urlscan.io logo urlscan.io
SecurityTrails logo

duhocnghelaitaumev.daytiengduc.vn Open in urlscan Pro
52.221.6.123  Public Scan

Go To Rescan Add Verdict Report
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Submission Tags: @phishunt_io
Submission: On October 02 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 42 HTTP transactions. The main IP is 52.221.6.123, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is duhocnghelaitaumev.daytiengduc.vn.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 2nd 2020. Valid for: 3 months.
This is the only time duhocnghelaitaumev.daytiengduc.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.221.6.123 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-6-123.ap-southeast-1.compute.amazonaws.com
duhocnghelaitaumev.daytiengduc.vn
1    2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2606:4700::6812:c44 (United States)

ASN13335 (CLOUDFLARENET, US)
w.ladicdn.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.74.169.98 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-169-98.ap-southeast-1.compute.amazonaws.com
static.ladipage.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f34.1e100.net
www.googleadservices.com
4    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    54.251.211.102 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-211-102.ap-southeast-1.compute.amazonaws.com
la.ladipage.com
1    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
spreadsheets.google.com
4    2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
10 w.ladicdn.com duhocnghelaitaumev.daytiengduc.vn
6 fonts.gstatic.com fonts.googleapis.com
5 www.facebook.com duhocnghelaitaumev.daytiengduc.vn
4 www.google.de duhocnghelaitaumev.daytiengduc.vn
4 www.google.com duhocnghelaitaumev.daytiengduc.vn
4 googleads.g.doubleclick.net www.googleadservices.com
2 connect.facebook.net duhocnghelaitaumev.daytiengduc.vn
connect.facebook.net
1 spreadsheets.google.com w.ladicdn.com
1 la.ladipage.com w.ladicdn.com
1 www.googleadservices.com www.googletagmanager.com
1 static.ladipage.net 1 redirects
1 www.googletagmanager.com duhocnghelaitaumev.daytiengduc.vn
1 fonts.googleapis.com duhocnghelaitaumev.daytiengduc.vn
1 duhocnghelaitaumev.daytiengduc.vn
42 14

This site contains no links.

Subject Issuer Validity Valid
duhocnghelaitaumev.daytiengduc.vn
Let's Encrypt Authority X3		 2020-10-02 -
2020-12-31		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
ladicdn.com
Cloudflare Inc ECC CA-3		 2020-07-13 -
2021-07-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2020-12-10		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://duhocnghelaitaumev.daytiengduc.vn/
Frame ID: 2A5B9A1FBFEE2E448F6B3C4692A61105
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

42
Requests

98 %
HTTPS

71 %
IPv6

13
Domains

14
Subdomains

14
IPs

4
Countries

636 kB
Transfer

1178 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://static.ladipage.net/source/notify.svg HTTP 301
  • https://w.ladicdn.com/source/notify.svg

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
duhocnghelaitaumev.daytiengduc.vn/ 		69 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.6.123 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-6-123.ap-southeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
b51ff54f22a8bb9933d3a0b885d39f036a698e1ff331f627ae2e8b098f9b3778

Request headers

:method
GET
:authority
duhocnghelaitaumev.daytiengduc.vn
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
openresty
date
Fri, 02 Oct 2020 22:50:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
set-cookie
LADI_CLIENT_ID=56afd407-3262-40be-75db-b13da2a6ca33; Expires=Mon, 30 Sep 2030 22:50:55 GMT LADI_PAGE_VIEW=0; Expires=Mon, 30 Sep 2030 22:50:55 GMT LADI_FORM_SUBMIT=0; Expires=Mon, 30 Sep 2030 22:50:55 GMT LADI_PAGE_VIEW=1; Expires=Mon, 30 Sep 2030 22:50:55 GMT LADI_CAMP_ID=; Max-Age=0 LADI_CAMP_NAME=; Max-Age=0 LADI_CAMP_TYPE=; Max-Age=0 LADI_CAMP_ORIGIN_URL=; Max-Age=0 LADI_CAMP_TARGET_URL=; Max-Age=0 LADI_CAMP_PAGE_VIEW=; Max-Age=0 LADI_CAMP_FORM_SUBMIT=; Max-Age=0 LADI_CAMP_BEHAVIOR_PAGE_VIEW=; Max-Age=0 LADI_CAMP_BEHAVIOR_FORMSUBMIT=; Max-Age=0 LADI_CAMP_CONFIG=; Max-Age=0
statuscode
200
content-encoding
gzip
css
fonts.googleapis.com/ 		6 KB
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:bold,regular&display=swap
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89b4930cd48933994574b0ac7f81cbede6f830b817b7a3a49eda3706259b633c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Oct 2020 22:50:55 GMT
server
ESF
date
Fri, 02 Oct 2020 22:50:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Oct 2020 22:50:55 GMT
ladipage.min.js
w.ladicdn.com/v2/source/ 		148 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.js?v=1591089450534
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39150436ef6dcec7f407c8b79f1b068705a48a7b31f31dbfca6fa18592a2f746

