dangnhapfun88-3.com Open in urlscan Pro
188.114.96.3  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/17223476229/?random=1291879585&cv=11&fst=1768242872674&bg=ffffff&guid=ON&async=1&en=conversion&gtm=45be6180v9239506606z8862212920za20gzb862212920zd862212920xea&gcd=13l3l3l3l1l1&dma=0&tag_exp=103116026~103200004~104527906~104528501~104684208~104684211~105391252~115616986~115938465~115938469~116514482~116682876&u_w=1600&u_h=1200&url=https%3A%2F%2Fdangnhapfun88-3.com%2F&label=eXWVCKmohKIbEIXI5ZRA&capi=1&frm=0&tiba=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&value=0&hn=www.googleadservices.com&npa=0&pscdl=noapi&auid=1850796051.1768242872&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&_tu=CA&gcl_ctr=1~0&em=tv.1&fmt=3&ct_cookie_present=false&crd=CPLOsQIItN6xAgihuLECCLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgi0xrECCPvYsQII29yxAgjZ17ECCIfbsQII08WxAgjrzLECCO3OsQII1c-xAgju0LECCJfUsQIIyduxAgjF3LECSjBub3QtZXZlbnQtc291cmNlLCBub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIDCgED&cerd=CgEA&eitems=ChAIgNSSywYQhcKKobaSvehnEh0AGLMYykoMfZIYX7xlw_gnmzDG2m2wqaME8SqUmA&fsk=ChEIgNSSywYQjPz14Ka0vtm_ARIsACaNjXcs3m8f9ddr1BzyDjJO94c-XZb7CVCce9RWhhk7CMd-M4dAY8qx33caAoSE&pscrd=IhMI3Z_DgtKGkgMVa1n2CB21EhqTMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhxodHRwczovL2RhbmduaGFwZnVuODgtMy5jb20vQlZDaEFJZ05TU3l3WVF1dTY3emVuVXdadGNFaXdBR3FCLWJuS25NbXAzMWFGQXFtdnZELUZMMDMtUFZjeFdVVW5KUFpiWndvMDNDRzdXNVk5TzRyVkhsUXoMCAliCAgAEAAYACAA HTTP 302
• https://www.google.com/pagead/1p-conversion/17223476229/?random=1291879585&cv=11&fst=1768242872674&bg=ffffff&guid=ON&async=1&en=conversion&gtm=45be6180v9239506606z8862212920za20gzb862212920zd862212920xea&gcd=13l3l3l3l1l1&dma=0&tag_exp=103116026~103200004~104527906~104528501~104684208~104684211~105391252~115616986~115938465~115938469~116514482~116682876&u_w=1600&u_h=1200&url=https%3A%2F%2Fdangnhapfun88-3.com%2F&label=eXWVCKmohKIbEIXI5ZRA&capi=1&frm=0&tiba=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&value=0&hn=www.googleadservices.com&npa=0&pscdl=noapi&auid=1850796051.1768242872&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&_tu=CA&gcl_ctr=1~0&em=tv.1&fmt=3&ct_cookie_present=false&crd=CPLOsQIItN6xAgihuLECCLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgi0xrECCPvYsQII29yxAgjZ17ECCIfbsQII08WxAgjrzLECCO3OsQII1c-xAgju0LECCJfUsQIIyduxAgjF3LECSjBub3QtZXZlbnQtc291cmNlLCBub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIDCgED&cerd=CgEA&fsk=ChEIgNSSywYQjPz14Ka0vtm_ARIsACaNjXcs3m8f9ddr1BzyDjJO94c-XZb7CVCce9RWhhk7CMd-M4dAY8qx33caAoSE&pscrd=IhMI3Z_DgtKGkgMVa1n2CB21EhqTMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhxodHRwczovL2RhbmduaGFwZnVuODgtMy5jb20vQlZDaEFJZ05TU3l3WVF1dTY3emVuVXdadGNFaXdBR3FCLWJuS25NbXAzMWFGQXFtdnZELUZMMDMtUFZjeFdVVW5KUFpiWndvMDNDRzdXNVk5TzRyVkhsUXoMCAliCAgAEAAYACAA&is_vtc=1&cid=CAQSfwDCSxrRIJ_kQLSX3wTukS34-JomBloJDVchZXHmK7v55qXi5Jjy5ANuv98G59pKpyYEKV13tPm9l8y3JWzKIPkr1G9AUFYJ_vDsckZWaU3LgsDdtXO8IZFy1lC40NImP0niUQa8ndF7W8swhjRcvfNecPhIw5QUsanxgsTKlPg&eitems=ChAIgNSSywYQhcKKobaSvehnEh0AGLMYytCyaeerjEArl3av617iQFUD9jTrRiz8cg&random=2295053580 HTTP 302
• https://www.google.co.il/pagead/1p-conversion/17223476229/?random=1291879585&cv=11&fst=1768242872674&bg=ffffff&guid=ON&async=1&en=conversion&gtm=45be6180v9239506606z8862212920za20gzb862212920zd862212920xea&gcd=13l3l3l3l1l1&dma=0&tag_exp=103116026~103200004~104527906~104528501~104684208~104684211~105391252~115616986~115938465~115938469~116514482~116682876&u_w=1600&u_h=1200&url=https%3A%2F%2Fdangnhapfun88-3.com%2F&label=eXWVCKmohKIbEIXI5ZRA&capi=1&frm=0&tiba=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&value=0&hn=www.googleadservices.com&npa=0&pscdl=noapi&auid=1850796051.1768242872&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&_tu=CA&gcl_ctr=1~0&em=tv.1&fmt=3&ct_cookie_present=false&crd=CPLOsQIItN6xAgihuLECCLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgi0xrECCPvYsQII29yxAgjZ17ECCIfbsQII08WxAgjrzLECCO3OsQII1c-xAgju0LECCJfUsQIIyduxAgjF3LECSjBub3QtZXZlbnQtc291cmNlLCBub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIDCgED&cerd=CgEA&fsk=ChEIgNSSywYQjPz14Ka0vtm_ARIsACaNjXcs3m8f9ddr1BzyDjJO94c-XZb7CVCce9RWhhk7CMd-M4dAY8qx33caAoSE&is_vtc=1&cid=CAQSfwDCSxrRIJ_kQLSX3wTukS34-JomBloJDVchZXHmK7v55qXi5Jjy5ANuv98G59pKpyYEKV13tPm9l8y3JWzKIPkr1G9AUFYJ_vDsckZWaU3LgsDdtXO8IZFy1lC40NImP0niUQa8ndF7W8swhjRcvfNecPhIw5QUsanxgsTKlPg&eitems=ChAIgNSSywYQhcKKobaSvehnEh0AGLMYytCyaeerjEArl3av617iQFUD9jTrRiz8cg&random=2295053580&ipr=y&pscrd=IhMI3Z_DgtKGkgMVa1n2CB21EhqTMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhxodHRwczovL2RhbmduaGFwZnVuODgtMy5jb20vQlZDaEFJZ05TU3l3WVF1dTY3emVuVXdadGNFaXdBR3FCLWJuS25NbXAzMWFGQXFtdnZELUZMMDMtUFZjeFdVVW5KUFpiWndvMDNDRzdXNVk5TzRyVkhsUXoMCAliCAgAEAAYACAAggEFcAGIAQE

Request Chain 83

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A3D160F445914579826490741DF1AF5D&RedC=c.clarity.ms&MXFR=1E8F4F1F679F6963107059C0639F6762

85 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response dangnhapfun88-3.com/	610 KB 112 KB	1126ms 1035ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dangnhapfun88-3.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c52788dc7da75089047c4193478532c3430f8779d58f2cb4be822910356ac6f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 9bcebf76fd3c7d94-TLV content-encoding zstd content-type text/html; charset=UTF-8 date Mon, 12 Jan 2026 18:34:26 GMT nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} priority u=0,i report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=jpB4rQNe1f6gixYjT2KqNfktWvVNMPIMwonTpvelVmML%2FkH2wy2A%2FTvwbIbwdY9tlLJXaCTyHFDHAMNoGEesv8Lhwq9ENEJimXTjgOjwRuSeUNc%3D"}]} server cloudflare server-timing cfCacheStatus;desc="DYNAMIC" cfEdge;dur=12,cfOrigin;dur=947 cfExtPri strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-turbo-charged-by LiteSpeed
GET H2	200	NHc9Wsw.jpeg i.imgur.com/	228 KB 228 KB	379ms 126ms	Image image/jpeg	199.232.196.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/NHc9Wsw.jpeg Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.196.193 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash a626d589d3e5693a85d773b40365574d0d3777b9382810cd6af496e0a61ab510 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers etag "778db6695549d057381bfb28b166dee8" age 1125941 access-control-allow-methods GET, OPTIONS x-content-type-options nosniff x-amz-storage-class STANDARD_IA x-cache Miss from cloudfront, HIT, HIT x-amz-cf-id ytrtDiKPUnheAMV7HmkdjwoenAkTYvqYMOvMSA_F-yPwBS03kw3aBw== date Mon, 12 Jan 2026 18:34:27 GMT content-type image/jpeg last-modified Fri, 15 Aug 2025 08:49:29 GMT x-cache-hits 9, 0 x-served-by cache-iad-kjyo7100098-IAD, cache-fra-eddf8230179-FRA strict-transport-security max-age=300 cache-control public, max-age=31536000 x-timer S1768242867.127163,VS0,VE3 accept-ranges bytes access-control-allow-origin * content-length 233205 x-amz-cf-pop PHL50-C1 server cat factory 1.0 x-amz-server-side-encryption AES256
GET H2	200	tagevents.js Show response d3ulwu8fab47va.cloudfront.net/skin/frontend/default/ubuycom-v2/js/	28 KB 6 KB	414ms 137ms	Script application/javascript	18.245.45.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3ulwu8fab47va.cloudfront.net/skin/frontend/default/ubuycom-v2/js/tagevents.js?v=4.4.74 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.45.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-45-129.fra56.r.cloudfront.net Software nginx / Resource Hash e8d16cb1bdebf2c6bfc8b4843129b8cad95bad97cf9d0c2b45b6d892c5da60ca Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-encoding gzip etag W/"692416e4-70d2" age 2120786 x-content-type-options nosniff expires Mon, 14 Dec 2026 05:28:01 GMT x-cache Hit from cloudfront x-amz-cf-id LO5D5ttomU-PDkSvPSj9TYRLH8ka-1CDnlLx6c3ZFMzssQ-ziB1krQ== date Fri, 19 Dec 2025 05:28:01 GMT content-type application/javascript last-modified Mon, 24 Nov 2025 08:27:16 GMT vary Accept-Encoding x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=31104000, no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 referrer-policy strict-origin-when-cross-origin via 1.1 1b406976e43f339920dd4ca9beffceb8.cloudfront.net (CloudFront), 1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront) permissions-policy * x-xss-protection 1; mode=block x-amz-cf-pop FRA60-P11, FRA56-P9 server nginx
