qc8.duocphamviethoang.click Open in urlscan Pro
18.139.62.226  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

• https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=6910702498998026&ev=PageView&dl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&rl=&if=false&ts=1718183664905&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718183664902.54676373291475542&ler=empty&cdl=API_unavailable&it=1718183664017&coo=false&rqm=FGET HTTP 302
• https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D6910702498998026%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fqc8.duocphamviethoang.click%252F%26rl%26if%3Dfalse%26ts%3D1718183664905%26sw%3D1600%26sh%3D1200%26v%3D2.9.157%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1718183664902.54676373291475542%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1718183664017%26coo%3Dfalse%26rqm%3DFGET

Request Chain 60

• https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=6910702498998026&ev=ViewContent&dl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&rl=&if=false&ts=1718183664907&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4126&fbp=fb.1.1718183664902.54676373291475542&ler=empty&cdl=API_unavailable&it=1718183664017&coo=false&rqm=FGET HTTP 302
• https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D6910702498998026%26ev%3DViewContent%26dl%3Dhttps%253A%252F%252Fqc8.duocphamviethoang.click%252F%26rl%26if%3Dfalse%26ts%3D1718183664907%26sw%3D1600%26sh%3D1200%26v%3D2.9.157%26r%3Dstable%26ec%3D1%26o%3D4126%26fbp%3Dfb.1.1718183664902.54676373291475542%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1718183664017%26coo%3Dfalse%26rqm%3DFGET

Request Chain 62

• https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=6910702498998026&ev=ScrollDepth_25_percent&dl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&rl=&if=false&ts=1718183664908&sw=1600&sh=1200&v=2.9.157&r=stable&ec=2&o=4126&fbp=fb.1.1718183664902.54676373291475542&ler=empty&cdl=API_unavailable&it=1718183664017&coo=false&rqm=FGET HTTP 302
• https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D6910702498998026%26ev%3DScrollDepth_25_percent%26dl%3Dhttps%253A%252F%252Fqc8.duocphamviethoang.click%252F%26rl%26if%3Dfalse%26ts%3D1718183664908%26sw%3D1600%26sh%3D1200%26v%3D2.9.157%26r%3Dstable%26ec%3D2%26o%3D4126%26fbp%3Dfb.1.1718183664902.54676373291475542%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1718183664017%26coo%3Dfalse%26rqm%3DFGET

Request Chain 70

• https://static.ladipage.net/6013695ec1b48f0011066a28/z4632491344364_77715aa2adf7e090b085c024b5b3eb11-20231014034731-ov-3a.jpg HTTP 301
• https://w.ladicdn.com/6013695ec1b48f0011066a28/z4632491344364_77715aa2adf7e090b085c024b5b3eb11-20231014034731-ov-3a.jpg

Request Chain 71

• https://static.ladipage.net/6013695ec1b48f0011066a28/z4632491344364_77715aa2adf7e090b085c024b5b3eb11-20231014034731-ov-3a.jpg HTTP 301
• https://w.ladicdn.com/6013695ec1b48f0011066a28/z4632491344364_77715aa2adf7e090b085c024b5b3eb11-20231014034731-ov-3a.jpg