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:50:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5854044
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
058d1bf3e900001f19a72c9200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5dc1fc330a831f19-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 02 Oct 2021 22:50:55 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-874639274
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
18d027a83bad2a330c3a444f48f00f198316eaaff4e45e9b2ea3ac0ec314bfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:50:55 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36647
x-xss-protection
0
last-modified
Fri, 02 Oct 2020 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Oct 2020 22:50:55 GMT
notify.svg
w.ladicdn.com/source/
Redirect Chain
  • https://static.ladipage.net/source/notify.svg
  • https://w.ladicdn.com/source/notify.svg
2 KB
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/source/notify.svg
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:50:56 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5856852
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
058d1bf63100001f19a72f3200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5dc1fc36bf551f19-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 02 Oct 2021 22:50:56 GMT

Redirect headers

status
301
date
Fri, 02 Oct 2020 22:50:56 GMT
server
awselb/2.0
content-length
134
location
https://w.ladicdn.com:443/source/notify.svg
content-type
text/html
fbevents.js
connect.facebook.net/en_US/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23070
x-xss-protection
0
pragma
public
x-fb-debug
K21HsWzbotHC1vOHQLxRkRRs+WbfOAZBwmxXhkU5f77mkW5kmqANrWZAEr82BQv03kPJ98xJHHp+tl0Jc0nlmQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 02 Oct 2020 22:50:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://duhocnghelaitaumev.daytiengduc.vn
Referer
https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 18:28:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:11 GMT
server
sffe
age
274961
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12976
x-xss-protection
0
expires
Wed, 29 Sep 2021 18:28:14 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://duhocnghelaitaumev.daytiengduc.vn
Referer
https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 18:27:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:14 GMT
server
sffe
age
274977
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13324
x-xss-protection
0
expires
Wed, 29 Sep 2021 18:27:58 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRdu3cOWxy40.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRdu3cOWxy40.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e92ea8a036305feed6f43cf1ba9d37ae6ba4fc90236080ca3dce4299d5723d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://duhocnghelaitaumev.daytiengduc.vn
Referer
https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 18:34:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:13 GMT
server
sffe
age
274571
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12168
x-xss-protection
0
expires
Wed, 29 Sep 2021 18:34:44 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lujVj9_mf.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lujVj9_mf.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4c9d4f6fbcbe3b591646b902e33b914083d983374cf38cefcd6054ccc5dd3b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://duhocnghelaitaumev.daytiengduc.vn
Referer
https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 18:29:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:20 GMT
server
sffe
age
274905
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12352
x-xss-protection
0
expires
Wed, 29 Sep 2021 18:29:10 GMT
722683178143888
connect.facebook.net/signals/config/ 		235 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/722683178143888?v=2.9.27&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
abd956399615e25b177431c97506ae956b2112b9a9b11a4684f1fff29e813d6f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
YTBVBLgfBEYRzkpLAvJ9y1IBPg1KYZgCMhcLbcbdy4fIGqwzZA6z4WUCkJ1gS7gSE+L4yFIjSlEeX3L/5HvcYw==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Fri, 02 Oct 2020 22:50:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-874639274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f34.1e100.net
Software
cafe /
Resource Hash
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11311
x-xss-protection
0
server
cafe
etag
12833363978352728442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 02 Oct 2020 22:50:55 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmBdu3cOWxy40.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmBdu3cOWxy40.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00cc9a5d17cb76ff360d1ed18c4415c5732082e8b1bdfb083bdd786ca4f09f58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://duhocnghelaitaumev.daytiengduc.vn
Referer
https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 18:55:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:23 GMT
server
sffe
age
273326
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4572
x-xss-protection
0
expires
Wed, 29 Sep 2021 18:55:29 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qN67lujVj9_mf.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qN67lujVj9_mf.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c395dde83a7af5a77ddcc262356a69409d6e0edd9c6c586110014b78681580e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://duhocnghelaitaumev.daytiengduc.vn
Referer
https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 18:51:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:34 GMT
server
sffe
age
273568
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4672
x-xss-protection
0
expires
Wed, 29 Sep 2021 18:51:27 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/874639274/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/874639274/?random=1601679055976&cv=9&fst=1601679055976&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&tiba=Du%20h%E1%BB%8Dc%20ngh%E1%BB%81%20l%C3%A1i%20t%C3%A0u%20MEV%20-%20CHLB%20%C4%90%E1%BB%A9c&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6df1981a7ac6f5e6f2d1bb97079c0e0081dcf312c20f1471dc96d035ca72c7be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Oct 2020 22:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1078
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/874639274/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/874639274/?random=1601679055986&cv=9&fst=1601679055986&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&tiba=Du%20h%E1%BB%8Dc%20ngh%E1%BB%81%20l%C3%A1i%20t%C3%A0u%20MEV%20-%20CHLB%20%C4%90%E1%BB%A9c&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
460e868c52b379873e76548f9a38207c22aadbc7d6fb0682ed772403f6c8cd30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Oct 2020 22:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1079
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ladipage.min.css
w.ladicdn.com/v2/source/ 		59 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.css?v=1591089450534
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b12ba320d79744057a337087cb9fb09cec08a78576936f0c69bb44132823e0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:50:56 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2049833
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
058d1bf47c00001f19a72d0200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5dc1fc33fbc01f19-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 02 Oct 2021 22:50:56 GMT
truncated
/ 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff1d80eacdb7bfdf4dc9e2ebfb8238733fcf4085f4371cc0e9052877bd095a1b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
untitled-1-20191226072250.png
w.ladicdn.com/s350x350/5e045dd32786043be9d0ad95/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s350x350/5e045dd32786043be9d0ad95/untitled-1-20191226072250.png
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95542b000019acedd7f94c19b357facaa2b0e190f450f3b3444c2e309a2d182b

