urlscan.io logo urlscan.io
SecurityTrails logo

ctycungunglaodong.business.site Open in urlscan Pro
2a00:1450:4001:829::200e  Public Scan

Go To Rescan Add Verdict Report
URL: https://ctycungunglaodong.business.site/posts/8238432009502505822?hl=vi
Submission: On December 05 via manual — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 21 HTTP transactions. The main IP is 2a00:1450:4001:829::200e, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is ctycungunglaodong.business.site.
TLS certificate: Issued by GTS CA 1C3 on November 1st 2021. Valid for: 3 months.
This is the only time ctycungunglaodong.business.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ctycungunglaodong.business.site
5    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
2    2a00:1450:4001:17::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r2---sn-4g5ednde.googlevideo.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
Domain Requested by
6 fonts.gstatic.com ctycungunglaodong.business.site
fonts.googleapis.com
5 www.gstatic.com ctycungunglaodong.business.site
www.gstatic.com
4 ctycungunglaodong.business.site ctycungunglaodong.business.site
www.gstatic.com
2 www.google-analytics.com www.gstatic.com
www.google-analytics.com
2 r2---sn-4g5ednde.googlevideo.com 1 redirects ctycungunglaodong.business.site
1 play.google.com www.gstatic.com
1 stats.g.doubleclick.net www.google-analytics.com
1 lh3.googleusercontent.com 1 redirects
1 fonts.googleapis.com ctycungunglaodong.business.site
21 9

This site contains links to these domains. Also see Links.

Domain
vlam.vn
www.google.com
support.google.com
Subject Issuer Validity Valid
*.business.site
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ctycungunglaodong.business.site/posts/8238432009502505822?hl=vi
Frame ID: 1AF49ACAAB1F6CD12957C11FF32B2DC3
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cung ứng lao động Đồng Nai, TpHCM, Bình Dương

Page Statistics

21
Requests

95 %
HTTPS

100 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

479 kB
Transfer

6441 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://lh3.googleusercontent.com/p/AF1QipMGaGBr5VndXFapJLlFtGfYRaH1iA9ODjcPU-mT=mm,37,22,18 HTTP 302
  • https://r2---sn-4g5ednde.googlevideo.com/videoplayback?expire=1638720504&ei=2MesYe7KEZmrx_AP_IW4sAk&ip=2a01:4f8:a1:1a1:89::1&id=a963ae40c357492e&itag=37&source=picasa&begin=0&requiressl=yes&mh=FD&mm=32&mn=sn-4g5ednde&ms=su&mv=u&mvi=2&pl=48&sc=yes&susc=ph&app=fife&ic=0&eaua=naoDKE2g2nI&mime=video/mp4&vprv=1&prv=1&cnr=14&dur=53.313&lmt=1638682693954625&mt=1638712658&sparams=expire,ei,ip,id,itag,source,requiressl,susc,app,ic,eaua,mime,vprv,prv,cnr,dur,lmt&sig=AOq0QJ8wRgIhALubzqneEMHNjCaET96xqgLOzCCbPW0kM06hKXPmxsZ8AiEAgetkQ9oj3GZdoKn_ewEnfdLuMC_5CBumplAbBYDu2jU=&lsparams=mh,mm,mn,ms,mv,mvi,pl,sc&lsig=AG3C_xAwRAIgLIevn1hd4AgfGHL2-m2tdVZNf2FfuzbZ-n2X9MKAoV8CIFGVeQx65QBx03jZ9czRWrNOZIFsqWYKyypxYk0XBgW8 HTTP 302
  • https://r2---sn-4g5ednde.googlevideo.com/videoplayback?expire=1638720504&ei=2MesYe7KEZmrx_AP_IW4sAk&ip=2a01:4f8:a1:1a1:89::1&id=a963ae40c357492e&itag=37&source=picasa&begin=0&requiressl=yes&sc=yes&susc=ph&app=fife&ic=0&eaua=naoDKE2g2nI&mime=video/mp4&vprv=1&prv=1&cnr=14&dur=53.313&lmt=1638682693954625&sparams=expire,ei,ip,id,itag,source,requiressl,susc,app,ic,eaua,mime,vprv,prv,cnr,dur,lmt&sig=AOq0QJ8wRgIhALubzqneEMHNjCaET96xqgLOzCCbPW0kM06hKXPmxsZ8AiEAgetkQ9oj3GZdoKn_ewEnfdLuMC_5CBumplAbBYDu2jU=&redirect_counter=1&cm2rm=sn-4g5erl7l&req_id=aef60fc5666536e2&cms_redirect=yes&mh=FD&mm=34&mn=sn-4g5ednde&ms=ltu&mt=1638712768&mv=u&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl,sc&lsig=AG3C_xAwRQIgRBBvVfJFx5pOkYgwTowr17t7xpIATPBlM6vCr_ehWE4CIQDIZzXI5-o4cBECWWg2ZiZmk9k4_UqpMBjnld6x-myi-g%3D%3D