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response qc8.duocphamviethoang.click/	152 KB 32 KB	100ms 6ms	Document text/html	18.139.62.226 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.139.62.226 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-139-62-226.ap-southeast-1.compute.amazonaws.com Software openresty / Resource Hash 2a0354fe32000cca4932cbc870a56c2d7fbfb93501cf1ded0db7304fc1d60a90 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-SG,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 content-encoding gzip content-type text/html; charset=utf-8 date Wed, 12 Jun 2024 09:14:23 GMT server openresty statuscode 200 strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	css2 fonts.googleapis.com/	24 KB 3 KB	35ms 10ms	Stylesheet text/css	2404:6800:4003:c03::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Pattaya&family=Oswald:wght@400;700&family=Muli:wght@400;700&family=Roboto:wght@400;700&display=swap Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c03::5f Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c97bdfb35e8391352a0477e2f4dcf9e5941bc5dce3430920dc5e2bdf497b1552 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Wed, 12 Jun 2024 09:14:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 12 Jun 2024 09:14:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 12 Jun 2024 09:14:23 GMT
GET H2	200	ladipagev3.min.js Show response w.ladicdn.com/v4/source/	395 KB 94 KB	30ms 5ms	Script text/javascript	2600:9000:223b:8800:11:52e1:b680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1717570019324 Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:8800:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 13eb343745087837fa6d29caa239952566eadd439e05e349d5a038a39a8b645d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 11 Jun 2024 07:40:18 GMT content-encoding gzip via 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 92045 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id 8MNSW3livmdWKyzTrLmTKIR46FlRNHO7gnLJp4-LeXkZDS5iwhRB0Q== expires Wed, 11 Jun 2025 07:40:18 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	219 KB 59 KB	36ms 5ms	Script application/x-javascript	2a03:2880:f00c:10d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f00c:10d:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 12 Jun 2024 09:14:23 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57975 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=2, rtx=0, c=13, mss=1297, tbw=2772, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug N48MQvuHuS89jGqSA6GOMWhUkIROZCMZUh3FacfBeCmfIH1qC+dlfRyzDyJ0NdNUa+m7Fih/l7RkjU2tFFv5pw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	8 KB 3 KB	314ms 258ms	Script application/javascript	23.52.171.234 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CP47R7BC77U2JRJDBUKG&lib=ttq Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.52.171.234 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-171-234.deploy.static.akamaitechnologies.com Software nginx / Resource Hash fc6b66c1a251f2b32f9c8d6625376c2ec7504875ea6a3e470edd032be100de8a Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 629459e date Wed, 12 Jun 2024 09:14:24 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240612091423EFE5F2514D30C5B8C0E8-1DDDF305D0859002-00 x-cache TCP_MISS from a23-52-171-230.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) server-timing inner; dur=2, cdn-cache; desc=MISS, edge; dur=2, origin; dur=243 content-length 2438 pragma no-cache server nginx x-tt-logid 20240612091423EFE5F2514D30C5B8C0E8 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 244,23.52.171.230 x-tt-trace-host 014cfb988ab6478c2d23d32ce460d56edc89c51cfb9fb29338e741acf5ae5d8ee695d7ac082078e9c193aeaf90ccea9491e4e3224e6e51d32f645f5c09ee5950746e71bbd9bf2976d4aaf0220544dcc40ddb65d305feecdd6796a968d86cf184d6 expires Wed, 12 Jun 2024 09:14:24 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	8 KB 3 KB	322ms 267ms	Script application/javascript	23.52.171.234 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=COLMA8JC77UD19SO0R50&lib=ttq Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.52.171.234 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-171-234.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 9b539af0c84bb3b289166db543347f7f949892ce92589770f615b41553a1d715 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 629459d date Wed, 12 Jun 2024 09:14:24 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24061209142371917F722023CCA7D206-3BF794ADB74126D9-00 x-cache TCP_MISS from a23-52-171-230.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) server-timing inner; dur=14, cdn-cache; desc=MISS, edge; dur=1, origin; dur=252 content-length 2426 pragma no-cache server nginx x-tt-logid 2024061209142371917F722023CCA7D206 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 253,23.52.171.230 x-tt-trace-host 014cfb988ab6478c2d23d32ce460d56edc89c51cfb9fb29338e741acf5ae5d8ee659b3c31eb8a0426c9065c82f9d3739273ecb211828ee40b563ea13c0a118059aec4fd4aad29b8e5006cbf0567aa95baa84e28fb7c2969045bece9452f8fa1d04 expires Wed, 12 Jun 2024 09:14:24 GMT
GET H2	200	ztracker.js Show response s.zzcdn.me/ztr/	23 KB 8 KB	434ms 133ms	Script application/javascript	2405:4800:ae00:1b01::65f FPT-AS-AP FPT Tel...
General Check archive.org Show headers Download Go to Full URL https://s.zzcdn.me/ztr/ztracker.js?id=7056840457216708608 Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2405:4800:ae00:1b01::65f , Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN), Reverse DNS Software Universe / Resource Hash 45b4fb3d724d209c5064eae7d20e445c8af7e7829aeebf0369de54febf7d8593 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 09:14:24 GMT content-encoding gzip server Universe age 6714367 x-cache-status HIT content-type application/javascript access-control-allow-origin * cache-control no-cache accept-ranges bytes content-length 7848
GET H2	200	gtm.js Show response www.googletagmanager.com/	235 KB 85 KB	60ms 19ms	Script application/javascript	2404:6800:4003:c02::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PKBQTFG Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c02::61 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6ff34824bb00b5dd4cdf3c756fb1e18e94d36c62dc9b3655d24de211786cd4f4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 09:14:23 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 86425 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 12 Jun 2024 09:14:23 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	6 KB 3 KB	309ms 254ms	Script application/javascript	23.52.171.234 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CNFKLFJC77UD9DAM13I0&lib=ttq Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.52.171.234 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-171-234.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 507727691a9ca7f3f72a892717f78d3fac0c689a38d394308a4eb7dd700a2d95 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 629459f date Wed, 12 Jun 2024 09:14:24 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2406120914236D44E143C64D1BA50C7A-27B23906FAF08E96-00 x-cache TCP_MISS from a23-52-171-230.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) server-timing inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=239 content-length 1955 pragma no-cache server nginx x-tt-logid 202406120914236D44E143C64D1BA50C7A vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 240,23.52.171.230 x-tt-trace-host 014cfb988ab6478c2d23d32ce460d56edc89c51cfb9fb29338e741acf5ae5d8ee61c3d9c3d47b11f85c4b6bf1edc5233fea9b8e33c54166c1201674468dd8cf99a833d443dfaa8ba0d3208389e551c137bca5df54d8ebc1e219141016915bf1be6 expires Wed, 12 Jun 2024 09:14:24 GMT
GET H2	200	notify.svg w.ladicdn.com/source/	2 KB 866 B	4ms 3ms	Image image/svg+xml	2600:9000:223b:8800:11:52e1:b680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/source/notify.svg?v=1.0 Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:8800:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 14 May 2024 04:31:22 GMT content-encoding gzip via 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 2522581 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id s6MyuFgDUkaHpNfpwf9_A9WUllc0d_3P5HuBhAywVJd4UGOoJVLyiA== expires Wed, 14 May 2025 04:31:22 GMT
GET H2	200	20191008_085657_099999_dt_150428_gerd_gastromax-800x800-20230718093256-if_mx.jpg w.ladicdn.com/s450x450/5f8a776e73f7b354e4b50766/	20 KB 17 KB	7ms 6ms	Image image/jpeg	2600:9000:223b:8800:11:52e1:b680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s450x450/5f8a776e73f7b354e4b50766/20191008_085657_099999_dt_150428_gerd_gastromax-800x800-20230718093256-if_mx.jpg Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:8800:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 1d1985ad206169e31abe1826f4c87ca4da873ed7b32542a76ca936cc93e98495 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 16 Oct 2023 01:56:22 GMT content-encoding gzip via 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 20762281 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id qUAvDV9C0-ff6nuCsMcInIvnVHAX4T9chD58AICtaV7F41W9_28eNw== expires Tue, 15 Oct 2024 01:56:22 GMT
GET H2	200	vi-tri-dai-trang-nam-o-dau-01-e1563864832416-20230718093310-kol-q.jpg w.ladicdn.com/s500x450/5f8a776e73f7b354e4b50766/	46 KB 36 KB	11ms 10ms	Image image/jpeg	2600:9000:223b:8800:11:52e1:b680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s500x450/5f8a776e73f7b354e4b50766/vi-tri-dai-trang-nam-o-dau-01-e1563864832416-20230718093310-kol-q.jpg Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:8800:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash fcc42e19881e5f5acc63b5e0d7f1adbcf19d4f03df60fff45a63fe8c39657324 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 16 Oct 2023 01:56:22 GMT content-encoding gzip via 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 20762281 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id zsZWRWk8aSn64xzWRCkrX2v7ohhgMLDrUXFMp7lBH-b4bMieApVNqQ== expires Tue, 15 Oct 2024 01:56:22 GMT