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:50:56 GMT
vary
Accept-Encoding
cf-cache-status
MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
058d1bf49800001f19a72d3200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5dc1fc342bf81f19-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 02 Oct 2021 22:50:56 GMT
mev-tex-group-logo-20200513110933.png
w.ladicdn.com/s400x350/5e5ddbd2b4f9193395eb9a71/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s400x350/5e5ddbd2b4f9193395eb9a71/mev-tex-group-logo-20200513110933.png
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83f11f49aaa8c8d5cfcc9fec08e922402f704e66ce2e41e0f6d45cfec6abac29

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:50:56 GMT
vary
Accept-Encoding
cf-cache-status
MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
058d1bf49800001f19a72d4200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5dc1fc342bfa1f19-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 02 Oct 2021 22:50:56 GMT
daniel-abadia-njq3nz6-5rq-unsplash-20200204043310.jpg
w.ladicdn.com/s768x672/5e045dd32786043be9d0ad95/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s768x672/5e045dd32786043be9d0ad95/daniel-abadia-njq3nz6-5rq-unsplash-20200204043310.jpg
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2375d74cbf51fc919e830c415293829609ea0affe5e7a9733c7bb8f3d04fa0fb

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:50:56 GMT
vary
Accept-Encoding
cf-cache-status
MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
058d1bf49900001f19a72d5200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5dc1fc342bfc1f19-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 02 Oct 2021 22:50:56 GMT
homeslider1_mev_arbeitgeber-20200513110947.jpg
w.ladicdn.com/s550x450/5e5ddbd2b4f9193395eb9a71/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s550x450/5e5ddbd2b4f9193395eb9a71/homeslider1_mev_arbeitgeber-20200513110947.jpg
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30d71d65f9584deb92c785b1e3076a3815008e05f6c23b434f02622af03479b8