GET H2	200	velocity.min.js ubuyanalytics.ubuy.com/ubuywebanalytics/webtrack/js/	0 13 KB	400ms 126ms	Other application/javascript	54.192.35.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ubuyanalytics.ubuy.com/ubuywebanalytics/webtrack/js/velocity.min.js?v=1.54 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.35.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-35-34.fra56.r.cloudfront.net Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Sec-Purpose prefetch Referer https://dangnhapfun88-3.com/ Response headers content-encoding gzip etag W/"64e9c4ad-8828" age 4516326 expires Mon, 16 Nov 2026 12:02:23 GMT x-cache Hit from cloudfront x-amz-cf-id 5aylZnR8hsXfrZLMbpE5V8O_pugcqfvrnNwKUyGFbSBIkQMfn33e-w== date Fri, 21 Nov 2025 12:02:23 GMT content-type application/javascript vary Accept-Encoding last-modified Sat, 26 Aug 2023 09:23:57 GMT x-frame-options SAMEORIGIN cache-control max-age=31104000 via 1.1 d32e6b607499bf1bc577abd1d3ae9984.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop FRA56-P15 server nginx/1.18.0 (Ubuntu)
GET H2	200	track.min.js ubuyanalytics.ubuy.com/ubuywebanalytics/webtrack/	0 10 KB	474ms 201ms	Other application/javascript	54.192.35.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ubuyanalytics.ubuy.com/ubuywebanalytics/webtrack/track.min.js?v=1.54 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.35.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-35-34.fra56.r.cloudfront.net Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Sec-Purpose prefetch Referer https://dangnhapfun88-3.com/ Response headers x-frame-options SAMEORIGIN cache-control max-age=31104000 content-encoding gzip etag W/"6916c23f-b54a" via 1.1 d32e6b607499bf1bc577abd1d3ae9984.cloudfront.net (CloudFront) expires Thu, 07 Jan 2027 18:34:29 GMT access-control-allow-origin * x-cache Miss from cloudfront x-amz-cf-id 4JyvOoSiSI8zhUnMAkCe7XNYi0GS6nndoaw3fbRCSDzwOZ0m1YTwfw== date Mon, 12 Jan 2026 18:34:29 GMT content-type application/javascript last-modified Fri, 14 Nov 2025 05:46:39 GMT server nginx/1.18.0 (Ubuntu) x-amz-cf-pop FRA56-P15 vary Accept-Encoding
GET H2	200	productdetail.all_store.js www.ubuy.com.kh/ubuycom/assets/v5/custom_js/	0 3 KB	421ms 142ms	Other application/javascript	18.239.105.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.ubuy.com.kh/ubuycom/assets/v5/custom_js/productdetail.all_store.js?v=4.4.74 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.105.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-105-96.ams1.r.cloudfront.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Sec-Purpose prefetch Referer https://dangnhapfun88-3.com/ Response headers content-encoding gzip etag W/"69538116-251c" age 34534 x-content-type-options nosniff expires Thu, 07 Jan 2027 08:58:55 GMT x-cache Hit from cloudfront x-amz-cf-id 6TkaTXQWn0NFS3IM-3k-NgYyUj76nlyYTnyzWxAU3c3N2LndB9HTJQ== date Mon, 12 Jan 2026 09:02:08 GMT content-type application/javascript vary accept-encoding last-modified Tue, 30 Dec 2025 07:36:54 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=31104000, no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 referrer-policy strict-origin-when-cross-origin via 1.1 8e8e0fdfe938f4dbcfa8bb4284454f5a.cloudfront.net (CloudFront) permissions-policy * x-xss-protection 1; mode=block x-amz-cf-pop AMS1-P3 server nginx
GET H2	200	size-chart.js www.ubuy.com.kh/skin/frontend/default/ubuycom-v1/js/	0 1 KB	469ms 190ms	Other application/javascript	18.239.105.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.ubuy.com.kh/skin/frontend/default/ubuycom-v1/js/size-chart.js?v=4.4.74 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.105.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-105-96.ams1.r.cloudfront.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Sec-Purpose prefetch Referer https://dangnhapfun88-3.com/ Response headers content-encoding gzip etag W/"60702708-a0d" age 22376 x-content-type-options nosniff expires Thu, 07 Jan 2027 12:21:33 GMT x-cache Hit from cloudfront x-amz-cf-id sQmRs2DJMWOcaRME-oYlRkj4AC4p3sCp1PqBXKT8eClBrque7NIUDA== date Mon, 12 Jan 2026 12:21:33 GMT content-type application/javascript vary Accept-Encoding last-modified Fri, 09 Apr 2021 10:06:00 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=31104000, no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 referrer-policy strict-origin-when-cross-origin via 1.1 8e8e0fdfe938f4dbcfa8bb4284454f5a.cloudfront.net (CloudFront) permissions-policy * x-xss-protection 1; mode=block x-amz-cf-pop AMS1-P3 server nginx
GET H2	200	star-rating.min.js www.ubuy.com.kh/skin/frontend/default/ubuycom-v1/js/	0 5 KB	426ms 147ms	Other application/javascript	18.239.105.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.ubuy.com.kh/skin/frontend/default/ubuycom-v1/js/star-rating.min.js Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.105.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-105-96.ams1.r.cloudfront.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Sec-Purpose prefetch Referer https://dangnhapfun88-3.com/ Response headers content-encoding gzip etag W/"605adee0-35df" age 22376 x-content-type-options nosniff expires Thu, 07 Jan 2027 12:21:33 GMT x-cache Hit from cloudfront x-amz-cf-id 3WH3N02HOm1pfBjpAWDSoR_H0Z-2iZNYEkEwIRC3OC1yP_L7-cuqpw== date Mon, 12 Jan 2026 12:21:33 GMT content-type application/javascript vary accept-encoding last-modified Wed, 24 Mar 2021 06:40:32 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=31104000, no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 referrer-policy strict-origin-when-cross-origin via 1.1 8e8e0fdfe938f4dbcfa8bb4284454f5a.cloudfront.net (CloudFront) permissions-policy * x-xss-protection 1; mode=block x-amz-cf-pop AMS1-P3 server nginx
GET H2	200	explore-icon.svg d2ati23fc66y9j.cloudfront.net/ubuycom/assets/v5/images/	403 B 793 B	542ms 259ms	Image image/svg+xml	65.9.86.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2ati23fc66y9j.cloudfront.net/ubuycom/assets/v5/images/explore-icon.svg Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.86.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-86-112.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash f1ff3447b57c8efa9dd9060d763592539b5f45bbbd8457e4cb18ae8e634de720 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers vary Origin cache-control public, max-age=3888000 etag "0609d35bf588bc5f9a93363ae00e2e6d" age 2376821 via 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 403 x-amz-cf-id mTAyR_-7AsHNK7gGGiGrQxj_qFyHOPo3B0pmuVLIvDd5-kjaBGLKOQ== date Tue, 16 Dec 2025 06:20:49 GMT content-type image/svg+xml last-modified Wed, 18 Jun 2025 08:56:26 GMT server AmazonS3 x-amz-cf-pop AMS1-C1 x-amz-server-side-encryption AES256