GET H2	200	vi-khuan-hp-167401341208689191777-20230718093310-qwhsi.png w.ladicdn.com/s500x450/5f8a776e73f7b354e4b50766/	439 KB 440 KB	16ms 15ms	Image image/png	2600:9000:223b:8800:11:52e1:b680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s500x450/5f8a776e73f7b354e4b50766/vi-khuan-hp-167401341208689191777-20230718093310-qwhsi.png Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:8800:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash ffa6aae3b8935433b990e39816ec28a0d9ebb0bc098b833343c87dbb8d80fa1c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 16 Oct 2023 01:56:22 GMT content-encoding gzip via 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 20762281 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id 55fYtvQncG8UXuChRno9wVuXS7_b_6l-8DWwqiVIvd2CUp9vSbMxUQ== expires Tue, 15 Oct 2024 01:56:22 GMT
GET DATA	200 OK	truncated /	626 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ed9d65659f449de5bc2cddd7236e68e02381bd92f136bacc527391e91541842b Request headers Accept-Language en-SG,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	dx-20200723034050-20230511033245-twnmw.png w.ladicdn.com/s450x400/5f8a776e73f7b354e4b50766/	12 KB 12 KB	68ms 66ms	Image image/png	2600:9000:223b:8800:11:52e1:b680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s450x400/5f8a776e73f7b354e4b50766/dx-20200723034050-20230511033245-twnmw.png Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:8800:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash ab1702195a783b08d7e83dbf7919b911705fd2a64affe5a7fc8f83a5e7273e53 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 28 Jan 2024 00:18:19 GMT content-encoding gzip via 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 11782564 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id 2a-J3Kvel96we3gPfirmwu7hO9TZUKxMqNBKPd_cYPLdsjZThgJmvw== expires Mon, 27 Jan 2025 00:18:19 GMT
GET H2	200	evwe-20200723033651-20230511033127-vcprp.png w.ladicdn.com/s750x550/5f8a776e73f7b354e4b50766/	14 KB 14 KB	70ms 68ms	Image image/png	2600:9000:223b:8800:11:52e1:b680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s750x550/5f8a776e73f7b354e4b50766/evwe-20200723033651-20230511033127-vcprp.png Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:8800:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash dbd153a4f96c00f55d24f442e9c074303b0ac138e7d5db1a416d778ba13ba3dd Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Jan 2024 03:19:03 GMT content-encoding gzip via 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 13326920 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id -ACfSxCcNk3kDVrGoKwHaW0nVayCYN4tWeFXBW1e0nHi7cM6DxPlxA== expires Thu, 09 Jan 2025 03:19:03 GMT
GET H2	200	lo-thuoc-cat-20231007071955-xiszq.png w.ladicdn.com/s750x600/6013695ec1b48f0011066a28/	371 KB 371 KB	71ms 69ms	Image image/png	2600:9000:223b:8800:11:52e1:b680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s750x600/6013695ec1b48f0011066a28/lo-thuoc-cat-20231007071955-xiszq.png Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:8800:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 47ab52f8d943f0413cb7abf7363feb51ab2bcc07cfc849c569eda37a2caac8bf Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 08:09:56 GMT content-encoding gzip via 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 4064667 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id T405cFoDkqDNosPoovBlJqDl4t5K5HdaUtrNYn-DkuXTxhyGai0jtA== expires Sat, 26 Apr 2025 08:09:56 GMT
GET H2	200	v346tq34t-20200715085224-20230511033245-y4alp.png w.ladicdn.com/s750x450/5f8a776e73f7b354e4b50766/	25 KB 25 KB	103ms 102ms	Image image/png	2600:9000:223b:8800:11:52e1:b680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s750x450/5f8a776e73f7b354e4b50766/v346tq34t-20200715085224-20230511033245-y4alp.png Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:8800:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash de3977eccc0ad0363ad41719cd56a7165a1a8a06f7dfed859aed6d30e4bf156d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 16 Oct 2023 01:56:25 GMT content-encoding gzip via 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 20762278 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id 6SnKAYmZA2-ugaapooynchBEksZIZ9tXb7A4_L1WaXOgT1LrVSrbDA== expires Tue, 15 Oct 2024 01:56:25 GMT
GET H2	200	goi-ngay-20240330051700-f8jgd.png w.ladicdn.com/s550x400/6013695ec1b48f0011066a28/	12 KB 12 KB	127ms 127ms	Image image/png	2600:9000:223b:8800:11:52e1:b680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s550x400/6013695ec1b48f0011066a28/goi-ngay-20240330051700-f8jgd.png Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:8800:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 3efb906a5509fcb400fd2c9acbe7071a6d177b7d4bcbf711212aef66746be4a8 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Apr 2024 03:15:20 GMT content-encoding gzip via 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 5983143 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id qGB0FWofoheArKo_Wj4U3MRSkejQbF1FwQENl7EtolkL3w3qvXdM5Q== expires Fri, 04 Apr 2025 03:15:20 GMT
GET H2	200	dau-da-day-2-20200623041229-20230510085939-swhwj.png w.ladicdn.com/s500x550/5f8a776e73f7b354e4b50766/	480 KB 481 KB	115ms 114ms	Image image/png	2600:9000:223b:8800:11:52e1:b680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s500x550/5f8a776e73f7b354e4b50766/dau-da-day-2-20200623041229-20230510085939-swhwj.png Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:8800:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash c0cdbafafc38fd4afae41ccff8098c376e3c44bd2bdc254330fc012057c32794 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Jan 2024 17:25:15 GMT content-encoding gzip via 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 13103348 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id QtHzHJTp-hTZK-BvP8wQGbbfKr6ijhetxn8DbRK3lpwzIZA1tCzudw== expires Sat, 11 Jan 2025 17:25:15 GMT
GET H2	200	hot-20240312024331-w3khg.png w.ladicdn.com/s550x350/6013695ec1b48f0011066a28/	62 KB 58 KB	126ms 126ms	Image image/png	2600:9000:223b:8800:11:52e1:b680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s550x350/6013695ec1b48f0011066a28/hot-20240312024331-w3khg.png Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:8800:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 176999ecda7c811d0ac086006d150454e68ee2d22358876c29e4d6e969081540 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 12 Mar 2024 02:49:18 GMT content-encoding gzip via 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 7971905 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id dwFC61oGl8zi67K6XpgpIC0tcMkGJrMs3NjD5xagsXg8JHG_vqMlvw== expires Wed, 12 Mar 2025 02:49:18 GMT
GET H2	200	dang-ky-tu-van-20230921094040-jlz5p-20240327080604-x8agd.png w.ladicdn.com/s500x400/6013695ec1b48f0011066a28/	19 KB 19 KB	128ms 128ms	Image image/png	2600:9000:223b:8800:11:52e1:b680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s500x400/6013695ec1b48f0011066a28/dang-ky-tu-van-20230921094040-jlz5p-20240327080604-x8agd.png Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:8800:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash c9547680256ea226ff63cf2756b4d7ab7d70ec50171c0e41612daa69786eb19f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 07:42:23 GMT content-encoding gzip via 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 4066320 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id lomdLA4QcmbOiOnUQySkNH117YNX3qs0egw8yefzHBjc1omsUPxpcg== expires Sat, 26 Apr 2025 07:42:23 GMT
GET H2	200	7Auwp_0qiz-afTLGLQ.woff2 fonts.gstatic.com/s/muli/v29/	32 KB 32 KB	39ms 13ms	Font font/woff2	2404:6800:4003:c1c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Pattaya&family=Oswald:wght@400;700&family=Muli:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://qc8.duocphamviethoang.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 14:20:44 GMT x-content-type-options nosniff age 327220 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32796 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:41:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Jun 2025 14:20:44 GMT
GET H2	200	7Auwp_0qiz-afTzGLRrX.woff2 fonts.gstatic.com/s/muli/v29/	29 KB 29 KB	47ms 21ms	Font font/woff2	2404:6800:4003:c1c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTzGLRrX.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Pattaya&family=Oswald:wght@400;700&family=Muli:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6f968e2b575a4921967e9ccb21f184904b8cc5dfb92a1847c72732c85a8cc33d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://qc8.duocphamviethoang.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 14:26:44 GMT x-content-type-options nosniff age 326860 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30028 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:45:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Jun 2025 14:26:44 GMT
GET H2	200	7Auwp_0qiz-afT3GLRrX.woff2 fonts.gstatic.com/s/muli/v29/	12 KB 12 KB	61ms 35ms	Font font/woff2	2404:6800:4003:c1c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afT3GLRrX.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Pattaya&family=Oswald:wght@400;700&family=Muli:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88f27bc04b46e288d95a087776db3cd30cce45a9b5b23c7942e79fefd5b48b2c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://qc8.duocphamviethoang.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 14:49:51 GMT x-content-type-options nosniff age 325473 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11816 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:46:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Jun 2025 14:49:51 GMT