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:50:56 GMT
vary
Accept-Encoding
cf-cache-status
MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
058d1bf49900001f19a72d6200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5dc1fc342bfe1f19-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 02 Oct 2021 22:50:56 GMT
img4158-07-09-19-05-13-rojn-20200527100721.jpg
w.ladicdn.com/s500x450/5e5ddbd2b4f9193395eb9a71/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s500x450/5e5ddbd2b4f9193395eb9a71/img4158-07-09-19-05-13-rojn-20200527100721.jpg
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bdf752a44aecf81888c10bde262086206f96aa523b776f52941d123daafbe18

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:50:56 GMT
vary
Accept-Encoding
cf-cache-status
MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
058d1bf49900001f19a72d7200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5dc1fc342c001f19-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 02 Oct 2021 22:50:56 GMT
rx1kq4aj20200504074932.jpg
w.ladicdn.com/s450x450/5e5ddbd2b4f9193395eb9a71/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s450x450/5e5ddbd2b4f9193395eb9a71/rx1kq4aj20200504074932.jpg
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b79d3dd23c2b8955c4f3f0f89bac8aa1b52e39d319c15c13e20aef18b1968128

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:50:56 GMT
vary
Accept-Encoding
cf-cache-status
MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
058d1bf49900001f19a72d8200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5dc1fc342c021f19-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 02 Oct 2021 22:50:56 GMT
/
www.facebook.com/tr/ 		44 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=722683178143888&ev=PageView&dl=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&rl=&if=false&ts=1601679056041&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1601679056040.661427220&it=1601679055888&coo=false&rqm=GET
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:50:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 02 Oct 2020 22:50:56 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=722683178143888&ev=ViewContent&dl=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&rl=&if=false&ts=1601679056042&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1601679056040.661427220&it=1601679055888&coo=false&rqm=GET
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:50:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 02 Oct 2020 22:50:56 GMT
check
la.ladipage.com/2.0/domain/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://la.ladipage.com/2.0/domain/check
Protocol
H2
Server
54.251.211.102 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-211-102.ap-southeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://duhocnghelaitaumev.daytiengduc.vn
Sec-Fetch-Mode
cors