GET H2	200	lu6zcTz.png i.imgur.com/	86 KB 87 KB	134ms 131ms	Image image/png	199.232.196.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/lu6zcTz.png Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.196.193 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 9fd5cb0ca23f26c7770c6f038c358e40577734f2be84e22ffc41b561fb9e0c17 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers etag "fe8aa296bef2a262172344685d23590a" age 2030922 access-control-allow-methods GET, OPTIONS x-content-type-options nosniff x-cache Miss from cloudfront, HIT, HIT x-amz-cf-id Q2natDMNWQYVdvdKUgJLYdA0Cbjr44O-HaFvf394VXjXcfrtCqc2lQ== date Mon, 12 Jan 2026 18:34:29 GMT content-type image/png last-modified Sat, 01 Nov 2025 11:58:43 GMT x-cache-hits 397, 0 x-served-by cache-iad-kiad7000128-IAD, cache-fra-eddf8230179-FRA strict-transport-security max-age=300 cache-control public, max-age=31536000 x-timer S1768242869.161474,VS0,VE10 accept-ranges bytes access-control-allow-origin * content-length 88310 x-amz-cf-pop IAD89-P1 server cat factory 1.0 x-amz-server-side-encryption AES256
GET H2	200	us-store.svg d3ulwu8fab47va.cloudfront.net/skin/frontend/default/ubuycom-v1/images/countries-flag/	4 KB 4 KB	134ms 132ms	Image image/svg+xml	18.245.45.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3ulwu8fab47va.cloudfront.net/skin/frontend/default/ubuycom-v1/images/countries-flag/us-store.svg Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.45.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-45-129.fra56.r.cloudfront.net Software nginx / Resource Hash 0e4beba3497ffc66a454afe5cced6332afd1725082520b219e1c240215dfc2b5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers cache-control max-age=315360000, public, no-transform content-encoding gzip etag W/"61fcbbe1-1127" age 4516695 via 1.1 173e1f9e40c2df572d404097afea2570.cloudfront.net (CloudFront), 1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT access-control-allow-origin * x-cache Hit from cloudfront x-amz-cf-id C7nv8oVe4LlmxE6Hs3TNJwDOCw_4FEasBWpLF8t1LMlhS_hWZmUYDw== date Fri, 21 Nov 2025 11:56:14 GMT content-type image/svg+xml x-amz-cf-pop FRA56-P15, FRA56-P9 server nginx last-modified Fri, 04 Feb 2022 05:38:41 GMT vary accept-encoding
GET H2	200	truck.svg d2ati23fc66y9j.cloudfront.net/ubuycom/shipping-service/	730 B 1 KB	552ms 270ms	Image image/svg+xml	65.9.86.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2ati23fc66y9j.cloudfront.net/ubuycom/shipping-service/truck.svg Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.86.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-86-112.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash fa2dd5a83cea562a74213357d3592c36a8eae26565806cdbc84040980a026522 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers vary Origin cache-control public, max-age=3888000 etag "8cd6a078b60f8d098d48414d11d97d95" age 2376822 via 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 730 x-amz-cf-id dVqbiReLrqgMlgXC7O6CEKFfJh2m3aYFmKM5Yg42QF3mPaoxNiSC9g== date Tue, 16 Dec 2025 06:20:48 GMT content-type image/svg+xml last-modified Thu, 23 Nov 2023 08:24:48 GMT server AmazonS3 x-amz-cf-pop AMS1-C1 x-amz-server-side-encryption AES256
GET H2	200	shipping-truck.svg d2ati23fc66y9j.cloudfront.net/ubuycom/shipping-service/	1 KB 997 B	553ms 270ms	Image image/svg+xml	65.9.86.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2ati23fc66y9j.cloudfront.net/ubuycom/shipping-service/shipping-truck.svg Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.86.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-86-112.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash cee39bc49d7828b89d4c0f50fd030612ba6e48ca882513f25fee228a3151e330 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers x-amz-cf-pop AMS1-C1 cache-control public, max-age=3888000 content-encoding br etag W/"fe401704fac2bb13fc285913f919c6bc" age 2376822 via 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id MsTvQnKQ6XJgnCSYpfyTSzGN29u8vMFJu0oKhcyWbxHpJ8kyfpIs6w== date Tue, 16 Dec 2025 06:20:48 GMT content-type image/svg+xml vary accept-encoding, Origin server AmazonS3 last-modified Thu, 23 Nov 2023 08:32:12 GMT x-amz-server-side-encryption AES256
GET H3	200	bri.webp imgstore.io/images/2025/03/19/	956 B 1 KB	599ms 510ms	Image image/webp	104.21.59.246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgstore.io/images/2025/03/19/bri.webp Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.59.246 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5a34afba96b60d63f8addeeb648a2e4a7799012edb37981df7b9c4f42625d3e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cache-control max-age=14400 cf-cache-status REVALIDATED etag "3bc-630ac981f8470" report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=oKQ8CHWH9hu2ZjTLLF%2BTGnMjJ6jWHNlrnGrRd1Or69j%2FlumWz4F2SgvoiPEXAfuQkGKXlH%2B1GX2iLqL%2FOW1tZjsHQXnwW5FvmsTy"}]} cf-ray 9bcebf8cae1bc231-TLV accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfExtPri content-length 956 date Mon, 12 Jan 2026 18:34:29 GMT last-modified Wed, 19 Mar 2025 07:01:44 GMT vary accept-encoding server cloudflare priority u=1,i
GET H3	200	mandiri.webp imgstore.io/images/2025/03/19/	762 B 1 KB	601ms 512ms	Image image/webp	104.21.59.246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgstore.io/images/2025/03/19/mandiri.webp Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.59.246 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26b3edf853f3ee9735914c10355fc9795bdf084c33b03c46e110a10b9b193b48 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cache-control max-age=14400 cf-cache-status REVALIDATED etag "2fa-630ac98115b78" report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=qR1Iggky250SBIYuDdy6ISxMv2McbPmg9ArlX1kCPrw8vHT6uR7BjZn0mA5Z5V6wQiBQN%2B1B8nTi5jwE14rJoj5qIehmkGK%2FR%2FsC"}]} cf-ray 9bcebf8cae1dc231-TLV accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfExtPri content-length 762 date Mon, 12 Jan 2026 18:34:29 GMT last-modified Wed, 19 Mar 2025 07:01:44 GMT vary accept-encoding server cloudflare priority u=1,i
GET H3	200	SEABANK_858ae698-023c-46c3-8fd6-dfdf0ad1adb6_1721271982967.png imgstore.io/images/2025/03/28/	3 KB 4 KB	585ms 521ms	Image image/png	104.21.59.246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgstore.io/images/2025/03/28/SEABANK_858ae698-023c-46c3-8fd6-dfdf0ad1adb6_1721271982967.png Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.59.246 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6c8af9965834da6760e078f5ead06ed5ecd8966060293181e3720e961f7f2d4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers cf-cache-status REVALIDATED etag "cbe-6316109700f8d" report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=B20raSQKs3jrVjIJTnsfXX2SC3effA19RhsMH9MBv%2F9EaBXKkiJP6Wil8FbiG3JuiUEUAHc9n7t60WfR5W4s3YUaUm0l9AiR8Bbn"}]} alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 12 Jan 2026 18:34:29 GMT last-modified Fri, 28 Mar 2025 06:18:20 GMT content-type image/png vary accept-encoding priority u=1,i nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cache-control max-age=14400 cf-ray 9bcebf8cae18c231-TLV accept-ranges bytes content-length 3262 server cloudflare
GET H3	200	bsi.webp imgstore.io/images/2025/03/19/	602 B 1 KB	578ms 514ms	Image image/webp	104.21.59.246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgstore.io/images/2025/03/19/bsi.webp Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.59.246 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 431107ea7b978cd4e5b76068379b278009c8721a1cae50e6ed83153ab6e999ce Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cache-control max-age=14400 cf-cache-status REVALIDATED etag "25a-630ac981bfa32" report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=akILs6dHEjitBV49G8ffdwAD4L5adrs%2FLNQwubLmL8nb%2BdLMFfq5yz6YpAoDpfIuK3XlS%2Bn6Rh99iCQsXUJ1o89qiDbG5rMtDb%2F6"}]} cf-ray 9bcebf8cae1cc231-TLV accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfExtPri content-length 602 date Mon, 12 Jan 2026 18:34:29 GMT last-modified Wed, 19 Mar 2025 07:01:44 GMT vary accept-encoding server cloudflare priority u=1,i