GET H2	200	TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 fonts.gstatic.com/s/oswald/v53/	21 KB 21 KB	53ms 27ms	Font font/woff2	2404:6800:4003:c1c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Pattaya&family=Oswald:wght@400;700&family=Muli:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://qc8.duocphamviethoang.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 14:29:04 GMT x-content-type-options nosniff age 326720 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21444 x-xss-protection 0 last-modified Tue, 15 Aug 2023 18:38:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Jun 2025 14:29:04 GMT
GET H2	200	TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2 fonts.gstatic.com/s/oswald/v53/	18 KB 18 KB	42ms 16ms	Font font/woff2	2404:6800:4003:c1c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Pattaya&family=Oswald:wght@400;700&family=Muli:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a2af879c9d863ff503ebd89ef251c9d8caa2c8063f097c29e31856e27aca2630 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://qc8.duocphamviethoang.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 14:41:28 GMT x-content-type-options nosniff age 325976 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18716 x-xss-protection 0 last-modified Tue, 15 Aug 2023 18:23:36 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Jun 2025 14:41:28 GMT
GET H2	200	TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlZHYjedg.woff2 fonts.gstatic.com/s/oswald/v53/	6 KB 6 KB	63ms 38ms	Font font/woff2	2404:6800:4003:c1c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlZHYjedg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Pattaya&family=Oswald:wght@400;700&family=Muli:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 31d66284204ab36bfd0b97ed55fcf8e4bbceafa0a8bd46b71f64db8d0ef9d500 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://qc8.duocphamviethoang.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 14:41:28 GMT x-content-type-options nosniff age 325976 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6224 x-xss-protection 0 last-modified Tue, 15 Aug 2023 18:25:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Jun 2025 14:41:28 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 47 KB	69ms 44ms	Font font/woff2	2404:6800:4003:c1c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Pattaya&family=Oswald:wght@400;700&family=Muli:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://qc8.duocphamviethoang.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 14:23:19 GMT x-content-type-options nosniff age 327065 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Jun 2025 14:23:19 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 fonts.gstatic.com/s/opensans/v40/	16 KB 16 KB	56ms 31ms	Font font/woff2	2404:6800:4003:c1c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Pattaya&family=Oswald:wght@400;700&family=Muli:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://qc8.duocphamviethoang.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 14:45:45 GMT x-content-type-options nosniff age 325719 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16552 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Jun 2025 14:45:45 GMT
GET H2	200	ea8ZadcqV_zkHY-XBdet9g.woff2 fonts.gstatic.com/s/pattaya/v16/	28 KB 28 KB	63ms 39ms	Font font/woff2	2404:6800:4003:c1c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/pattaya/v16/ea8ZadcqV_zkHY-XBdet9g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Pattaya&family=Oswald:wght@400;700&family=Muli:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 07ae66cd91994d29ae66282aaed320f98b5ad25e7cc16e3a9cdc08f7d5a87b0f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://qc8.duocphamviethoang.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 14:29:24 GMT x-content-type-options nosniff age 326700 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28844 x-xss-protection 0 last-modified Thu, 24 Aug 2023 17:59:11 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Jun 2025 14:29:24 GMT
GET H2	200	ea8ZadcqV_zkHY-XBdmt9lZE.woff2 fonts.gstatic.com/s/pattaya/v16/	27 KB 27 KB	66ms 42ms	Font font/woff2	2404:6800:4003:c1c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/pattaya/v16/ea8ZadcqV_zkHY-XBdmt9lZE.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Pattaya&family=Oswald:wght@400;700&family=Muli:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d3fe174511da3df6ec25fb8ec526f1af2a2a3fbf46000651d6aa4d18504ae559 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://qc8.duocphamviethoang.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 09 Jun 2024 02:30:37 GMT x-content-type-options nosniff age 283427 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27860 x-xss-protection 0 last-modified Thu, 24 Aug 2023 17:57:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 09 Jun 2025 02:30:37 GMT
GET H2	200	ea8ZadcqV_zkHY-XBdit9lZE.woff2 fonts.gstatic.com/s/pattaya/v16/	13 KB 13 KB	57ms 33ms	Font font/woff2	2404:6800:4003:c1c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/pattaya/v16/ea8ZadcqV_zkHY-XBdit9lZE.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Pattaya&family=Oswald:wght@400;700&family=Muli:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8ca99dcbce76881efc601085635a77c1681b279702e7f3bac2d6687ce8363476 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://qc8.duocphamviethoang.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 22:52:12 GMT x-content-type-options nosniff age 296532 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13416 x-xss-protection 0 last-modified Thu, 24 Aug 2023 17:57:50 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Jun 2025 22:52:12 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 fonts.gstatic.com/s/opensans/v40/	35 KB 35 KB	51ms 27ms	Font font/woff2	2404:6800:4003:c1c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Pattaya&family=Oswald:wght@400;700&family=Muli:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://qc8.duocphamviethoang.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 14:37:20 GMT x-content-type-options nosniff age 326224 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35328 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:00:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Jun 2025 14:37:20 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	42ms 18ms	Font font/woff2	2404:6800:4003:c1c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Pattaya&family=Oswald:wght@400;700&family=Muli:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://qc8.duocphamviethoang.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 14:23:25 GMT x-content-type-options nosniff age 327059 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Jun 2025 14:23:25 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	5 KB 6 KB	57ms 34ms	Font font/woff2	2404:6800:4003:c1c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Pattaya&family=Oswald:wght@400;700&family=Muli:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://qc8.duocphamviethoang.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 14:31:44 GMT x-content-type-options nosniff age 326560 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5548 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Jun 2025 14:31:44 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	12 KB 12 KB	35ms 11ms	Font font/woff2	2404:6800:4003:c1c::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Pattaya&family=Oswald:wght@400;700&family=Muli:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://qc8.duocphamviethoang.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 08 Jun 2024 14:34:38 GMT x-content-type-options nosniff age 326386 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11824 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:43 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Jun 2025 14:34:38 GMT
OPTIONS H2	200	event a.ladipage.com/	0 0	45ms 4ms	Preflight application/json	54.255.71.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ladipage.com/event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.255.71.117 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-255-71-117.ap-southeast-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view Access-Control-Request-Method POST Origin https://qc8.duocphamviethoang.click Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily access-control-allow-methods POST, OPTIONS access-control-allow-origin * access-control-max-age 2592000 content-encoding gzip content-type application/json; charset=utf-8 date Wed, 12 Jun 2024 09:14:23 GMT vary Accept-Encoding x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-xss-protection 0
GET H2	200	ladipage.formdata.min.js Show response w.ladicdn.com/v4/source/	59 KB 16 KB	78ms 63ms	Script text/javascript	2600:9000:223b:8800:11:52e1:b680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/v4/source/ladipage.formdata.min.js?v=1717570019324 Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1717570019324 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:8800:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 4d3c47b4ec644279885705abd974a871894bad75fde6ce990e6b27310f7251a1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 11 Jun 2024 07:40:18 GMT content-encoding gzip via 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 92045 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id MjjCjVITOZEdTNlkeON8dsQJ1QIFMo71GzQSfy4_fP06mrnCTtd-bg== expires Wed, 11 Jun 2025 07:40:18 GMT
