b::2002
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::2004
2607:f8b0:4006:820::2003
2607:f8b0:4006:822::200e
2607:f8b0:4006:824::2003
2620:100:a001::24
2620:100:a001::3
2620:100:a001::c
2620:1ec:21::14
2a02:2638::3
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:400::645
34.102.146.192
34.120.135.53
34.98.64.218
35.190.60.146
35.244.159.8
49.213.114.132
49.213.114.149
52.46.151.131
54.200.17.135
54.221.252.20
54.239.38.253
68.67.160.24
69.173.151.100
69.192.109.53
74.119.119.137
74.119.119.139
74.119.119.147
74.119.119.149
74.119.119.150
00092b0d6e5aa54f1314d7898a272f74df9a427b8761d94c21d31578376422c0
02e7f29c695147a6fcc6d20350674e4256ad448a80a5864668f52428e47579df
05aed07cc2a3c9ebe2bf2634c7524a0bca04f6a254d5430e51a3e95b8e34ad82
08160b2fae845f7711922ce4d5b650749d42d3ae2ee6293aebddaffd073026eb
08b86397e087dba0f354e4279d8e957549335a8384cbb11e9381128f23ae40cd
091bc02923ad7733a72ffafd4bd76c2570dfd08b0757265351e5b0fe88aedb00
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
094b946adc39ade08f6d927ea066c8fef3ba6ee5c12919873172315ef7428e92
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09f6c540cd8cf2cf4369dd646e360e739c249381dac861f09a969666e4e5521e
0a33d6ab75f6282378f5009e2c25a6c4690d93d57f265eab8a73c1b8c303afee
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d4f6e28cf855271fabcd5fccb24e71ef842e3ffa3c33795d9ddd9d3a1e3a46b
0e896a9ce169c81f8d886ecf76bcda49010dccf1d2634bfce20d6ab972b48207
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e452924943513493a66c2c1b0e5b164299c249107199b1892dae689c51b860
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13130f2c1739d29b57a8a37d990f3f3771ca3a48f04ce2075210ba786f9829a0
138eff238a16b6723cdb21ad585d1bf21cefc1dec75098248d969c738af7d18c
1397086e5f05778b21d202ada07928f84fe1414e07723bd56399759302c009a8
1442ced39052938f4c9efda468770d373f8a5a3c8827763c652a9cb40400b63a
16b4c4ae30c6809bf7f077dd66b809c0087d5776694150785f79ab9df83a7b5a
179d24471f149868157b3b0ab265d6cc20c30f0e395d84dc1ca558185d6776ad
1f0d7a00a828fe1f8853436d4c8881a2e4d40f7a9bb3311c0b2111776b8a73f4
20edc379e39d60fe077b2cffad678c37686f5a2984cda7cb0ad424232484b67d
227fff75c4236d888dd7f5b7bdb52a1f7128ce90ca02e6e2b4c33a501ea4c89d
23c485d96b9f384454774e7005a86bf3a5648a04909714e6ee383abab7d61706
24450ce9779c59ea2b478c9d457988c98a3b21b9a6d3f09834d1dc053a9c025e
24e1357326ece12aba01dd718a9b7af4f14d6e259ff0ddc22c6af015e62cffe8
283c6e49992d2a00cc6e9eb88668b65be994b1c6e907dc561854869c21fa8251
28a10ec7cb172ca7b3c233179d156c3f28bdef7894887f398b34cc6033ee5c98
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2cc1708731e55999264676de244e2fa3e46ff00878ddda5a3851d3d27eefb836
33ce37d3dbf835d583fbe3fbd41f3630787233cb7ecd8fee2d062337bc2fb65b
3465c0ab339a6c551fe0d3a648e91e3afacbeff5d0ab12502975b678d8fce951
37f7c4b38a64b435ed6905a19bcef83630ee35ed6d67ddbe95e9bb9c9f4b305f
3a482fa256d60f77147c02d3e17ae7aa8662601bd2aa6bef45801c825551e665
3b6da44a698ee6beff0605081def139725a34763c80763ac748282bdda94ecae