GET H3	200	bni.webp imgstore.io/images/2025/03/19/	814 B 1 KB	591ms 527ms	Image image/webp	104.21.59.246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgstore.io/images/2025/03/19/bni.webp Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.59.246 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 284a090eb5b87febd4168042300877be1d45308f29690480b474a3674cd37bbd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cache-control max-age=14400 cf-cache-status REVALIDATED etag "32e-630ac98230eae" report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Cl9AxcenqR3BJPr6T4BgGn8wwdeAPfw%2BZDUkPgGDCc16qEJFYnIwk27FZFeaYuIinEMjX7pm%2B0N3u5vQ5BCx3yxd7L1GytDb2ZY7"}]} cf-ray 9bcebf8cae19c231-TLV accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfExtPri content-length 814 date Mon, 12 Jan 2026 18:34:29 GMT last-modified Wed, 19 Mar 2025 07:01:45 GMT vary accept-encoding server cloudflare priority u=1,i
GET H2	200	Visa.svg upload.wikimedia.org/wikipedia/commons/0/04/	3 KB 2 KB	397ms 128ms	Image image/svg+xml	185.15.59.240 WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/commons/0/04/Visa.svg Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.15.59.240 , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS upload-lb.esams.wikimedia.org Software ATS/9.2.11 / Resource Hash c2dff55d2837004f54b52e7428829fca1a6dd6819701d406bd615c884d69bdee Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers x-request-id 2f6be1de-e786-4a2f-9c20-59e5f16104e5 access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache content-encoding gzip x-analytics etag W/18a5965a2c319448864d872a3bcde983 age 74163 x-object-meta-sha1base36 3wf6ouh9yr8m5awd8yiz3p9t6q6xuim report-to { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } x-content-type-options nosniff server-timing cache;desc="hit-front", host;desc="cp3079" x-cache cp3079 hit, cp3079 hit/7747 date Sun, 11 Jan 2026 21:58:26 GMT content-type image/svg+xml last-modified Fri, 30 Jan 2015 13:42:37 GMT x-client-ip 31.187.78.188 x-cache-status hit-front strict-transport-security max-age=106384710; includeSubDomains; preload nel { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0} timing-allow-origin * accept-ranges bytes access-control-allow-origin * content-length 1301 server ATS/9.2.11
GET H2	200	qris.png www.jakmall.com/images/desktop/footer/	3 KB 3 KB	424ms 124ms	Image image/png	13.226.244.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.jakmall.com/images/desktop/footer/qris.png?9 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.244.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-244-97.fra56.r.cloudfront.net Software nginx / Resource Hash 20b9ec6f931d57087453344534308cac76fb863e86c7f8e65747ad78946d2dfa Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers cache-control max-age=315360000, no-cache="Set-Cookie" etag "6825479e-b39" age 20903841 via 1.1 18df62d606ad91f0ecd51963c7b7d50a.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 2873 x-amz-cf-id 2gpERT2bJPWZlwXpnPeTCD49KWaj7yyTRBKi-s_uHRbqvnKdeM8vxQ== date Thu, 15 May 2025 19:57:08 GMT content-type image/png last-modified Thu, 15 May 2025 01:47:10 GMT server nginx x-amz-cf-pop FRA56-P14
GET H2	200	klikbca.png www.jakmall.com/images/desktop/footer/	4 KB 5 KB	431ms 131ms	Image image/png	13.226.244.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.jakmall.com/images/desktop/footer/klikbca.png?9 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.244.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-244-97.fra56.r.cloudfront.net Software nginx / Resource Hash 10ae4dfedb1d339a6d08ec9559f9d57edbd9396fa7a91c094cf7374a004d0a1f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers cache-control max-age=315360000, no-cache="Set-Cookie" etag "68b8f1d4-10ae" age 11238114 via 1.1 18df62d606ad91f0ecd51963c7b7d50a.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 4270 x-amz-cf-id 71Ei8TyybsmvgYkeA1mEd6QgWSZbaBQ-cwV6ysE9fwLfF-DSRCl46w== date Thu, 04 Sep 2025 16:52:35 GMT content-type image/png last-modified Thu, 04 Sep 2025 01:56:36 GMT server nginx x-amz-cf-pop FRA56-P14
GET H2	200	ovo.png www.jakmall.com/images/desktop/footer/	8 KB 8 KB	445ms 144ms	Image image/png	13.226.244.97 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.jakmall.com/images/desktop/footer/ovo.png?9 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.244.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-244-97.fra56.r.cloudfront.net Software nginx / Resource Hash 014d92c0a2f813410d6022c9b4d69afb30fbcc269391831b29d3bb273269f864 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers cache-control max-age=315360000, no-cache="Set-Cookie" etag "68b8f1d4-1f04" age 11238114 via 1.1 18df62d606ad91f0ecd51963c7b7d50a.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 7940 x-amz-cf-id 090AuYw6WNk-wdrDpyArLxLOZyrOqmk0oeYw8sqa0DUdXJw1e6yOPg== date Thu, 04 Sep 2025 16:52:35 GMT content-type image/png last-modified Thu, 04 Sep 2025 01:56:36 GMT server nginx x-amz-cf-pop FRA56-P14
GET H3	200	panin.webp imgstore.io/images/2025/03/19/	712 B 1 KB	580ms 516ms	Image image/webp	104.21.59.246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgstore.io/images/2025/03/19/panin.webp Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.59.246 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7daf8c3facf8428cd94b6a68f82af151938a9ae74d5930cfc4eeb89f6f30359 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cache-control max-age=14400 cf-cache-status MISS etag "2c8-630ac9ae3465f" report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DXdfo41SDuLClho6QFo5evvVUSj7E3m0tGbwV%2BqfUkeaXUMzA%2Fwc1wIYt8A9t%2BjpkcwOYkl1slAXmeWys5SPvm3AmryRtX%2BRgd6z"}]} cf-ray 9bcebf8cae1ac231-TLV accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfExtPri content-length 712 date Mon, 12 Jan 2026 18:34:29 GMT last-modified Wed, 19 Mar 2025 07:02:31 GMT vary accept-encoding server cloudflare priority u=1,i
GET H2	200	payment_methods-175369014491.png d2ati23fc66y9j.cloudfront.net/ubuycom/homebanner/	2 KB 2 KB	520ms 263ms	Image image/png	65.9.86.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2ati23fc66y9j.cloudfront.net/ubuycom/homebanner/payment_methods-175369014491.png Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.86.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-86-112.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 41d5d03ceeb170744c16898a12efa43067d84d40dd76104a11e22e712134d715 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers etag "89ee412143ff5a518509bb908333d050" age 2376822 x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-id CTBgLi5KOcVxe4PlMEBoFkOsaUfW0ft_O5aUNL6lk_ARCtuNjtfVZg== date Tue, 16 Dec 2025 06:20:48 GMT content-type image/png vary Origin last-modified Mon, 28 Jul 2025 08:09:05 GMT cache-control public, max-age=3888000 via 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront) accept-ranges bytes content-length 1607 x-amz-cf-pop AMS1-C1 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	payment_methods-175368113152.png d2ati23fc66y9j.cloudfront.net/ubuycom/homebanner/	4 KB 5 KB	523ms 266ms	Image image/png	65.9.86.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2ati23fc66y9j.cloudfront.net/ubuycom/homebanner/payment_methods-175368113152.png Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.86.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-86-112.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash fa785d18889e3276385e6b987178c247d07bd699bc29da9cda2f6bf33628ad1e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers etag "28b2178b1557fde2a77f33f96bd2bc0a" age 2376822 x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-id 8TYiu4jtguoz0hzYWqk-iSiDtYKqjquQjAk0B96mB1qA76oJZ3b3Rg== date Tue, 16 Dec 2025 06:20:48 GMT content-type image/png vary Origin last-modified Mon, 28 Jul 2025 05:38:52 GMT cache-control public, max-age=3888000 via 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront) accept-ranges bytes content-length 4340 x-amz-cf-pop AMS1-C1 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	payment_methods-175368114244.png d2ati23fc66y9j.cloudfront.net/ubuycom/homebanner/	4 KB 4 KB	208ms 208ms	Image image/png	65.9.86.