GET H2	200	6013695ec1b48f0011066a28.json Show response g.ladicdn.com/dataset/	5 KB 2 KB	63ms 30ms	XHR text/plain	54.179.173.60 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ladicdn.com/dataset/6013695ec1b48f0011066a28.json?id=627f65459c91b40021ce6f03 Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1717570019324 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.179.173.60 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-179-173-60.ap-southeast-1.compute.amazonaws.com Software openresty / Resource Hash f7f0fe1c1e5aea5200ee469cec39706f0ee6cff3636edb0c1b266513dee2d911 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 09:14:23 GMT content-encoding gzip server openresty vary Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 statuscode 200
GET DATA	200 OK	truncated /	385 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a Request headers Accept-Language en-SG,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
POST H2	200	event Show response a.ladipage.com/	125 B 651 B	18ms 18ms	XHR text/plain	54.255.71.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ladipage.com/event Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1717570019324 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.255.71.117 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-255-71-117.ap-southeast-1.compute.amazonaws.com Software / Resource Hash 0e8766356e7b8f563df27d4e7928077709065f892850c9089cb42d922530fc7f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" LADI_CLIENT_ID 6d287bcc-f92a-4f01-731d-0b794afa2797 LADI_CAMP_ORIGIN_URL LADI_FORM_SUBMIT 0 LADI_CAMP_ID LADI_CAMP_FORM_SUBMIT 0 Accept-Language en-SG,en;q=0.9;q=0.9 LADI_CAMP_TYPE sec-ch-ua-platform "Win32" sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 LADI_CAMP_NAME Content-Type application/json Referer https://qc8.duocphamviethoang.click/ LADI_CAMP_TARGET_URL LADI_CAMP_PAGE_VIEW 0 LADI_PAGE_VIEW 1 Response headers date Wed, 12 Jun 2024 09:14:23 GMT x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods POST, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-max-age 2592000 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily x-xss-protection 0
GET H2	200	6013695ec1b48f0011066a28-6577f275ea30ab006850de49.js Show response g.ladicdn.com/tracking/	2 KB 858 B	50ms 23ms	Script application/javascript	54.179.173.60 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ladicdn.com/tracking/6013695ec1b48f0011066a28-6577f275ea30ab006850de49.js?v=1718183663991 Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1717570019324 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.179.173.60 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-179-173-60.ap-southeast-1.compute.amazonaws.com Software openresty / Resource Hash 391ea1cab8c37a84d1b000cd18edaff61e9da4a100260609fe0f9f18dce33f3b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 09:14:24 GMT content-encoding gzip last-modified Tue, 12 Dec 2023 08:20:45 GMT server openresty vary Accept-Encoding content-type application/javascript access-control-allow-origin * statuscode 200
GET H2	200	6910702498998026 Show response connect.facebook.net/signals/config/	59 KB 12 KB	853ms 849ms	Script application/x-javascript	2a03:2880:f00c:10d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/6910702498998026?v=2.9.157&r=stable&domain=qc8.duocphamviethoang.click&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f00c:10d:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ddf63cde69803810b3c6c9bebba2b02b6f28c2aa5593c72bf91185d1bf90e686 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 12 Jun 2024 09:14:24 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=64, mss=1297, tbw=63460, tp=-1, tpl=-1, uplat=841, ullat=0 pragma public x-fb-debug hLt5hTJ1VqcBh07+jvwNIlyTNMFrRxkZNQEn+lIaVOyDDu+vq7ZVA4arFSxbtDGrPURXyU5RmR8G+Ds63ALlUQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	232 KB 83 KB	17ms 16ms	Script application/javascript	2404:6800:4003:c02::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-11157949488&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKBQTFG Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c02::61 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 09dc2f1f1c6e485884b5e341a70b46a6b7ed23aba7a0f8173699726ad54eceb1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 09:14:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85252 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 12 Jun 2024 09:14:24 GMT
GET H2	200	main.MWQ2ZTRjZDY4MA.js Show response analytics.tiktok.com/i18n/pixel/static/	344 KB 100 KB	9ms 9ms	Script application/javascript	23.52.171.234 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ZTRjZDY4MA.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CNFKLFJC77UD9DAM13I0&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.52.171.234 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-171-234.deploy.static.akamaitechnologies.com Software nginx / Resource Hash df07ca7f0683b1a6c516c767fa1febefb650ff29d58f96191ed89ce962458588 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 629488a date Wed, 12 Jun 2024 09:14:24 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202406111619309560C3CE4305B7614D0C x-tt-trace-id 00-2406111619309560C3CE4305B7614D0C-25CDDA88AD915012-00 vary Accept-Encoding x-cache TCP_HIT from a23-52-171-230.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 0114138900f509ed16e86417e1ade961855dfad7d902b87b6e99904546040fa9c45e0e663e6661db1b051b4e6d7703bbfd137a8cc696be493779b975f83dca30c9b6408a3fc573697964f2cfb4fc04e66ae4fe96aa3947c4334be0bce60cec81a9 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=16 content-length 101805
GET H2	200	main.MWQ2ZTRjZDY4MQ.js Show response analytics.tiktok.com/i18n/pixel/static/	349 KB 102 KB	19ms 19ms	Script application/javascript	23.52.171.234 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ZTRjZDY4MQ.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CP47R7BC77U2JRJDBUKG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.52.171.234 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-171-234.deploy.static.akamaitechnologies.com Software nginx / Resource Hash da3f3550c7401e92c424c1846539bc5a8ab0f1bcbc638fe5b7d1159a0ce30f3b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 6294899 date Wed, 12 Jun 2024 09:14:24 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20240611161933947637B3998DB14E5012 x-tt-trace-id 00-240611161933947637B3998DB14E5012-2557DDEFA031DCDE-00 vary Accept-Encoding x-cache TCP_HIT from a23-52-171-230.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 0175db58c14797dfe35860f3dd813cd294234f12c12c336c7edfc9ffa450fa780d434a5b6b37440d6763a22508c848c7fdcc14b7b5a9fdbff10c116551e554e0a5b362a377e04112b86db2c9c5f65f213d867a42ff37413ce3023af188610d514b server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3 content-length 103432
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11157949488/	4 KB 1 KB	31ms 12ms	Script text/javascript	74.125.200.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11157949488/?random=1718183664200&cv=11&fst=1718183664200&bg=ffffff&guid=ON&async=1&gtm=45be46a0v9127055094z89118590435za201zb9118590435&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&hn=www.googleadservices.com&frm=0&tiba=Cao%20Vi%E1%BB%87t%20Ho%C3%A0ng%20Ch%C3%ADnh%20H%C3%A3ng%20%7C%20TS.%20BS%20CKII%20Ph%E1%BA%A1m%20Vi%E1%BB%87t%20Ho%C3%A0ng%20%7C%20Tr%E1%BB%8B%20B%E1%BB%87nh%20D%E1%BA%A1%20D%C3%A0y&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-11157949488&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.200.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f156.1e100.net Software cafe / Resource Hash 1c077f62f9a5d279f34f72448a3160e037226c33fb60d6d9210f76c5214f6f34 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 12 Jun 2024 09:14:24 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1492 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	identify_ce1d8843.js Show response analytics.tiktok.com/i18n/pixel/static/	146 KB 40 KB	10ms 9ms	Script application/javascript	23.52.171.234 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ZTRjZDY4MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.52.171.234 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-171-234.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 629492c date Wed, 12 Jun 2024 09:14:24 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202405210637027AB70C45ABA9B4197435 x-tt-trace-id 00-2405210637027AB70C45ABA9B4197435-7AC94BA2A4A87025-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a23-52-171-230.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01a56512e9e3b1f1aefe41328baed3a8b5d4e143e491fa62f0c9d9ae4656f20f6ee335157eb4ed9ed8205d34bcc56f6f976864ec88a70eb351232d785f78b5146bc5230d066d3e36adfc84aca0c6a5094fdb3ee5ee957c08ff0593100d0f50783e server-timing cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=5 content-length 39856