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 8238432009502505822
ctycungunglaodong.business.site/posts/ 		143 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ctycungunglaodong.business.site/posts/8238432009502505822?hl=vi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2236716c7aa644e995ed777c853f03cd203426b14814693ab3cafd86beb3513
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QZhwVfj6Gt7eq1/E6W8OyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'nonce-QZhwVfj6Gt7eq1/E6W8OyQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.google-analytics.com/analytics.js https://www.googleadservices.com https://googleads.g.doubleclick.net http://www.gstatic.com/wcm/;report-uri /_/GeoMerchantPrestoSiteUi/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 05 Dec 2021 14:08:23 GMT
content-security-policy
script-src 'report-sample' 'nonce-QZhwVfj6Gt7eq1/E6W8OyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'nonce-QZhwVfj6Gt7eq1/E6W8OyQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.google-analytics.com/analytics.js https://www.googleadservices.com https://googleads.g.doubleclick.net http://www.gstatic.com/wcm/;report-uri /_/GeoMerchantPrestoSiteUi/cspreport
cross-origin-resource-policy
same-site
cross-origin-opener-policy
unsafe-none
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cspreport
ctycungunglaodong.business.site/_/GeoMerchantPrestoSiteUi/ 		0
517 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ctycungunglaodong.business.site/_/GeoMerchantPrestoSiteUi/cspreport
Requested by
Host: ctycungunglaodong.business.site
URL: https://ctycungunglaodong.business.site/posts/8238432009502505822?hl=vi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HCrBGfKsEmeUoBIEHXjCYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self', script-src 'nonce-HCrBGfKsEmeUoBIEHXjCYA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.google-analytics.com/analytics.js https://www.googleadservices.com https://googleads.g.doubleclick.net http://www.gstatic.com/wcm/;report-uri /_/GeoMerchantPrestoSiteUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ctycungunglaodong.business.site/posts/8238432009502505822?hl=vi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sun, 05 Dec 2021 14:08:24 GMT
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-HCrBGfKsEmeUoBIEHXjCYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self', script-src 'nonce-HCrBGfKsEmeUoBIEHXjCYA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.google-analytics.com/analytics.js https://www.googleadservices.com https://googleads.g.doubleclick.net http://www.gstatic.com/wcm/;report-uri /_/GeoMerchantPrestoSiteUi/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cspreport
ctycungunglaodong.business.site/_/GeoMerchantPrestoSiteUi/ 		0
462 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ctycungunglaodong.business.site/_/GeoMerchantPrestoSiteUi/cspreport
Requested by
Host: ctycungunglaodong.business.site
URL: https://ctycungunglaodong.business.site/posts/8238432009502505822?hl=vi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9rl9wOWuyqfrE8Sh5NiMPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self', script-src 'nonce-9rl9wOWuyqfrE8Sh5NiMPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.google-analytics.com/analytics.js https://www.googleadservices.com https://googleads.g.doubleclick.net http://www.gstatic.com/wcm/;report-uri /_/GeoMerchantPrestoSiteUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ctycungunglaodong.business.site/posts/8238432009502505822?hl=vi
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sun, 05 Dec 2021 14:08:24 GMT
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-9rl9wOWuyqfrE8Sh5NiMPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self', script-src 'nonce-9rl9wOWuyqfrE8Sh5NiMPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.google-analytics.com/analytics.js https://www.googleadservices.com https://googleads.g.doubleclick.net http://www.gstatic.com/wcm/;report-uri /_/GeoMerchantPrestoSiteUi/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/am=DgIBAAEAAg/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/esmo=1/rs=AD4das0FxJRTxrhQ-8R_Z5mTl0mEtFpabg/ 		173 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/am=DgIBAAEAAg/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/esmo=1/rs=AD4das0FxJRTxrhQ-8R_Z5mTl0mEtFpabg/m=_b,_tp
Requested by
Host: ctycungunglaodong.business.site
URL: https://ctycungunglaodong.business.site/posts/8238432009502505822?hl=vi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ccef126179c5ac62c657d04886722895add6b72ff3ac3a999daac41df4e4d88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ctycungunglaodong.business.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 14:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62232
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 22:09:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/geo-boq-js-css-signers"
expires
Mon, 05 Dec 2022 14:08:24 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Baskerville:700|Open+Sans:400
Requested by
Host: ctycungunglaodong.business.site
URL: https://ctycungunglaodong.business.site/posts/8238432009502505822?hl=vi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c47a2613cd1ad301ae032efbd63658e3988ae43244a352b125ff553f99aa5970
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ctycungunglaodong.business.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 14:02:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 05 Dec 2021 14:08:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Dec 2021 14:08:24 GMT