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2ati23fc66y9j.cloudfront.net/ubuycom/homebanner/payment_methods-175368114244.png Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.86.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-86-112.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash c37d9916c146dbd96933d70c9fbbea62d94838bf86b77d0b7548e5b6d6606508 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers etag "0c5a4522492d4b7a04f12064ba740e6c" age 2376822 x-amz-storage-class REDUCED_REDUNDANCY x-cache Hit from cloudfront x-amz-cf-id o6mP_u-nTeViM-ludF0ebZ5rBLylhgXdI1EEM595U9LS0tBAYJhtwQ== date Tue, 16 Dec 2025 06:20:48 GMT content-type image/png vary Origin last-modified Mon, 28 Jul 2025 05:39:03 GMT cache-control public, max-age=3888000 via 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront) accept-ranges bytes content-length 4034 x-amz-cf-pop AMS1-C1 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	loading.gif d2ati23fc66y9j.cloudfront.net/ubuycom-v1/images/	24 KB 25 KB	225ms 224ms	Image image/gif	65.9.86.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2ati23fc66y9j.cloudfront.net/ubuycom-v1/images/loading.gif Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.86.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-86-112.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash c0b0b7afc6a894b48b1ba3e8373639b5e715af1f597ce8e54e7180761c3ebacb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers vary Origin cache-control public, max-age=3888000 etag "561578ba8ab749a373ed5e96a608f3c4" age 2376822 via 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 24981 x-amz-cf-id K3egtJndC8jtXjY27xlWOLkVeW6SF-8ytfmvKoQ3CJucnl0Z0Hmt6Q== date Tue, 16 Dec 2025 06:20:48 GMT content-type image/gif last-modified Mon, 15 Jan 2024 11:55:29 GMT server AmazonS3 x-amz-cf-pop AMS1-C1 x-amz-server-side-encryption AES256
GET H2	200	script-menu-min.js Show response d3ulwu8fab47va.cloudfront.net/skin/frontend/default/ubuycom-v1/js/	4 KB 2 KB	135ms 134ms	Script application/javascript	18.245.45.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3ulwu8fab47va.cloudfront.net/skin/frontend/default/ubuycom-v1/js/script-menu-min.js?v=4.4.74 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.45.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-45-129.fra56.r.cloudfront.net Software nginx / Resource Hash d38601dcfca426f1912d66190913458d06981089b77dc21eb17e184bb0cc27a7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-encoding gzip etag W/"6381dba8-119a" age 1380846 x-content-type-options nosniff expires Tue, 22 Dec 2026 19:00:23 GMT x-cache Hit from cloudfront x-amz-cf-id 0Pd10BVURoUazVUQ59Eh_edloqgzka0c4Q3QnDGKydtzd3DN_iEWoQ== date Sat, 27 Dec 2025 19:00:23 GMT content-type application/javascript last-modified Sat, 26 Nov 2022 09:26:00 GMT vary Accept-Encoding x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=31104000, no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 referrer-policy strict-origin-when-cross-origin via 1.1 2ce2e2dbbabc50ee771ee7128c823f30.cloudfront.net (CloudFront), 1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront) permissions-policy * x-xss-protection 1; mode=block x-amz-cf-pop FRA56-P15, FRA56-P9 server nginx
GET H2	200	homepage-sprite.webp d2ati23fc66y9j.cloudfront.net/sprite-img/	56 KB 56 KB	417ms 159ms	Image image/webp	65.9.86.112 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2ati23fc66y9j.cloudfront.net/sprite-img/homepage-sprite.webp Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.86.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-86-112.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 815f2414609c8e34dde4ae309a8ac458472cf6d0fe0f3a372792d48c0ad201d6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers vary Origin cache-control public, max-age=3888000 etag "b1fc2c670d7b4dc8c7d1972c061e7184" age 2376822 via 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 57266 x-amz-cf-id f1icahp0fGArJ4bdpq8hmh5HLm9-0CqV-OuM6mkxpe222JgN3H2s2w== date Tue, 16 Dec 2025 06:20:48 GMT content-type image/webp last-modified Wed, 23 Apr 2025 10:03:23 GMT server AmazonS3 x-amz-cf-pop AMS1-C1 x-amz-server-side-encryption AES256
GET H2	200	fa-solid-900.woff2 d24epxax9d77vm.cloudfront.net/ubuycom/assets/v5/fonts/poppins-webfont/	110 KB 111 KB	561ms 305ms	Font font/woff2	108.138.2.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24epxax9d77vm.cloudfront.net/ubuycom/assets/v5/fonts/poppins-webfont/fa-solid-900.woff2 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.2.230 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-230.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 2a84ae47aa8183257edf08360986803a809a2ea0c34c3c7229562c62c15c9ff2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Origin https://dangnhapfun88-3.com Referer https://dangnhapfun88-3.com/ Response headers access-control-expose-headers * etag "18dd0b25bda3d372b262b08edeed525a" age 4860240 x-cache Hit from cloudfront x-amz-cf-id W30Q5rMuVVKq9D9BoSFne_zEYB23BVUVZ2vAOi6FnZXjBEApaWPX3A== date Mon, 12 Jan 2026 18:34:29 GMT content-type font/woff2 last-modified Fri, 25 Jul 2025 08:34:37 GMT cache-control public, max-age=3888000 via 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 113108 x-amz-cf-pop FRA56-P6 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	poppins-semibold.woff2 d24epxax9d77vm.cloudfront.net/ubuycom/assets/v5/fonts/poppins-webfont/	51 KB 51 KB	637ms 381ms	Font font/woff2	108.138.2.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24epxax9d77vm.cloudfront.net/ubuycom/assets/v5/fonts/poppins-webfont/poppins-semibold.woff2 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.2.230 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-230.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 4bd0925efb7c7cf94942e1d74eb36e5c75e4cc84cfe9a0dfc950abc065f4ee92 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Origin https://dangnhapfun88-3.com Referer https://dangnhapfun88-3.com/ Response headers access-control-expose-headers * etag "298bda2b1a275a5206f852b1326ef976" age 3676751 x-cache Hit from cloudfront x-amz-cf-id xXA2iA-4CI2ZzVUdo4M1wcVdsObf0tG971O7rzHYOU8gqx81cY2BKQ== date Fri, 09 Jan 2026 01:24:45 GMT content-type font/woff2 last-modified Thu, 27 Feb 2025 11:52:14 GMT cache-control public, max-age=3888000 via 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 52184 x-amz-cf-pop FRA56-P6 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	poppins-medium.woff2 d24epxax9d77vm.cloudfront.net/ubuycom/assets/v5/fonts/poppins-webfont/	50 KB 51 KB	397ms 142ms	Font font/woff2	108.138.2.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24epxax9d77vm.cloudfront.net/ubuycom/assets/v5/fonts/poppins-webfont/poppins-medium.woff2 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.2.230 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-230.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash a7415a2d91793d8fc95e2109a53bac7c95d462b02b4114b64f7ad792148eabc3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Origin https://dangnhapfun88-3.com Referer https://dangnhapfun88-3.com/ Response headers access-control-expose-headers * etag "294cf3e633c24313a4e78f799fd30d49" age 488420 x-cache Hit from cloudfront x-amz-cf-id g5qzRIZCqhL_Tp5TVocfpWnV8GmjPyGh43lGmkLXfHCoRDMOm6Yyig== date Fri, 09 Jan 2026 02:04:29 GMT content-type font/woff2 last-modified Thu, 27 Feb 2025 11:52:12 GMT cache-control public, max-age=3888000 via 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 51560 x-amz-cf-pop FRA56-P6 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	poppins-extraBold.woff2 d24epxax9d77vm.cloudfront.net/ubuycom/assets/v5/fonts/poppins-webfont/	49 KB 50 KB	618ms 363ms	Font font/woff2	108.138.2.