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
433eedd2f9e1d5a257fcce47fa5b22c6cfd84d18b935a56c9233c87a95e74e5f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4558c6668f5488d3c9ed65d6251adb5fe395013ac380b6dc9b1aea464f196e3a
45693020ac3f96be6edffd4956b0b6652ef6a9a8dbb1d15da533c0c6d3186934
45b768273b3c795be7781f07da7628e3b1edaf629833faa6eb30abf61a7d9416
46bba724b52b1778093c656c4f694418208e69c34b2c8fe9f5202a509a725a9a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4df10b7d1db5df596b1c43fca336d7ec9d0c112dd8969d009ca13bb51437c7d5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
50318eb78e0128f216af4f358ba85c43373351893efa2f682320690c0ef8499b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53bb483556a32347d9608c848248b33abb64562623e11a9e25a31faa515e5889
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
550284aa93c332926cc637979a6d785cbe00162ee87e1b0fcd568db13a1bc645
554160b62a960045c1bda9836106bb92734b5c7a77b3210b330e24c026328cb7
55961159113ecea7dead45a069f3facb65718142777c24f7116aab659e0605a1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5c2a8a5dbe48a5c3662ee74f56b39cfd84ec88fee38d826dc56c0a399e25934d
5d9a4ca0188d78f1cc6eb5ad0033760e1786ca08a50215ac469df1d273571d05
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6332ba57848f230dceb8ca8fdaaec27ceda6ec9813d08d9cc25724263d5a33a8
6356c51df7acc5561abc7b82f4ec4df73009c61aaa94499272e581fb0104b7fd
641ffdad946e12b70cf1dce2ee83b83096ff76a5d2553067fc75ffc42ee8dea2
6433fd5bc6f057d1db3a5d3f04a64f56295dbcefc44675ad56889ec9a88181db
665e3d3fe9cde96c776cab7c48dc512c106699fe910a29eacdb7b5427cd260cc
66f197b9ed598c58a68c1a7fbcba1ef703506a90f96699a9971cb3e51108d90a
677485a2d891e5bf42d7479286519fcf95e123aab28c1bb88f8f97949dc1b413
68d268d6f427356cb91bc75cfb06c6c54a8dfc2e2ec5ca8fab8b0f1e9542be2e
6a49235d2b9eea91b2c07354015ee12542e88b3275fbc9f6f2cc4aa2eef6cbea
6aaf48d2d9688c5b92c360067a99f88c9041b9f9a9261cfff346fc5426a6db98
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb6186db1cae0f4695d7d1ed3907c754a820588373edbf4e49ca577e99f6156
6cda16e3ee56dbd7bcaa8378a128ff67a72fbb6ef90163c13cdbc29e5437fc7c
6d4f2336f8e07d11dd3faf5ddaa4a30544fa03fd4f6019b03c0002536c6487ca
6d4f4d25669afed7b3dd615c9bf3a8b09e88385b3f6603cfde489305129b5c2a
6eb8c2bf3d0803d246756052088bc696d9d6fbdbec48f3f90491b14b076aa137
6f667ba6c4932c2393003a64ef56322a5cc9c7de1749d7c9c080d84de2d3b1df
709b80debdc7d3854c0128bed937490b2448e40492c99e40ab73bb2bf8c7b5a6
71a8a267f7ce056d32a57f8193ea03090a5afecfee854d51d7e68621799baf5c
71fec08136db4f39744016e39725613faa040db5da9f01cbcdf3b1ef6e5000d1
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
756747db3619ec2d34b02fa199a048b937bc3d207904ca8bafcb2cecca097a8f
75a101a7c3214c232948e4251501543cb799110b868d79c0d5e820add0de292d
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
79697badd9b84fcaf6ec314aebb5938b0075ed583d540b3f1d25b834bccbfedd
7c8f58b1dfea9a0bce0a79ebfe3ab0c6ef501406c9d9726364b0f2eda79526a4
7d0b66b37ca3971d9a388ec2d67f60ded0e6672eb87934927ea4a5c03c512129