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v109/ 		142 KB
142 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialiconsextended/v109/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
Requested by
Host: ctycungunglaodong.business.site
URL: https://ctycungunglaodong.business.site/posts/8238432009502505822?hl=vi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
885e2be527e74dd8cbc26f3832b6b96618a7cd25ff7560d26fb8607bfec95dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ctycungunglaodong.business.site/
Origin
https://ctycungunglaodong.business.site
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 15:49:25 GMT
x-content-type-options
nosniff
age
339539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145308
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:06:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 01 Dec 2022 15:49:25 GMT
kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
fonts.gstatic.com/s/librebaskerville/v9/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v9/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville:700|Open+Sans:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ca57650e9d1881e382bd324039937317b18e44fd5fadab6d09018d426a2622a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ctycungunglaodong.business.site
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 06:30:29 GMT
x-content-type-options
nosniff
age
200275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27932
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:29 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 03 Dec 2022 06:30:29 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville:700|Open+Sans:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ctycungunglaodong.business.site
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 06:37:09 GMT
x-content-type-options
nosniff
age
199875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16692
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:32:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 03 Dec 2022 06:37:09 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
fonts.gstatic.com/s/opensans/v27/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville:700|Open+Sans:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41eca038a89407c0b40c67b7140642ab8994df016e11179016278bd7ad76564c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ctycungunglaodong.business.site
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 06:30:25 GMT
x-content-type-options
nosniff
age
200279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12956
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:41 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 03 Dec 2022 06:30:25 GMT
kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY5KcCsww.woff2
fonts.gstatic.com/s/librebaskerville/v9/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librebaskerville/v9/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY5KcCsww.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville:700|Open+Sans:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6091cb2703ba8f60c59a9afb06a4986c4bf29ece1bf186e0ec494eceb75e5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ctycungunglaodong.business.site
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 15:47:18 GMT
x-content-type-options
nosniff
age
339666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19960
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:32 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 01 Dec 2022 15:47:18 GMT
videoplayback
r2---sn-4g5ednde.googlevideo.com/
Redirect Chain
  • https://lh3.googleusercontent.com/p/AF1QipMGaGBr5VndXFapJLlFtGfYRaH1iA9ODjcPU-mT=mm,37,22,18
  • https://r2---sn-4g5ednde.googlevideo.com/videoplayback?expire=1638720504&ei=2MesYe7KEZmrx_AP_IW4sAk&ip=2a01:4f8:a1:1a1:89::1&id=a963ae40c357492e&itag=37&source=picasa&begin=0&requiressl=yes&mh=FD&m...
  • https://r2---sn-4g5ednde.googlevideo.com/videoplayback?expire=1638720504&ei=2MesYe7KEZmrx_AP_IW4sAk&ip=2a01:4f8:a1:1a1:89::1&id=a963ae40c357492e&itag=37&source=picasa&begin=0&requiressl=yes&sc=yes&...
5 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5ednde.googlevideo.com/videoplayback?expire=1638720504&ei=2MesYe7KEZmrx_AP_IW4sAk&ip=2a01:4f8:a1:1a1:89::1&id=a963ae40c357492e&itag=37&source=picasa&begin=0&requiressl=yes&sc=yes&susc=ph&app=fife&ic=0&eaua=naoDKE2g2nI&mime=video/mp4&vprv=1&prv=1&cnr=14&dur=53.313&lmt=1638682693954625&sparams=expire,ei,ip,id,itag,source,requiressl,susc,app,ic,eaua,mime,vprv,prv,cnr,dur,lmt&sig=AOq0QJ8wRgIhALubzqneEMHNjCaET96xqgLOzCCbPW0kM06hKXPmxsZ8AiEAgetkQ9oj3GZdoKn_ewEnfdLuMC_5CBumplAbBYDu2jU=&redirect_counter=1&cm2rm=sn-4g5erl7l&req_id=aef60fc5666536e2&cms_redirect=yes&mh=FD&mm=34&mn=sn-4g5ednde&ms=ltu&mt=1638712768&mv=u&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl,sc&lsig=AG3C_xAwRQIgRBBvVfJFx5pOkYgwTowr17t7xpIATPBlM6vCr_ehWE4CIQDIZzXI5-o4cBECWWg2ZiZmk9k4_UqpMBjnld6x-myi-g%3D%3D
Requested by
Host: ctycungunglaodong.business.site
URL: https://ctycungunglaodong.business.site/posts/8238432009502505822?hl=vi
Protocol
HTTP/1.1
Server
2a00:1450:4001:17::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ctycungunglaodong.business.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 05 Dec 2021 14:08:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 05 Dec 2021 05:38:13 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-16149939/16149940
Cache-Control
private, max-age=6900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
16149940
Expires
Sun, 05 Dec 2021 14:08:24 GMT