Response headers

status
503
server
awselb/2.0
date
Fri, 02 Oct 2020 22:50:56 GMT
content-type
text/plain; charset=utf-8
content-length
0
values
spreadsheets.google.com/feeds/list/1WooUyvsvp3kGDhk-Yh4WjQfZX3fRJMoCL4CKdFUQ5qE/1/public/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://spreadsheets.google.com/feeds/list/1WooUyvsvp3kGDhk-Yh4WjQfZX3fRJMoCL4CKdFUQ5qE/1/public/values?alt=json
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.min.js?v=1591089450534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2d646fe2c2552d5478a6d1709dc18104f0125b9b80b089ffa622100341cf8db8
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-xvWQ1ocIEBmjfa5zs/aLHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://duhocnghelaitaumev.daytiengduc.vn
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
last-modified
Fri, 02 Oct 2020 22:50:56 GMT
server
GSE
x-frame-options
SAMEORIGIN
vary
Accept, X-GData-Authorization, GData-Version
content-type
application/json; charset=UTF-8
gdata-version
1.0
access-control-expose-headers
Cache-Control,Content-Encoding,Content-Length,Content-Type,Date,Expires,Last-Modified,Server,Transfer-Encoding,Vary
cache-control
private, max-age=0, must-revalidate, no-transform
content-security-policy
base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-xvWQ1ocIEBmjfa5zs/aLHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self'
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 02 Oct 2020 22:50:56 GMT
check
la.ladipage.com/2.0/domain/ 		0
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/874639274/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/874639274/?random=1601679056060&cv=9&fst=1601679056060&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&ig=1&data=event%3DScrollDepth_75_percent%3Bevent_category%3DLadiPageScrollDepth%3Bevent_label%3Dduhocnghelaitaumev.daytiengduc.vn%2F%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&tiba=Du%20h%E1%BB%8Dc%20ngh%E1%BB%81%20l%C3%A1i%20t%C3%A0u%20MEV%20-%20CHLB%20%C4%90%E1%BB%A9c&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b504639260d1e191066e30c8e5c54231b5beeb37232561328354844513d0f3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Oct 2020 22:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1136
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=722683178143888&ev=ScrollDepth_75_percent&dl=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&rl=&if=false&ts=1601679056062&sw=1600&sh=1200&v=2.9.27&r=stable&ec=2&o=30&fbp=fb.1.1601679056040.661427220&it=1601679055888&coo=false&rqm=GET
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:50:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 02 Oct 2020 22:50:56 GMT
/
www.google.com/pagead/1p-user-list/874639274/ 		42 B
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/874639274/?random=1601679055976&cv=9&fst=1601676000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&tiba=Du%20h%E1%BB%8Dc%20ngh%E1%BB%81%20l%C3%A1i%20t%C3%A0u%20MEV%20-%20CHLB%20%C4%90%E1%BB%A9c&async=1&fmt=3&is_vtc=1&random=741169613&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Oct 2020 22:50:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/874639274/ 		42 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/874639274/?random=1601679055976&cv=9&fst=1601676000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&tiba=Du%20h%E1%BB%8Dc%20ngh%E1%BB%81%20l%C3%A1i%20t%C3%A0u%20MEV%20-%20CHLB%20%C4%90%E1%BB%A9c&async=1&fmt=3&is_vtc=1&random=741169613&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Oct 2020 22:50:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/874639274/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/874639274/?random=1601679055986&cv=9&fst=1601676000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&tiba=Du%20h%E1%BB%8Dc%20ngh%E1%BB%81%20l%C3%A1i%20t%C3%A0u%20MEV%20-%20CHLB%20%C4%90%E1%BB%A9c&async=1&fmt=3&is_vtc=1&random=1125044775&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Oct 2020 22:50:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/874639274/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/874639274/?random=1601679055986&cv=9&fst=1601676000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&tiba=Du%20h%E1%BB%8Dc%20ngh%E1%BB%81%20l%C3%A1i%20t%C3%A0u%20MEV%20-%20CHLB%20%C4%90%E1%BB%A9c&async=1&fmt=3&is_vtc=1&random=1125044775&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Oct 2020 22:50:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/874639274/ 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/874639274/?random=1601679056060&cv=9&fst=1601676000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&data=event%3DScrollDepth_75_percent%3Bevent_category%3DLadiPageScrollDepth%3Bevent_label%3Dduhocnghelaitaumev.daytiengduc.vn%2F%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&tiba=Du%20h%E1%BB%8Dc%20ngh%E1%BB%81%20l%C3%A1i%20t%C3%A0u%20MEV%20-%20CHLB%20%C4%90%E1%BB%A9c&async=1&fmt=3&is_vtc=1&random=3727914708&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Oct 2020 22:50:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/874639274/ 		42 