7ffb0dbb90a9e85854728c9538784ffee4f42ba412e648f40b9107c900e0c813
80409232f9b582176708c318dcc20882d2a456174e693bbf882b242b870bf26a
806647740005d961ce28ec61f72cb3b5058b0bd81469c7273b5a7cc01eb7bd82
81953b50dce4d31c439aab8c6f427606b32720f3eedab411fbfd3b41b83ee507
820522831608c41ff97616151a4ac52dbd5f39a46f3029c2f5fc2717a1ccc261
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
844ed1e118884880682cb2a3d50fd7922e13fa9528b6a930237e1f9d999b5b8f
84aa56ff2645306720cc9a2b9fb7fede3f41d9adba7dd20dd638f56895ddb540
857559b2cf5e594aca06f430ddc82544e6eebf369ec3691da5c9b567f19d4c5a
8602f1e2bf75f91cda056da7bf9e9ba25840cdc28f7c327c442491be99c5d1db
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ad9b31f88cb684b50ce3cd7b0bc2aa31f778c80d9e3e992f2034bb14512b1e7
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
8e8ed04ad09fcc761a195c7392065e052ec02b1430a36208f038d81ed8b65ffc
8eabb639749e4e2476d1ce91349bb44a33057a256b2bb167f26645fd702ff84b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
926287d07b30027ab67c5f190cf0cafad7576f872cd3477428914a667c11e162
92bea222b7e18eecff86fa6b6f5a40dc17a12fcae38f7c5a86689d7d468d6f57
9302a19a0ed688404b8bf49f31bd4f6390787f5e722242d5adf98030b3e5738e
935a893f16da16e86d0317d745376706809bc854d59085b6f7cbfdf79a538ee5
95aebdfa8405045164cccc32879144a63e65c493145c6334c6f0f258e46960ff
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a443893c3a2c6ba1c570e5946c0651670ebd479058046447876febf44dd043b
9aeb68f8a96814f917a539620c6b7d1ae71a29efe9e5011948cbe442f9bece47
9b7a626aa9907df69a454ef83cd3605265ef2671522307c5ce21b0414abfe50a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a06e7217aebfa1b5eb5192cdfa50ebd6200b8f8920f426b6e6cefa13af2f8a67
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a21abaf28ad6c262161496d76b753ab3cd9c79fcbd1216616af064ebc99da410
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5a91afde6166339312821dabbb9d5825870be980b77446affe71ef1658d80f2
a5ad33a8eea9b09b6f523826ba2a52699b57c8add74fda41b2017120636bde36
a6832120b19605e15e913ddd291b579a8cbd204f719f368027bb9455457900a7
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac23c6c7d2317bf500f0b1c8c0226756fac3ea8cb4813bd4c602904e167b0829
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3f059a10320009dbf773739fdb02787855b5401976b56d1ef61182834db2c2b
b4398549a2b3ba87bd611171bf5e40d327e30171d2b5f6a6c9e837c5b720ab32
b56c7cd2dd9e00da12e5d10e117491c92734357a68c457364cacaeacddfe0655
b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686
b810929a6c76aaadf658d867b180fd8bc0063befe42d741585cf9434d15a28b6
b91ecf6675989f6762056cc0d43c1915f60b1a6307e1bfd9002c94a58350b152
b9ff86039d12c6b5563b49c5431ce341656a7638d6b661b6ea1c59920faffc34
ba0d2f917bdbd6aab3af59f6d173198050d93ca1dd3fcd33b051713cd88077fd
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bb669283a522410a777163d44a8b606d7111144ad08496c7295234662b0ba30f
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2dce64de0257ae3a561c6f0013aec6564c2e7b96bf31bdaa68025eacd218567