Redirect headers

Date
Sun, 05 Dec 2021 14:08:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://r2---sn-4g5ednde.googlevideo.com/videoplayback?expire=1638720504&ei=2MesYe7KEZmrx_AP_IW4sAk&ip=2a01:4f8:a1:1a1:89::1&id=a963ae40c357492e&itag=37&source=picasa&begin=0&requiressl=yes&sc=yes&susc=ph&app=fife&ic=0&eaua=naoDKE2g2nI&mime=video/mp4&vprv=1&prv=1&cnr=14&dur=53.313&lmt=1638682693954625&sparams=expire,ei,ip,id,itag,source,requiressl,susc,app,ic,eaua,mime,vprv,prv,cnr,dur,lmt&sig=AOq0QJ8wRgIhALubzqneEMHNjCaET96xqgLOzCCbPW0kM06hKXPmxsZ8AiEAgetkQ9oj3GZdoKn_ewEnfdLuMC_5CBumplAbBYDu2jU=&redirect_counter=1&cm2rm=sn-4g5erl7l&req_id=aef60fc5666536e2&cms_redirect=yes&mh=FD&mm=34&mn=sn-4g5ednde&ms=ltu&mt=1638712768&mv=u&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl,sc&lsig=AG3C_xAwRQIgRBBvVfJFx5pOkYgwTowr17t7xpIATPBlM6vCr_ehWE4CIQDIZzXI5-o4cBECWWg2ZiZmk9k4_UqpMBjnld6x-myi-g%3D%3D
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Sun, 05 Dec 2021 14:08:24 GMT
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aiszkMrxMhE.L.B1.O/am=DgIBAAEAAg/d=1/exm=_b,_tp/excm=_b,_tp,localpostvie... 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aiszkMrxMhE.L.B1.O/am=DgIBAAEAAg/d=1/exm=_b,_tp/excm=_b,_tp,localpostview/esmo=1/ed=1/wt=2/rs=AD4das0YREsftGajzm-8N8-ryXl-RAEa_Q/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;nAFL3:NTMZac;oGtAuc:sOXFj;NSEoX:lazG7b;yEQyxe:p8L0ob;iFQyKf:vfuNJf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/am=DgIBAAEAAg/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/esmo=1/rs=AD4das0FxJRTxrhQ-8R_Z5mTl0mEtFpabg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eeae6e14d695aeaf7e8e93cca9f0bcd2435a7608ada093e6c1ead50c05ab397
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ctycungunglaodong.business.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 14:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13680
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 01:28:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/geo-boq-js-css-signers"
expires
Mon, 05 Dec 2022 14:08:24 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2
fonts.gstatic.com/s/opensans/v27/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville:700|Open+Sans:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e7e497b5072fd3b9282efb51fc006abf812732e576f7ee8643829f02ff5077f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ctycungunglaodong.business.site
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 23:27:04 GMT
x-content-type-options
nosniff
age
398480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7196
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:45 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 23:27:04 GMT
m=n73qwf,ws9Tlc,IZT63,e5qFLc,GkRiKb,vfuNJf,UUJqVe,O1Gjze,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,p8L0ob,O6y8ed,PrPYRd,MpJwZc,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,lfpdyf,hc6...
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aiszkMrxMhE.L.B1.O/am=DgIBAAEAAg/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/exc... 		229 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aiszkMrxMhE.L.B1.O/am=DgIBAAEAAg/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,localpostview/esmo=1/ed=1/wt=2/rs=AD4das0YREsftGajzm-8N8-ryXl-RAEa_Q/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;nAFL3:NTMZac;oGtAuc:sOXFj;NSEoX:lazG7b;yEQyxe:p8L0ob;iFQyKf:vfuNJf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=n73qwf,ws9Tlc,IZT63,e5qFLc,GkRiKb,vfuNJf,UUJqVe,O1Gjze,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,p8L0ob,O6y8ed,PrPYRd,MpJwZc,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,lfpdyf,hc6Ubd,lwddkf,gychg,w9hDv,RMhBfe,Ru0Pgb,SdcwHb,aW3pY,PQaYAf,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,vVO7Se,MdUzUe,xQtZb,lPKSwe,JNoxi,MI6k7c,kjKdXe,ZEa7Hd,yDVVkb,hKSk3e,zbML3c,Uas9Hd,BVgquf,KG2eXe,VwDzFe,A7fCU,pjICDe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/am=DgIBAAEAAg/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/esmo=1/rs=AD4das0FxJRTxrhQ-8R_Z5mTl0mEtFpabg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d23d251121a1965297171634be6f9409a9eb38d91f317879b75e7381b0e65a93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ctycungunglaodong.business.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 14:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81640