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/874639274/?random=1601679056060&cv=9&fst=1601676000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&data=event%3DScrollDepth_75_percent%3Bevent_category%3DLadiPageScrollDepth%3Bevent_label%3Dduhocnghelaitaumev.daytiengduc.vn%2F%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&tiba=Du%20h%E1%BB%8Dc%20ngh%E1%BB%81%20l%C3%A1i%20t%C3%A0u%20MEV%20-%20CHLB%20%C4%90%E1%BB%A9c&async=1&fmt=3&is_vtc=1&random=3727914708&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Oct 2020 22:50:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=722683178143888&ev=Microdata&dl=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&rl=&if=false&ts=1601679056543&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Du%20h%E1%BB%8Dc%20ngh%E1%BB%81%20l%C3%A1i%20t%C3%A0u%20MEV%20-%20CHLB%20%C4%90%E1%BB%A9c%22%2C%22meta%3Akeywords%22%3A%22du%20h%E1%BB%8Dc%20ngh%E1%BB%81%2C%20du%20h%E1%BB%8Dc%20%C4%91%E1%BB%A9c%2C%20h%E1%BB%8Dc%20ngh%E1%BB%81%20%C4%91%E1%BB%A9c%2C%20l%C3%A1i%20t%C3%A0u%20MEV%2C%20du%20h%E1%BB%8Dc%20ngh%E1%BB%81%20l%C3%A1i%20t%C3%A0u%20%C4%90%E1%BB%A9c%2C%20ti%E1%BA%BFng%20%C4%91%E1%BB%A9c%22%2C%22meta%3Adescription%22%3A%22H%E1%BB%97%20tr%E1%BB%A3%20to%C3%A0n%20b%E1%BB%99%20chi%20ph%C3%AD%20h%E1%BB%8Dc%20ti%E1%BA%BFng%20t%E1%BB%AB%20A1%20%C4%91%E1%BA%BFn%20B2%20tr%E1%BB%8B%20gi%C3%A1%204000%20Euro.%20Ch%E1%BB%89%20m%E1%BA%A5t%201%20n%C4%83m%20h%E1%BB%8Dc%20ngh%E1%BB%81%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22http%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%22%2C%22og%3Atitle%22%3A%22Du%20h%E1%BB%8Dc%20ngh%E1%BB%81%20l%C3%A1i%20t%C3%A0u%20MEV%20-%20CHLB%20%C4%90%E1%BB%A9c%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.ladipage.net%2F5e045dd32786043be9d0ad95%2Fzuyet-awarmatik-xs_rvu5a4gu-unsplash-20200207032652.jpg%22%2C%22og%3Adescription%22%3A%22H%E1%BB%97%20tr%E1%BB%A3%20to%C3%A0n%20b%E1%BB%99%20chi%20ph%C3%AD%20h%E1%BB%8Dc%20ti%E1%BA%BFng%20t%E1%BB%AB%20A1%20%C4%91%E1%BA%BFn%20B2%20tr%E1%BB%8B%20gi%C3%A1%204000%20Euro.%20Ch%E1%BB%89%20m%E1%BA%A5t%201%20n%C4%83m%20h%E1%BB%8Dc%20ngh%E1%BB%81%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=3&o=30&fbp=fb.1.1601679056040.661427220&it=1601679055888&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: duhocnghelaitaumev.daytiengduc.vn
URL: https://duhocnghelaitaumev.daytiengduc.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:50:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 02 Oct 2020 22:50:56 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/874639274/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/874639274/?random=1601679066059&cv=9&fst=1601679066059&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&ig=1&data=event%3DTimeOnPage_10_seconds%3Bevent_category%3DLadiPageTimeOnPage%3Bevent_label%3Dduhocnghelaitaumev.daytiengduc.vn%2F%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&tiba=Du%20h%E1%BB%8Dc%20ngh%E1%BB%81%20l%C3%A1i%20t%C3%A0u%20MEV%20-%20CHLB%20%C4%90%E1%BB%A9c&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cdd44bf56fae3b36f3877db6837550fdf35265c30d3cfef556701d377e8e0a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Oct 2020 22:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1134
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=722683178143888&ev=TimeOnPage_10_seconds&dl=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&rl=&if=false&ts=1601679066061&sw=1600&sh=1200&v=2.9.27&r=stable&ec=4&o=30&fbp=fb.1.1601679066060.1208453052&it=1601679055888&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:51:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 02 Oct 2020 22:51:06 GMT
/
www.google.com/pagead/1p-user-list/874639274/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/874639274/?random=1601679066059&cv=9&fst=1601676000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&data=event%3DTimeOnPage_10_seconds%3Bevent_category%3DLadiPageTimeOnPage%3Bevent_label%3Dduhocnghelaitaumev.daytiengduc.vn%2F%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&tiba=Du%20h%E1%BB%8Dc%20ngh%E1%BB%81%20l%C3%A1i%20t%C3%A0u%20MEV%20-%20CHLB%20%C4%90%E1%BB%A9c&async=1&fmt=3&is_vtc=1&random=1354928273&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Oct 2020 22:51:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/874639274/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/874639274/?random=1601679066059&cv=9&fst=1601676000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9n1&sendb=1&data=event%3DTimeOnPage_10_seconds%3Bevent_category%3DLadiPageTimeOnPage%3Bevent_label%3Dduhocnghelaitaumev.daytiengduc.vn%2F%3Bnon_interaction%3Dtrue&frm=0&url=https%3A%2F%2Fduhocnghelaitaumev.daytiengduc.vn%2F&tiba=Du%20h%E1%BB%8Dc%20ngh%E1%BB%81%20l%C3%A1i%20t%C3%A0u%20MEV%20-%20CHLB%20%C4%90%E1%BB%A9c&async=1&fmt=3&is_vtc=1&random=1354928273&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Oct 2020 22:51:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
75282265_10206381805900933_2705432932343873536_n-20191227193853.jpg
w.ladicdn.com/s250x250/5e045dd32786043be9d0ad95/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s250x250/5e045dd32786043be9d0ad95/75282265_10206381805900933_2705432932343873536_n-20191227193853.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42cb890cae3ce7e340e01981285d721904f72da041f8b35c0db730f014258fa5