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 844 B	281ms 279ms	Ping text/plain	23.52.171.234 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ZTRjZDY4MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.52.171.234 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-171-234.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 92f0119.6294962 date Wed, 12 Jun 2024 09:14:24 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24061209142462963A64BE893CB7FC84-2EEF73B70730A83F-00 x-cache TCP_MISS from a23-52-171-230.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) x-parent-response-time 237,23.52.171.230 server-timing cdn-cache; desc=MISS, edge; dur=221, origin; dur=25, inner; dur=22 content-length 0 pragma no-cache server nginx x-tt-logid 2024061209142462963A64BE893CB7FC84 x-cache-remote TCP_MISS from a23-201-31-167.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 25,23.201.31.167 x-tt-trace-host 014cfb988ab6478c2d23d32ce460d56edc724e7cdd82432e368b2e99eae363fb0b69a5a9568e477346511b4ccd8bb8792fb6b752440bbe06a044b09f8466d02f2d53d15700453951c6d44df04e203a76c200893a41f4ddf37a732bcdb581f9c699c91cedde0a705772aa5107895076a1f7 access-control-allow-headers Authorization,* expires Wed, 12 Jun 2024 09:14:24 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 843 B	280ms 279ms	Ping text/plain	23.52.171.234 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ZTRjZDY4MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.52.171.234 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-171-234.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 5753a7d5.6294963 date Wed, 12 Jun 2024 09:14:24 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24061209142485564E871453C99661F8-6E9EE4C5B6CB74EE-00 x-cache TCP_MISS from a23-52-171-230.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) x-parent-response-time 250,23.52.171.230 server-timing cdn-cache; desc=MISS, edge; dur=231, origin; dur=28, inner; dur=25 content-length 0 pragma no-cache server nginx x-tt-logid 2024061209142485564E871453C99661F8 x-cache-remote TCP_MISS from a23-48-100-103.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 28,23.48.100.103 x-tt-trace-host 014cfb988ab6478c2d23d32ce460d56edc724e7cdd82432e368b2e99eae363fb0bc0836140561b3984c51e857e6392ee0fd40cdfe726ed44314ffed7a67161f33d27846521e681b80e46e8aec8c825cbb0fb30ad7292fa449a67921f7d24247408062e30e562e80ceea21cbaa4e24c592f access-control-allow-headers Authorization,* expires Wed, 12 Jun 2024 09:14:24 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 845 B	258ms 258ms	Ping text/plain	23.52.171.234 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ZTRjZDY4MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.52.171.234 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-171-234.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id f273026.6294964 date Wed, 12 Jun 2024 09:14:24 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2406120914244FFCE94321DE63A679EA-50B67CDBEB36E36E-00 x-cache TCP_MISS from a23-52-171-230.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) x-parent-response-time 233,23.52.171.230 server-timing cdn-cache; desc=MISS, edge; dur=217, origin; dur=25, inner; dur=22 content-length 0 pragma no-cache server nginx x-tt-logid 202406120914244FFCE94321DE63A679EA x-cache-remote TCP_MISS from a23-201-31-164.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 26,23.201.31.164 x-tt-trace-host 014cfb988ab6478c2d23d32ce460d56edc724e7cdd82432e368b2e99eae363fb0b51faed579fd5390931d020253af5cda10a93efc4fc4997a063807c013d061e32b6ab78856c89962eb09b93fe6e4a48ddbda593be11af7f8b2e8ff57f31ec3bed99cc69ce009c397d94f78ad985429d3b access-control-allow-headers Authorization,* expires Wed, 12 Jun 2024 09:14:24 GMT
GET H2	200	events Show response log.adtimaserver.vn/ptrck/	296 B 443 B	163ms 69ms	XHR application/json	120.138.69.212 VINAGAME-AS-VN VN...
General Check archive.org Show headers Download Go to Full URL https://log.adtimaserver.vn/ptrck/events?pixelId=7056840457216708608&url=https%3A%2F%2Fqc8.duocphamviethoang.click%2F Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ZTRjZDY4MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 120.138.69.212 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN), Reverse DNS ptr.vng.vn Software za-ngx-srv / Resource Hash d8540612169c11ca559d1eabb03ce411851d49ac969cfa41db106d048b5f090d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Wed, 12 Jun 2024 09:14:24 GMT access-control-expose-headers X-sessionId,token server za-ngx-srv content-length 296 content-type application/json;charset=utf-8
GET H2	200	tracklp log.adtimaserver.vn/	8 B 141 B	145ms 51ms	Image text/html	120.138.69.212 VINAGAME-AS-VN VN...
General Check archive.org Show headers Download Go to Show image Full URL https://log.adtimaserver.vn/tracklp?type=pageview&pId=7056840457216708608&adtid=null&curl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&uid=&ver=1.1.29&ref=&dur=1&atmrk=0.7538492574177247 Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 120.138.69.212 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN), Reverse DNS ptr.vng.vn Software za-ngx-srv / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Wed, 12 Jun 2024 09:14:24 GMT access-control-allow-credentials true server za-ngx-srv content-length 8 content-type text/html;charset=utf-8
GET H3	200	/ www.google.com/pagead/1p-user-list/11157949488/	42 B 64 B	65ms 13ms	Image image/gif	74.125.130.105 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11157949488/?random=1718183664200&cv=11&fst=1718182800000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v9127055094z89118590435za201zb9118590435&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&hn=www.googleadservices.com&frm=0&tiba=Cao%20Vi%E1%BB%87t%20Ho%C3%A0ng%20Ch%C3%ADnh%20H%C3%A3ng%20%7C%20TS.%20BS%20CKII%20Ph%E1%BA%A1m%20Vi%E1%BB%87t%20Ho%C3%A0ng%20%7C%20Tr%E1%BB%8B%20B%E1%BB%87nh%20D%E1%BA%A1%20D%C3%A0y&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLjsj-ZYWTXAA7m1eVOr8lycKOkT2nEw&random=185972026&rmt_tld=0&ipr=y Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.130.105 , United States, ASN15169 (GOOGLE, US), Reverse DNS sb-in-f105.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 12 Jun 2024 09:14:24 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.co.id/pagead/1p-user-list/11157949488/	42 B 64 B	49ms 9ms	Image image/gif	74.125.130.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.id/pagead/1p-user-list/11157949488/?random=1718183664200&cv=11&fst=1718182800000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v9127055094z89118590435za201zb9118590435&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&hn=www.googleadservices.com&frm=0&tiba=Cao%20Vi%E1%BB%87t%20Ho%C3%A0ng%20Ch%C3%ADnh%20H%C3%A3ng%20%7C%20TS.%20BS%20CKII%20Ph%E1%BA%A1m%20Vi%E1%BB%87t%20Ho%C3%A0ng%20%7C%20Tr%E1%BB%8B%20B%E1%BB%87nh%20D%E1%BA%A1%20D%C3%A0y&npa=0&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLjsj-ZYWTXAA7m1eVOr8lycKOkT2nEw&random=185972026&rmt_tld=1&ipr=y Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.130.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sb-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 12 Jun 2024 09:14:24 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 702 B	288ms 288ms	Ping text/plain	23.52.171.234 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ZTRjZDY4MQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.52.171.234 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-171-234.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 6294b35 date Wed, 12 Jun 2024 09:14:24 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24061209142471917F722023CCA7D22C-48CF4C27996424FF-00 x-cache TCP_MISS from a23-52-171-230.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) server-timing inner; dur=28, cdn-cache; desc=MISS, edge; dur=14, origin; dur=266 content-length 0 pragma no-cache server nginx x-tt-logid 2024061209142471917F722023CCA7D22C access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 266,23.52.171.230 x-tt-trace-host 014cfb988ab6478c2d23d32ce460d56edc89c51cfb9fb29338e741acf5ae5d8ee659b3c31eb8a0426c9065c82f9d373927836b444c4317eab8c1002f091be2e491e72445fc7b760521669814d62e444ca9845cf6fec9300022aa944d454e2eb933 access-control-allow-headers Authorization,* expires Wed, 12 Jun 2024 09:14:24 GMT
GET H3	200	1294546721225852 Show response connect.facebook.net/signals/config/	32 KB 5 KB	268ms 267ms	Script application/x-javascript	157.240.15.13 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1294546721225852?v=2.9.157&r=stable&domain=qc8.duocphamviethoang.click&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C119%2C219%2C154%2C111%2C134%2C127%2C115 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.15.13 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-03-sin6.fbcdn.net Software / Resource Hash f21e5b1122deb87373332f166e11cab475b98201dc82f6b4c3f6c1e243be31fa Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Wed, 12 Jun 2024 09:14:25 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=12, rtx=0, c=23, mss=1232, tbw=4319, tp=9, tpl=0, uplat=242, ullat=0 pragma public x-fb-debug lwIseAx8H3l6ihMzQ6eQud1gCbhlAmZ4xYly1j2lwWcG13y3RjOn2R5ZX4z+up1SHFq4elGxmsSQF03GoBcGeQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 102 B	68ms 8ms	Image text/plain	2a03:2880:f10c:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=6910702498998026&ev=PageView&dl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&rl=&if=false&ts=1718183664905&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718183664902.54676373291475542&ler=empty&cdl=API_unavailable&it=1718183664017&coo=false&rqm=GET Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f10c:181:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=3158, tp=-1, tpl=-1, uplat=2, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Wed, 12 Jun 2024 09:14:24 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET		/ www.facebook.com/login/ Redirect Chain https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=6910702498998026&ev=PageView&dl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&rl=&if=false&ts=1718183664905&sw=1600&sh=1200&v=2.9.... https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D6910702498998026%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fqc8.duocpham...	0 0
GET H2	200	/ www.facebook.com/tr/	0 32 B	67ms 8ms	Image text/plain	2a03:2880:f10c:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=6910702498998026&ev=ViewContent&dl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&rl=&if=false&ts=1718183664907&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4126&fbp=fb.1.1718183664902.54676373291475542&ler=empty&cdl=API_unavailable&it=1718183664017&coo=false&rqm=GET Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f10c:181:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=3158, tp=-1, tpl=-1, uplat=2, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Wed, 12 Jun 2024 09:14:24 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET		/ www.facebook.com/login/ Redirect Chain https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=6910702498998026&ev=ViewContent&dl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&rl=&if=false&ts=1718183664907&sw=1600&sh=1200&v=2... https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D6910702498998026%26ev%3DViewContent%26dl%3Dhttps%253A%252F%252Fqc8.duocp...	0 0