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 01:28:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/geo-boq-js-css-signers"
expires
Mon, 05 Dec 2022 14:08:24 GMT
m=A4UTCb,JbzNG,fgj8Rb,EGNJFf,idXveb,iSvg6e,uY3Nvd,OVw3Zb
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aiszkMrxMhE.L.B1.O/am=DgIBAAEAAg/d=1/exm=A7fCU,BVgquf,COQbmf,EFQ78c,GkRi... 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aiszkMrxMhE.L.B1.O/am=DgIBAAEAAg/d=1/exm=A7fCU,BVgquf,COQbmf,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,MpJwZc,NwH0H,O1Gjze,O6y8ed,OmgaI,PQaYAf,PrPYRd,RMhBfe,Ru0Pgb,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,ZEa7Hd,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,blwjVc,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,kjKdXe,lPKSwe,lazG7b,lfpdyf,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,p8L0ob,pjICDe,vVO7Se,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c/excm=_b,_tp,localpostview/esmo=1/ed=1/wt=2/rs=AD4das0YREsftGajzm-8N8-ryXl-RAEa_Q/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;nAFL3:NTMZac;oGtAuc:sOXFj;NSEoX:lazG7b;yEQyxe:p8L0ob;iFQyKf:vfuNJf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=A4UTCb,JbzNG,fgj8Rb,EGNJFf,idXveb,iSvg6e,uY3Nvd,OVw3Zb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/am=DgIBAAEAAg/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/esmo=1/rs=AD4das0FxJRTxrhQ-8R_Z5mTl0mEtFpabg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46428d7122989c2de893d7182fd0b457ff8ef257346a84c50335f8173b5e0ea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ctycungunglaodong.business.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 14:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30742
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 01:28:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/geo-boq-js-css-signers"
expires
Mon, 05 Dec 2022 14:08:24 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aiszkMrxMhE.L.B1.O/am=DgIBAAEAAg/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,localpostview/esmo=1/ed=1/wt=2/rs=AD4das0YREsftGajzm-8N8-ryXl-RAEa_Q/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;nAFL3:NTMZac;oGtAuc:sOXFj;NSEoX:lazG7b;yEQyxe:p8L0ob;iFQyKf:vfuNJf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=n73qwf,ws9Tlc,IZT63,e5qFLc,GkRiKb,vfuNJf,UUJqVe,O1Gjze,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,p8L0ob,O6y8ed,PrPYRd,MpJwZc,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,lfpdyf,hc6Ubd,lwddkf,gychg,w9hDv,RMhBfe,Ru0Pgb,SdcwHb,aW3pY,PQaYAf,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,vVO7Se,MdUzUe,xQtZb,lPKSwe,JNoxi,MI6k7c,kjKdXe,ZEa7Hd,yDVVkb,hKSk3e,zbML3c,Uas9Hd,BVgquf,KG2eXe,VwDzFe,A7fCU,pjICDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ctycungunglaodong.business.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4037
date
Sun, 05 Dec 2021 13:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 05 Dec 2021 15:01:07 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1848840549&t=event&_s=1&dl=https%3A%2F%2Fctycungunglaodong.business.site%2Fposts%2F8238432009502505822&dr=&ul=en-us&de=UTF-8&dt=Cung%20%E1%BB%A9ng%20lao%20%C4%91%E1%BB%99ng%20%C4%90%E1%BB%93ng%20Nai%2C%20TpHCM%2C%20B%C3%ACnh%20D%C6%B0%C6%A1ng&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Posts%20Leaf&ea=Impression&_u=YEBAAAABAAAAAC~&jid=903933864&gjid=508176523&cid=1558711334.1638713304&tid=UA-77246179-1&_gid=876467.1638713304&_r=1&_slc=1&z=1951771397
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ctycungunglaodong.business.site/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Dec 2021 14:08:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ctycungunglaodong.business.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-77246179-1&cid=1558711334.1638713304&jid=903933864&gjid=508176523&_gid=876467.1638713304&_u=YEBAAAAAAAAAAC~&z=2025386149
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ctycungunglaodong.business.site/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 05 Dec 2021 14:08:24 GMT
content-type
text/plain
access-control-allow-origin