Request headers

Referer
https://duhocnghelaitaumev.daytiengduc.vn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 22:51:06 GMT
vary
Accept-Encoding
cf-cache-status
MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
058d1c1e4000001f19a70cd200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5dc1fc76cbae1f19-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Sat, 02 Oct 2021 22:51:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
la.ladipage.com
URL
https://la.ladipage.com/2.0/domain/check

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| ladi_viewport boolean| ladi_is_desktop function| fbq function| _fbq function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| LadiPageScriptV2 object| Base64 object| LadiPageScript object| LadiFormApi function| parseFloatLadiPage function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| LadiPageLibraryV2 function| LadiPageAppV2 function| ladi object| LadiPageApp

5 Cookies

Domain/Path Name / Value
.daytiengduc.vn/ Name: _fbp
Value: fb.1.1601679056040.661427220
duhocnghelaitaumev.daytiengduc.vn/ Name: LADI_PAGE_VIEW
Value: 1
duhocnghelaitaumev.daytiengduc.vn/ Name: _timenow
Value: 1601679056045
duhocnghelaitaumev.daytiengduc.vn/ Name: LADI_FORM_SUBMIT
Value: 0
duhocnghelaitaumev.daytiengduc.vn/ Name: LADI_CLIENT_ID
Value: 56afd407-3262-40be-75db-b13da2a6ca33

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 722683178143888.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
duhocnghelaitaumev.daytiengduc.vn
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
la.ladipage.com
spreadsheets.google.com
static.ladipage.net
w.ladicdn.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
la.ladipage.com
216.58.208.34
2606:4700::6812:c44
2a00:1450:4001:802::2002
2a00:1450:4001:809::2008
2a00:1450:4001:818::2003
2a00:1450:4001:818::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:824::2004
2a00:1450:4001:825::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.221.6.123
52.74.169.98
54.251.211.102
00cc9a5d17cb76ff360d1ed18c4415c5732082e8b1bdfb083bdd786ca4f09f58
0b504639260d1e191066e30c8e5c54231b5beeb37232561328354844513d0f3e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18d027a83bad2a330c3a444f48f00f198316eaaff4e45e9b2ea3ac0ec314bfd6
2375d74cbf51fc919e830c415293829609ea0affe5e7a9733c7bb8f3d04fa0fb
2d646fe2c2552d5478a6d1709dc18104f0125b9b80b089ffa622100341cf8db8
30d71d65f9584deb92c785b1e3076a3815008e05f6c23b434f02622af03479b8
39150436ef6dcec7f407c8b79f1b068705a48a7b31f31dbfca6fa18592a2f746
42cb890cae3ce7e340e01981285d721904f72da041f8b35c0db730f014258fa5
460e868c52b379873e76548f9a38207c22aadbc7d6fb0682ed772403f6c8cd30
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
4cdd44bf56fae3b36f3877db6837550fdf35265c30d3cfef556701d377e8e0a9
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
6df1981a7ac6f5e6f2d1bb97079c0e0081dcf312c20f1471dc96d035ca72c7be
6e92ea8a036305feed6f43cf1ba9d37ae6ba4fc90236080ca3dce4299d5723d8
83f11f49aaa8c8d5cfcc9fec08e922402f704e66ce2e41e0f6d45cfec6abac29
89b4930cd48933994574b0ac7f81cbede6f830b817b7a3a49eda3706259b633c
95542b000019acedd7f94c19b357facaa2b0e190f450f3b3444c2e309a2d182b
9bdf752a44aecf81888c10bde262086206f96aa523b776f52941d123daafbe18
abd956399615e25b177431c97506ae956b2112b9a9b11a4684f1fff29e813d6f
b51ff54f22a8bb9933d3a0b885d39f036a698e1ff331f627ae2e8b098f9b3778
b79d3dd23c2b8955c4f3f0f89bac8aa1b52e39d319c15c13e20aef18b1968128
c395dde83a7af5a77ddcc262356a69409d6e0edd9c6c586110014b78681580e5
c4c9d4f6fbcbe3b591646b902e33b914083d983374cf38cefcd6054ccc5dd3b3
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12
d5b12ba320d79744057a337087cb9fb09cec08a78576936f0c69bb44132823e0
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff1d80eacdb7bfdf4dc9e2ebfb8238733fcf4085f4371cc0e9052877bd095a1b