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24epxax9d77vm.cloudfront.net/ubuycom/assets/v5/fonts/poppins-webfont/poppins-extraBold.woff2 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.2.230 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-230.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 7c7fd857ca3716d26140f5d92d13cea81fbe9661c7d51caff16f0935e6ce3713 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Origin https://dangnhapfun88-3.com Referer https://dangnhapfun88-3.com/ Response headers access-control-expose-headers * etag "b92666266bd48f47de66cbdae881b1d2" age 4860240 x-cache Hit from cloudfront x-amz-cf-id O-zw330rjNN6daB2BYHeVGWpnp4vJpHmP4o99OhvFObqh2qZSxeOng== date Mon, 17 Nov 2025 12:30:30 GMT content-type font/woff2 last-modified Thu, 27 Feb 2025 11:52:10 GMT cache-control public, max-age=3888000 via 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 50492 x-amz-cf-pop FRA56-P6 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	poppins-bold.woff2 d24epxax9d77vm.cloudfront.net/ubuycom/assets/v5/fonts/poppins-webfont/	50 KB 51 KB	510ms 254ms	Font font/woff2	108.138.2.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24epxax9d77vm.cloudfront.net/ubuycom/assets/v5/fonts/poppins-webfont/poppins-bold.woff2 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.2.230 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-230.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 56c67de04f49e052842e54a80af3a0499773be148cae5008ae141529324e2ac9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Origin https://dangnhapfun88-3.com Referer https://dangnhapfun88-3.com/ Response headers access-control-expose-headers * etag "32b147b48af58b67e4c5fe1546765439" age 492893 x-cache Hit from cloudfront x-amz-cf-id XBG4H5fniomHfoo0Y89Lo7yC6GOROcprQracxHgkEO-HpmBJBYwJ5A== date Fri, 09 Jan 2026 01:33:23 GMT content-type font/woff2 last-modified Thu, 27 Feb 2025 11:52:10 GMT cache-control public, max-age=3888000 via 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 51616 x-amz-cf-pop FRA56-P6 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	poppins-regular.woff2 d24epxax9d77vm.cloudfront.net/ubuycom/assets/v5/fonts/poppins-webfont/	51 KB 52 KB	678ms 423ms	Font font/woff2	108.138.2.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24epxax9d77vm.cloudfront.net/ubuycom/assets/v5/fonts/poppins-webfont/poppins-regular.woff2 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.2.230 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-230.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 4d4b447c3b4a45dcbc496bb678eda1409f8f76f74de9216b3c40f688cf16c261 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Origin https://dangnhapfun88-3.com Referer https://dangnhapfun88-3.com/ Response headers access-control-expose-headers * etag "c9a238baa6cdfb5b15be66844f250158" age 4860240 x-cache Hit from cloudfront x-amz-cf-id 0DtfJchc1tX5XcfyHVyqqkHBWCnJMduJxqkxMcxnzJuEe2-PYc2Ehw== date Mon, 17 Nov 2025 12:30:30 GMT content-type font/woff2 last-modified Thu, 27 Feb 2025 11:52:12 GMT cache-control public, max-age=3888000 via 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 52396 x-amz-cf-pop FRA56-P6 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	fa-brands-400.woff2 d24epxax9d77vm.cloudfront.net/ubuycom/assets/v5/fonts/poppins-webfont/	99 KB 99 KB	653ms 397ms	Font font/woff2	108.138.2.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24epxax9d77vm.cloudfront.net/ubuycom/assets/v5/fonts/poppins-webfont/fa-brands-400.woff2 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.2.230 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-2-230.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash a288b58f2364e3b318277c20f4aa96889b875bf2595776ba3a0c1adc800c2d3c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Origin https://dangnhapfun88-3.com Referer https://dangnhapfun88-3.com/ Response headers access-control-expose-headers * etag "ed1903192eade544e6c2205902b678e4" age 497658 x-cache Hit from cloudfront x-amz-cf-id BaPWfZZII7vYqrO9nhALSoDFlLZt5SnHXoQHOr-aA_eR_LtPWpKNlw== date Fri, 09 Jan 2026 01:07:13 GMT content-type font/woff2 last-modified Fri, 25 Jul 2025 09:51:34 GMT cache-control public, max-age=3888000 via 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 101088 x-amz-cf-pop FRA56-P6 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	lazy.min.js Show response d3ulwu8fab47va.cloudfront.net/skin/frontend/default/ubuycom-v1/js/	3 KB 2 KB	130ms 130ms	Script application/javascript	18.245.45.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3ulwu8fab47va.cloudfront.net/skin/frontend/default/ubuycom-v1/js/lazy.min.js Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.45.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-45-129.fra56.r.cloudfront.net Software nginx / Resource Hash f7f1f00c13514a32e4338a1c3d416cdf1d45599341d5b11d257da413b2722d2c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-encoding gzip etag W/"605adee1-dae" age 1904739 x-content-type-options nosniff expires Wed, 16 Dec 2026 17:28:50 GMT x-cache Hit from cloudfront x-amz-cf-id MMzQUSkT4wbTegIDY50woF8rR3OkPidBoXzNEjweCqOGjola33n_2Q== date Sun, 21 Dec 2025 17:28:50 GMT content-type application/javascript last-modified Wed, 24 Mar 2021 06:40:33 GMT vary Accept-Encoding x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=31104000, no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 referrer-policy strict-origin-when-cross-origin via 1.1 3555148cb98f4a6b38702fc0b65f2ace.cloudfront.net (CloudFront), 1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront) permissions-policy * x-xss-protection 1; mode=block x-amz-cf-pop FRA60-P14, FRA56-P9 server nginx
GET H2	200	script-menu-min.js Show response d3ulwu8fab47va.cloudfront.net/skin/frontend/default/ubuycom-v1/js/	4 KB 2 KB	131ms 129ms	Script application/javascript	18.245.45.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3ulwu8fab47va.cloudfront.net/skin/frontend/default/ubuycom-v1/js/script-menu-min.js?v=4.4.74 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.45.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-45-129.fra56.r.cloudfront.net Software nginx / Resource Hash d38601dcfca426f1912d66190913458d06981089b77dc21eb17e184bb0cc27a7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-encoding gzip etag W/"6381dba8-119a" age 1380846 x-content-type-options nosniff expires Tue, 22 Dec 2026 19:00:23 GMT x-cache Hit from cloudfront x-amz-cf-id pMhg35e-_bw4bwao0aezbx9xW4DHHX7LsbA1NkYJLFTJ0HeGx1ceqg== date Sat, 27 Dec 2025 19:00:23 GMT content-type application/javascript last-modified Sat, 26 Nov 2022 09:26:00 GMT vary Accept-Encoding x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=31104000, no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 referrer-policy strict-origin-when-cross-origin via 1.1 2ce2e2dbbabc50ee771ee7128c823f30.cloudfront.net (CloudFront), 1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront) permissions-policy * x-xss-protection 1; mode=block x-amz-cf-pop FRA56-P15, FRA56-P9 server nginx