c33c514a08efaac4378c8e0bce260e0f83764c66a33eeea6a939592b6dab484b
c54704428b53bafd4cbb2402ac71762c255069a0128f0c0ce06907a5979ad34b
c79eacf289f2ab7d458b1a59e030358876c99b7c759c55581b68e6d0d6b36ab9
c81d785f56700f92e0f230f4f8d878a4be655c41a76081997fc9a2eaeefba021
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c9bfbc2b802937d34983a32a97f9703769f7dc7a9ffebbe99e186aeb5141add1
c9fa2e4b61048c9e857afd3378a315c2504c3a8d069814fa0d4be83ffa196a1d
cb5c1aa8b589dae32427518d4aeaf1d90aade457d593ad54e2ad7560d67e01a9
cd02260c5d4f77750ced52c982c33eb066d8d0d8e25eeee50ee5953e7a41f098
ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c
cf019a1e03162a3ab267c3dc07d7eb9b1ddb76ce703755c49a7ca9edbd1d87db
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d18cd5692009f8d58f89cefb2da7514c0de42cf5656f09ac3231a45b5b3759da
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d6a89e323e0a3aca09f48cd49872100a2365c0cd17d0d6d84223006ea0f5d6c6
d849288221174ddb470c576ae3d6fe17fbe7ce0e0616b605a5e07308338b404e
d90ffea8baa245bc7bf4b5885e044b5f321c95653893e75a6554e5821d4488bd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
df1468ce14b6f2557957f89fb427bddcc2ad08399dbf49c990c40da80cbde6e5
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1807f8f33c950be5256bbbb97e2cd9dda8cc0b1ab8adf74adc9466e69375d1c
e23aee776a26d9ee064536ce60329620ce3ac6ce24cd3be4989b69091b5cead3
e2e8812c842a9bc9445c56d5f3276a9f5b7cfd237e78f4244f69bc0636440fe0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e53b7810b06fdc55298ed37ccff63d13be3b140f18b865a340662ee59f632698
e739ec6ff84119fd2ff9afecbc11d963b9d742b2f49d5b7bb92172a21baf68ef
e839d8725520ca74b4e05179702b040d28dc2f7922e899c3d37cbafbf2e7e345
e8d146923563b38c695608590a6aea421e1a1f570001e894a1fd672dc2a50761
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
e92d29af4d84b8cf1e9988a032ed1ec1f5bb1542a2d00951bdf8835fdb4e4fe7
e9325b21c875d67182d7625737ff741790affa248b5544484f52e1a21726764c
ebcf1e8759c084d7337263d73019fb61f87c378c228bf7070256cd159230ceee
eeefc979d471d56bf055ad4baa0a9d8f663f32326b6d0171bb9b1737af25983c
eefaa14879f5fd613d2d80e13f058bb803e2749d6e25543648e0d9a14243fc45
ef123f43afbca3effb5b7c2302deace0dd1be5522271ac7f61af657c5710c387
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7369e4105cceda70b7262fffe694f592bc0362a42f051a0f4482971ca7aa05
f05a1e10b596ceed781ac97fea2ecdd9b3d84e3c0e7f6469368d6a7ddda6b4a1
f1355f4915842bc311d2823acfefeb10677d43af3e20c1af3fec642ce01bf988
f2aa2e2d8593bfe09b1b748fe5fe725d86b0a11ddd678c76c0bfc3a89f343401
f433a61da31c61163721e6d74eb04071eb9e80b2c2b08d8ae26be94136e503f8
f485263be3c0193e98a7928c3845b392b3e24c4a7e7fbad51367ed81f8519701
f78aff7d851b8a2bf97ce42193a5d28b91fbc5017e8dc9b91d9dc8fd2e030d13
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb
fa5df7bd56c1820436f0871bccc1dd8c5bf4250d46ff5e6f2ee901d5f32d21d9
fe971367304435d4ec562924c649882f0c9a93211a5811863fb85e92b2e81090
ffd295700beb834726042d3b7c849e3e787ca36fbf94235d198390ffa8dad6d8