https://ctycungunglaodong.business.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aiszkMrxMhE.L.B1.O/am=DgIBAAEAAg/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EFQ7... 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aiszkMrxMhE.L.B1.O/am=DgIBAAEAAg/d=1/exm=A4UTCb,A7fCU,BVgquf,COQbmf,EFQ78c,EGNJFf,GkRiKb,IZT63,JNoxi,JbzNG,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,MpJwZc,NwH0H,O1Gjze,O6y8ed,OVw3Zb,OmgaI,PQaYAf,PrPYRd,RMhBfe,Ru0Pgb,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,ZEa7Hd,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,blwjVc,byfTOb,e5qFLc,fKUV3e,fgj8Rb,gychg,hKSk3e,hc6Ubd,iSvg6e,idXveb,kjKdXe,lPKSwe,lazG7b,lfpdyf,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,p8L0ob,pjICDe,uY3Nvd,vVO7Se,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c/excm=_b,_tp,localpostview/esmo=1/ed=1/wt=2/rs=AD4das0YREsftGajzm-8N8-ryXl-RAEa_Q/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;nAFL3:NTMZac;oGtAuc:sOXFj;NSEoX:lazG7b;yEQyxe:p8L0ob;iFQyKf:vfuNJf;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:O1Gjze;dIoSBb:SpsfSb;NPKaK:SdcwHb;LBgRLc:SdcwHb;zxnPse:GkRiKb;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;pXdRYb:MdUzUe;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/am=DgIBAAEAAg/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/esmo=1/rs=AD4das0FxJRTxrhQ-8R_Z5mTl0mEtFpabg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
761f0603b4b7c01d9e3e8bdf394197f8cade3307564f7b3fcc211da41dfc1a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ctycungunglaodong.business.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 14:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2911
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 01:28:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/geo-boq-js-css-signers"
expires
Mon, 05 Dec 2022 14:08:25 GMT
truncated
/ 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
log
play.google.com/ 		131 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/am=DgIBAAEAAg/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/esmo=1/rs=AD4das0FxJRTxrhQ-8R_Z5mTl0mEtFpabg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ctycungunglaodong.business.site/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 05 Dec 2021 14:08:26 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://ctycungunglaodong.business.site
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sun, 05 Dec 2021 14:08:26 GMT
browserinfo
ctycungunglaodong.business.site/_/GeoMerchantPrestoSiteUi/ 		89 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ctycungunglaodong.business.site/_/GeoMerchantPrestoSiteUi/browserinfo?f.sid=-5520382320571017983&bl=boq_geomerchantprestoserver_20211201.10_p0&hl=vi&soc-app=698&soc-platform=1&soc-device=1&_reqid=50908&rt=j
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.dUyZEodQ66g.es5.O/am=DgIBAAEAAg/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/esmo=1/rs=AD4das0FxJRTxrhQ-8R_Z5mTl0mEtFpabg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
132d68a0b8f12b8d45560625a9eca44498ea73846cfeb131529b8c67d08ee14d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://ctycungunglaodong.business.site/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Dec 2021 14:08:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| WIZ_global_data number| cc_latency_start_time function| onaft function| _isLazyImage string| cc_aid number| iml_start number| css_size object| cc_latency function| ccTick function| onJsLoad function| onCssLoad function| _isVisible function| _recordImlEl number| prt function| wiz_tick string| _F_cssRowKey string| _F_combinedSignature function| _DumpException object| BOQ_wizbind object| AF_initDataKeys object| AF_dataServiceRequests object| AF_initDataChunkQueue function| AF_initDataCallback undefined| AF_initDataInitializeCallback object| aft_counter function| initAft object| IJ_values object| _wjdd object| default_GeoMerchantPrestoSiteUi boolean| BOQ_loadedInitialJS function| _F_installCss function| _B_err object| closure_lm_756132 function| wiz_progress function| _F_getIjData object| _mxNDff string| GoogleAnalyticsObject function| ga number| closure_uid_691858306 boolean| ly11Pc object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.ctycungunglaodong.business.site/ Name: _ga
Value: GA1.3.1558711334.1638713304
.ctycungunglaodong.business.site/ Name: _gid
Value: GA1.3.876467.1638713304
.ctycungunglaodong.business.site/ Name: _gat_UA772461791
Value: 1
ctycungunglaodong.business.site/ Name: OTZ
Value: 6273488_56_56__56_