GET H2	200	custom.js Show response www.ubuy.com.kh/ubuycom/assets/v5/custom_js/	24 KB 7 KB	192ms 135ms	Script application/javascript	18.239.105.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.ubuy.com.kh/ubuycom/assets/v5/custom_js/custom.js?v=4.4.74 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.105.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-105-96.ams1.r.cloudfront.net Software nginx / Resource Hash 1066b7c93af61eceb140bcdd34758147b6a4c6f94498bb6a853dba11dbde6d16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-encoding gzip etag W/"6641ceb7-609b" age 34558 x-content-type-options nosniff expires Thu, 07 Jan 2027 08:58:31 GMT x-cache Hit from cloudfront x-amz-cf-id L0g1XY0bFmdarvadV6QfsgjL0wGvnDTg1NifLhDUyUrY4eCcHxmeAA== date Mon, 12 Jan 2026 08:58:31 GMT content-type application/javascript vary accept-encoding last-modified Mon, 13 May 2024 08:26:31 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=31104000, no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 referrer-policy strict-origin-when-cross-origin via 1.1 8e8e0fdfe938f4dbcfa8bb4284454f5a.cloudfront.net (CloudFront) permissions-policy * x-xss-protection 1; mode=block x-amz-cf-pop AMS1-P3 server nginx
GET H2	200	jquery.fancybox.min.js Show response d3ulwu8fab47va.cloudfront.net/skin/frontend/default/ubuycom-v1/js/	67 KB 22 KB	137ms 136ms	Script application/javascript	18.245.45.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3ulwu8fab47va.cloudfront.net/skin/frontend/default/ubuycom-v1/js/jquery.fancybox.min.js Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.45.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-45-129.fra56.r.cloudfront.net Software nginx / Resource Hash cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-encoding gzip etag W/"60868343-10a9d" age 2185989 x-content-type-options nosniff expires Sun, 13 Dec 2026 11:21:20 GMT x-cache Hit from cloudfront x-amz-cf-id t-SzFwyMB-uefu-oCs-QLH8gH-HWezu0R6mbEnp8KsMgbOQcuiZX4A== date Thu, 18 Dec 2025 11:21:20 GMT content-type application/javascript last-modified Mon, 26 Apr 2021 09:09:23 GMT vary Accept-Encoding x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=31104000, no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 referrer-policy strict-origin-when-cross-origin via 1.1 6636538a05247c80bd9b1634a2f35fb4.cloudfront.net (CloudFront), 1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront) permissions-policy * x-xss-protection 1; mode=block x-amz-cf-pop FRA60-P14, FRA56-P9 server nginx
GET H3	200	Chart.min.js Show response cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.4/	169 KB 46 KB	174ms 98ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.4/Chart.min.js Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7d5093eb11205e1b6a2329321c14b3c617b9c78b6bc473b7f90362a91ff5015 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5f8c900b-2a415" age 10899568 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cGkKLgXd%2BF7ecPTSKRYPazVngsJihsgnLjuJ3hQLQOgwlzZiBmdWBQxrUv5LUmmNxvHClPexvXJQeZKYiO7I1fBcUIeuDfhspgRTaOPmu%2FRRQL95er6C0zikwKxV%2FgCK2CDPuAiq"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Sat, 02 Jan 2027 18:34:29 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 12 Jan 2026 18:34:29 GMT content-type application/javascript; charset=utf-8 last-modified Sun, 18 Oct 2020 18:57:15 GMT vary Accept-Encoding priority u=3,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 9bcebf8df9137da4-TLV accept-ranges bytes access-control-allow-origin * content-length 46235 server cloudflare
GET H2	200	hls.js@latest Show response cdn.jsdelivr.net/npm/	529 KB 160 KB	228ms 79ms	Script application/javascript	104.16.175.226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/hls.js@latest Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.175.226 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 413a83e2bb0c77ed0bf0be105d539d17ef45dfd984a0b13ecd3b14a901383938 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers access-control-expose-headers * content-encoding br cf-cache-status HIT etag W/"844ae-XHEIsdDuVq9cn8TPGBJJmMABdjI" age 22674 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N1I6gT9GUxeAem28TJJLJa3hb3KbcNOzdqxdrGBZao3iOb%2Fn4KwxtoKdwIMbKYPESU7SKbYGp20ZWpjd6E0TvqmKA2tKWw9uESZGavPV%2F5%2B%2F1tvbIX4TOW3B%2FGeSrBZ2m2k%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443"; ma=86400 x-cache HIT date Mon, 12 Jan 2026 18:34:29 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-eddf8230186-FRA vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 9bcebf8e6862c22c-TLV accept-ranges bytes access-control-allow-origin * content-length 162728 server cloudflare x-jsd-version 1.6.15
GET H2	200	track.min.css ubuyanalytics.ubuy.com/ubuywebanalytics/webtrack/css/	33 KB 7 KB	139ms 138ms	Stylesheet text/css	54.192.35.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ubuyanalytics.ubuy.com/ubuywebanalytics/webtrack/css/track.min.css?v=1.54 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.35.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-35-34.fra56.r.cloudfront.net Software nginx/1.18.0 (Ubuntu) / Resource Hash f20d735a0a40496ad26f7263af188670d8b468682124b05769a080670bb661f5 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-encoding gzip etag W/"691176e7-8500" age 48961 expires Thu, 07 Jan 2027 04:58:28 GMT x-cache Hit from cloudfront x-amz-cf-id CIR67jUZ6Mz7uwh5HArSxu247hj1Jz_4LSG8cfE0PzmFz4nIeYuBdg== date Mon, 12 Jan 2026 04:58:28 GMT content-type text/css vary Accept-Encoding last-modified Mon, 10 Nov 2025 05:23:51 GMT x-frame-options SAMEORIGIN cache-control max-age=31104000 via 1.1 d32e6b607499bf1bc577abd1d3ae9984.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop FRA56-P15 server nginx/1.18.0 (Ubuntu)
GET H2	200	vertical.css ubuyanalytics.ubuy.com/ubuywebanalytics/webtrack/css/	13 KB 3 KB	128ms 128ms	Stylesheet text/css	54.192.35.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ubuyanalytics.ubuy.com/ubuywebanalytics/webtrack/css/vertical.css?v=1.54 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.35.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-35-34.fra56.r.cloudfront.net Software nginx/1.18.0 (Ubuntu) / Resource Hash d23efa6b076866742d5cf6f8991610c5a3788d53d6ccaf6ca7f188c50af226db Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-encoding gzip etag W/"64e9c4ad-34d7" age 33689 expires Thu, 07 Jan 2027 09:13:00 GMT x-cache Hit from cloudfront x-amz-cf-id MY_M5C5NR5d6qNjfwV1JJ6ACsjEMfQpsRYOLA1XRXE0Vc8bfdW6l0A== date Mon, 12 Jan 2026 09:13:00 GMT content-type text/css vary accept-encoding last-modified Sat, 26 Aug 2023 09:23:57 GMT x-frame-options SAMEORIGIN cache-control max-age=31104000 via 1.1 d32e6b607499bf1bc577abd1d3ae9984.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop FRA56-P15 server nginx/1.18.0 (Ubuntu)
GET H2	200	track.min.js Show response ubuyanalytics.ubuy.com/ubuywebanalytics/webtrack/	45 KB 0	124ms 124ms	Script application/javascript	54.192.35.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ubuyanalytics.ubuy.com/ubuywebanalytics/webtrack/track.min.js?v=1.54 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.35.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-35-34.fra56.r.cloudfront.net Software nginx/1.18.0 (Ubuntu) / Resource Hash 35409d6e2d010bc3d3b79871a821dfe5032e9195575075f5e105c9dcd0464532 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers x-frame-options SAMEORIGIN cache-control max-age=31104000 content-encoding gzip etag W/"6916c23f-b54a" via 1.1 d32e6b607499bf1bc577abd1d3ae9984.cloudfront.net (CloudFront) expires Thu, 07 Jan 2027 18:34:29 GMT access-control-allow-origin * x-cache Miss from cloudfront x-amz-cf-id 4JyvOoSiSI8zhUnMAkCe7XNYi0GS6nndoaw3fbRCSDzwOZ0m1YTwfw== date Mon, 12 Jan 2026 18:34:29 GMT content-type application/javascript last-modified Fri, 14 Nov 2025 05:46:39 GMT server nginx/1.18.0 (Ubuntu) x-amz-cf-pop FRA56-P15 vary Accept-Encoding