GET H2	200	/ www.facebook.com/tr/	0 273 B	65ms 7ms	Image text/plain	2a03:2880:f10c:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=6910702498998026&ev=ScrollDepth_25_percent&dl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&rl=&if=false&ts=1718183664908&sw=1600&sh=1200&v=2.9.157&r=stable&ec=2&o=4126&fbp=fb.1.1718183664902.54676373291475542&ler=empty&cdl=API_unavailable&it=1718183664017&coo=false&rqm=GET Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f10c:181:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=2872, tp=-1, tpl=-1, uplat=3, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Wed, 12 Jun 2024 09:14:24 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET		/ www.facebook.com/login/ Redirect Chain https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=6910702498998026&ev=ScrollDepth_25_percent&dl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&rl=&if=false&ts=1718183664908&sw=1600&... https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D6910702498998026%26ev%3DScrollDepth_25_percent%26dl%3Dhttps%253A%252F%25...	0 0
GET H3	200	/ www.facebook.com/tr/	0 19 B	5ms 4ms	Image text/plain	157.240.15.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1294546721225852&ev=PageView&dl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&rl=&if=false&ts=1718183665241&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718183664902.54676373291475542&ler=empty&cdl=API_unavailable&cs_est=true&it=1718183664017&coo=false&rqm=GET Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.15.35 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-03-sin6.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4653, tp=12, tpl=0, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Wed, 12 Jun 2024 09:14:25 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 194 B	280ms 278ms	Image image/png	157.240.15.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1294546721225852&ev=PageView&dl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&rl=&if=false&ts=1718183665241&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718183664902.54676373291475542&ler=empty&cdl=API_unavailable&cs_est=true&it=1718183664017&coo=false&rqm=FGET Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.15.35 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-03-sin6.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xb88b64b11f42c226","source_keys":["1","2"]},{"key_piece":"0xaab6c3960a4f08c5","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Wed, 12 Jun 2024 09:14:25 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=24, mss=1232, tbw=9220, tp=25, tpl=0, uplat=274, ullat=0 pragma no-cache x-fb-debug sNNhITI6jsh9Y7zpYUvXKSy7Pn0yMh1ULClLsNioXEfPCOhf9+Uq4zUzZ6XztA06Nc592oaS1hiFb4CdC9dulw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	0 16 B	7ms 6ms	Image text/plain	157.240.15.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=6910702498998026&ev=ViewContent&dl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&rl=&if=false&ts=1718183665242&sw=1600&sh=1200&v=2.9.157&r=stable&ec=3&o=4126&fbp=fb.1.1718183664902.54676373291475542&ler=empty&cdl=API_unavailable&it=1718183664017&coo=false&rqm=GET Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.15.35 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-03-sin6.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=5101, tp=16, tpl=0, uplat=2, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Wed, 12 Jun 2024 09:14:25 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 197 B	287ms 286ms	Image image/png	157.240.15.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=6910702498998026&ev=ViewContent&dl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&rl=&if=false&ts=1718183665242&sw=1600&sh=1200&v=2.9.157&r=stable&ec=3&o=4126&fbp=fb.1.1718183664902.54676373291475542&ler=empty&cdl=API_unavailable&it=1718183664017&coo=false&rqm=FGET Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.15.35 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-03-sin6.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa301df9aa5f10314","source_keys":["1","2"]},{"key_piece":"0x5b9bbf68a03a608b","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Wed, 12 Jun 2024 09:14:25 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=4, rtx=0, c=27, mss=1232, tbw=9716, tp=26, tpl=0, uplat=282, ullat=1 pragma no-cache x-fb-debug kREsVTG7XDJBk3mLnc6pYcqrWMAxrQDhL6kPUw9B+1eX/EgQsS+/Ak1sCOyrALqX2q+ODZEdGSJeKyXEPeDBQg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	0 16 B	8ms 7ms	Image text/plain	157.240.15.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1294546721225852&ev=ViewContent&dl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&rl=&if=false&ts=1718183665243&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4126&fbp=fb.1.1718183664902.54676373291475542&ler=empty&cdl=API_unavailable&it=1718183664017&coo=false&rqm=GET Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.15.35 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-03-sin6.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=5293, tp=18, tpl=0, uplat=1, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Wed, 12 Jun 2024 09:14:25 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 198 B	277ms 276ms	Image image/png	157.240.15.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1294546721225852&ev=ViewContent&dl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&rl=&if=false&ts=1718183665243&sw=1600&sh=1200&v=2.9.157&r=stable&ec=1&o=4126&fbp=fb.1.1718183664902.54676373291475542&ler=empty&cdl=API_unavailable&it=1718183664017&coo=false&rqm=FGET Requested by Host: qc8.duocphamviethoang.click URL: https://qc8.duocphamviethoang.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.15.35 Singapore, Singapore, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-03-sin6.facebook.com Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://qc8.duocphamviethoang.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x12708ded9ee09de5","source_keys":["1","2"]},{"key_piece":"0xa34fff62b7be0e98","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Wed, 12 Jun 2024 09:14:25 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=24, mss=1232, tbw=5556, tp=22, tpl=0, uplat=270, ullat=0 pragma no-cache x-fb-debug WoyrLIP6Z7WRIJvQNuJZ8qaP9TSXBToEEnc1hbubVPhkzcxg3JMF255bF1JXby/gscgqD1VKQGDRjOarTWrRDA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET		log log.adtimaserver.vn/ptrck/	0 0
GET H2	200	z4632491344364_77715aa2adf7e090b085c024b5b3eb11-20231014034731-ov-3a.jpg w.ladicdn.com/6013695ec1b48f0011066a28/ Redirect Chain https://static.ladipage.net/6013695ec1b48f0011066a28/z4632491344364_77715aa2adf7e090b085c024b5b3eb11-20231014034731-ov-3a.jpg https://w.ladicdn.com/6013695ec1b48f0011066a28/z4632491344364_77715aa2adf7e090b085c024b5b3eb11-20231014034731-ov-3a.jpg	63 KB 58 KB	7ms 7ms	Other image/jpeg	2600:9000:223b:8800:11:52e1:b680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/6013695ec1b48f0011066a28/z4632491344364_77715aa2adf7e090b085c024b5b3eb11-20231014034731-ov-3a.jpg Protocol H2 Server 2600:9000:223b:8800:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash d8e5e4ef3487202a98ae7d60d343590d1002dcd7cb30f089c299cd69723c02b6 Request headers Accept-Language en-SG,en;q=0.9;q=0.9 Referer https://qc8.duocphamviethoang.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers date Sat, 03 Feb 2024 08:08:42 GMT content-encoding gzip via 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 11235943 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id CdQFX4euScIV45HSKknGh3ekT8T2qIpgOQ3AaGYPoUGGxia11WOPMw== expires Sun, 02 Feb 2025 08:08:42 GMT Redirect headers location https://w.ladicdn.com:443/6013695ec1b48f0011066a28/z4632491344364_77715aa2adf7e090b085c024b5b3eb11-20231014034731-ov-3a.jpg date Wed, 12 Jun 2024 09:14:25 GMT server awselb/2.0 content-length 134 content-type text/html
GET H2	200	z4632491344364_77715aa2adf7e090b085c024b5b3eb11-20231014034731-ov-3a.jpg w.ladicdn.com/6013695ec1b48f0011066a28/ Redirect Chain https://static.ladipage.net/6013695ec1b48f0011066a28/z4632491344364_77715aa2adf7e090b085c024b5b3eb11-20231014034731-ov-3a.jpg https://w.ladicdn.com/6013695ec1b48f0011066a28/z4632491344364_77715aa2adf7e090b085c024b5b3eb11-20231014034731-ov-3a.jpg	63 KB 0	0ms 0ms	Other image/jpeg	2600:9000:223b:8800:11:52e1:b680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/6013695ec1b48f0011066a28/z4632491344364_77715aa2adf7e090b085c024b5b3eb11-20231014034731-ov-3a.jpg Protocol H2 Server 2600:9000:223b:8800:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash d8e5e4ef3487202a98ae7d60d343590d1002dcd7cb30f089c299cd69723c02b6 Request headers Accept-Language en-SG,en;q=0.9;q=0.9 Referer https://qc8.duocphamviethoang.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers date Sat, 03 Feb 2024 08:08:42 GMT content-encoding gzip via 1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 11235943 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id CdQFX4euScIV45HSKknGh3ekT8T2qIpgOQ3AaGYPoUGGxia11WOPMw== expires Sun, 02 Feb 2025 08:08:42 GMT Redirect headers location https://w.ladicdn.com:443/6013695ec1b48f0011066a28/z4632491344364_77715aa2adf7e090b085c024b5b3eb11-20231014034731-ov-3a.jpg date Wed, 12 Jun 2024 09:14:25 GMT server awselb/2.0 content-length 134 content-type text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.facebook.com

URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D6910702498998026%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fqc8.duocphamviethoang.click%252F%26rl%26if%3Dfalse%26ts%3D1718183664905%26sw%3D1600%26sh%3D1200%26v%3D2.9.157%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1718183664902.54676373291475542%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1718183664017%26coo%3Dfalse%26rqm%3DFGET

Domain

www.facebook.com

URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D6910702498998026%26ev%3DViewContent%26dl%3Dhttps%253A%252F%252Fqc8.duocphamviethoang.click%252F%26rl%26if%3Dfalse%26ts%3D1718183664907%26sw%3D1600%26sh%3D1200%26v%3D2.9.157%26r%3Dstable%26ec%3D1%26o%3D4126%26fbp%3Dfb.1.1718183664902.54676373291475542%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1718183664017%26coo%3Dfalse%26rqm%3DFGET

Domain

www.facebook.com

URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D6910702498998026%26ev%3DScrollDepth_25_percent%26dl%3Dhttps%253A%252F%252Fqc8.duocphamviethoang.click%252F%26rl%26if%3Dfalse%26ts%3D1718183664908%26sw%3D1600%26sh%3D1200%26v%3D2.9.157%26r%3Dstable%26ec%3D2%26o%3D4126%26fbp%3Dfb.1.1718183664902.54676373291475542%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1718183664017%26coo%3Dfalse%26rqm%3DFGET

Domain

log.adtimaserver.vn

URL

https://log.adtimaserver.vn/ptrck/log?pId=7056840457216708608&eId=1393893465614933723&et=3&url=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&value=&adtid=null&curl=https%3A%2F%2Fqc8.duocphamviethoang.click%2F&uid=&ver=1.1.29&ref=&estd=ViewContent&atmrk=0.8571730267478217