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'report-sample' 'nonce-QZhwVfj6Gt7eq1/E6W8OyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'nonce-QZhwVfj6Gt7eq1/E6W8OyQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.google-analytics.com/analytics.js https://www.googleadservices.com https://googleads.g.doubleclick.net http://www.gstatic.com/wcm/;report-uri /_/GeoMerchantPrestoSiteUi/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ctycungunglaodong.business.site
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
play.google.com
r2---sn-4g5ednde.googlevideo.com
stats.g.doubleclick.net
www.google-analytics.com
www.gstatic.com
2a00:1450:4001:17::7
2a00:1450:4001:801::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2001
2a00:1450:400c:c00::9c
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
132d68a0b8f12b8d45560625a9eca44498ea73846cfeb131529b8c67d08ee14d
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2ca57650e9d1881e382bd324039937317b18e44fd5fadab6d09018d426a2622a
2e7e497b5072fd3b9282efb51fc006abf812732e576f7ee8643829f02ff5077f
41eca038a89407c0b40c67b7140642ab8994df016e11179016278bd7ad76564c
46428d7122989c2de893d7182fd0b457ff8ef257346a84c50335f8173b5e0ea7
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
761f0603b4b7c01d9e3e8bdf394197f8cade3307564f7b3fcc211da41dfc1a5d
885e2be527e74dd8cbc26f3832b6b96618a7cd25ff7560d26fb8607bfec95dc7
8eeae6e14d695aeaf7e8e93cca9f0bcd2435a7608ada093e6c1ead50c05ab397
9ccef126179c5ac62c657d04886722895add6b72ff3ac3a999daac41df4e4d88
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c2236716c7aa644e995ed777c853f03cd203426b14814693ab3cafd86beb3513
c47a2613cd1ad301ae032efbd63658e3988ae43244a352b125ff553f99aa5970
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
d23d251121a1965297171634be6f9409a9eb38d91f317879b75e7381b0e65a93
d6091cb2703ba8f60c59a9afb06a4986c4bf29ece1bf186e0ec494eceb75e5fe
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366