GET H2	200	velocity.min.js Show response ubuyanalytics.ubuy.com/ubuywebanalytics/webtrack/js/	34 KB 0	51ms 51ms	Script application/javascript	54.192.35.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ubuyanalytics.ubuy.com/ubuywebanalytics/webtrack/js/velocity.min.js?v=1.54 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.35.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-35-34.fra56.r.cloudfront.net Software nginx/1.18.0 (Ubuntu) / Resource Hash 5ce92f10d0930e0b3dce3467b111db4228ec429e3944a01b6fcc2c311dd572c4 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-encoding gzip etag W/"64e9c4ad-8828" age 4516326 expires Mon, 16 Nov 2026 12:02:23 GMT x-cache Hit from cloudfront x-amz-cf-id 5aylZnR8hsXfrZLMbpE5V8O_pugcqfvrnNwKUyGFbSBIkQMfn33e-w== date Fri, 21 Nov 2025 12:02:23 GMT content-type application/javascript vary Accept-Encoding last-modified Sat, 26 Aug 2023 09:23:57 GMT x-frame-options SAMEORIGIN cache-control max-age=31104000 via 1.1 d32e6b607499bf1bc577abd1d3ae9984.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop FRA56-P15 server nginx/1.18.0 (Ubuntu)
GET H2	200	firebase-app.js Show response www.gstatic.com/firebasejs/9.0.0/	59 KB 13 KB	391ms 130ms	Script text/javascript	142.251.140.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/9.0.0/firebase-app.js Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.140.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcfraa-bt-in-f3.1e100.net Software sffe / Resource Hash 5e9cdd32964e163a820836651c676894629b25cbfb7d07d0e8f03e9e0eba28b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Origin https://dangnhapfun88-3.com Referer https://dangnhapfun88-3.com/ Response headers content-encoding gzip age 19746 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Tue, 12 Jan 2027 13:05:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 12 Jan 2026 13:05:23 GMT last-modified Wed, 25 Aug 2021 16:18:01 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 13090 x-xss-protection 0 server sffe
GET H2	200	firebase-messaging.js Show response www.gstatic.com/firebasejs/9.0.0/	98 KB 18 KB	450ms 190ms	Script text/javascript	142.251.140.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/9.0.0/firebase-messaging.js Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.140.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcfraa-bt-in-f3.1e100.net Software sffe / Resource Hash 032df504250456bb0daf6e720f10364d8cf4d4c6df1acae1c5a8a20f4c94ceb5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Origin https://dangnhapfun88-3.com Referer https://dangnhapfun88-3.com/ Response headers content-encoding gzip age 556821 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Wed, 06 Jan 2027 07:54:08 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 06 Jan 2026 07:54:08 GMT last-modified Wed, 25 Aug 2021 16:17:58 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 18310 x-xss-protection 0 server sffe
GET H2	200	vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response static.cloudflareinsights.com/beacon.min.js/	19 KB 7 KB	230ms 90ms	Script text/javascript	104.16.79.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.79.73 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Origin https://dangnhapfun88-3.com Referer https://dangnhapfun88-3.com/ Response headers cache-control public, max-age=86400 content-encoding gzip etag W/"2024.6.1" cross-origin-resource-policy cross-origin cf-ray 9bcebf8f292bc22c-TLV access-control-allow-origin * date Mon, 12 Jan 2026 18:34:29 GMT content-type text/javascript;charset=UTF-8 last-modified Thu, 06 Jun 2024 15:52:56 GMT vary Accept-Encoding server cloudflare
GET H2	200	lazy.min.js Show response d3ulwu8fab47va.cloudfront.net/skin/frontend/default/ubuycom-v1/js/	3 KB 2 KB	130ms 130ms	Script application/javascript	18.245.45.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3ulwu8fab47va.cloudfront.net/skin/frontend/default/ubuycom-v1/js/lazy.min.js Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.45.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-45-129.fra56.r.cloudfront.net Software nginx / Resource Hash f7f1f00c13514a32e4338a1c3d416cdf1d45599341d5b11d257da413b2722d2c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-encoding gzip etag W/"605adee1-dae" age 1904739 x-content-type-options nosniff expires Wed, 16 Dec 2026 17:28:50 GMT x-cache Hit from cloudfront x-amz-cf-id VKkV7U_6OCFKsPtKO0G6f-P_JA5IwHFu1b8svpLdoxcx4Ll5QxZrnA== date Sun, 21 Dec 2025 17:28:50 GMT content-type application/javascript last-modified Wed, 24 Mar 2021 06:40:33 GMT vary Accept-Encoding x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=31104000, no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 referrer-policy strict-origin-when-cross-origin via 1.1 3555148cb98f4a6b38702fc0b65f2ace.cloudfront.net (CloudFront), 1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront) permissions-policy * x-xss-protection 1; mode=block x-amz-cf-pop FRA60-P14, FRA56-P9 server nginx
GET H2	200	css fonts.googleapis.com/	40 KB 3 KB	389ms 134ms	Stylesheet text/css	172.217.23.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,300,800italic,300italic,600,700,800 Requested by Host: ubuyanalytics.ubuy.com URL: https://ubuyanalytics.ubuy.com/ubuywebanalytics/webtrack/css/vertical.css?v=1.54 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 172.217.23.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f10.1e100.net Software ESF / Resource Hash d8dfad5994b62b323667251757f72177f595bc3bc16fb3a9d80feca3d9b3fbf4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ubuyanalytics.ubuy.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 12 Jan 2026 18:34:29 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 12 Jan 2026 18:34:29 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Mon, 12 Jan 2026 18:29:53 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	236ms 74ms	Script text/javascript	104.20.14.96 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.14.96 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers cache-control max-age=28800 content-encoding gzip cf-cache-status HIT etag "-375139978" age 46216 cf-ray 9bcebf9298d3c22f-TLV accept-ranges bytes content-length 4547 date Mon, 12 Jan 2026 18:34:30 GMT content-type text/javascript last-modified Thu, 16 Apr 2020 10:44:16 GMT vary Accept-Encoding server cloudflare
GET H3	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v44/	47 KB 47 KB	257ms 125ms	Font font/woff2	142.250.186.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,800italic,300italic,600,700,800 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f3.1e100.net Software sffe / Resource Hash d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Origin https://dangnhapfun88-3.com Referer https://fonts.googleapis.com/ Response headers age 480925 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 07 Jan 2027 04:59:05 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 07 Jan 2026 04:59:05 GMT last-modified Mon, 15 Sep 2025 16:30:41 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 48320 x-xss-protection 0 server sffe
GET H/1.1	200 OK	4926655.php Show response s4.histats.com/stats/	48 B 182 B	663ms 217ms	Script text/html	54.39.128.162 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/4926655.php?4926655&@f16&@g1&@h1&@i1&@j1768242870226&@k0&@l1&@mDEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&@n0&@o1000&@q0&@r0&@s2&@the-IL&@u1600&@b1:-197474916&@b3:1768242870&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fdangnhapfun88-3.com%2F&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.39.128.162 Beauharnois, Canada, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns562109.ip-54-39-128.net Software / Resource Hash ce85f4c20f38f36940f9c170f056cb8d56e189cd094c3565c6b9f80e5260f7a0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers Content-Length 48 Date Mon, 12 Jan 2026 18:33:50 GMT Content-Type text/html;charset=UTF-8 Connection close
GET H2	200	cc_2.js Show response s10.histats.com/counters/	19 KB 9 KB	677ms 676ms	Script text/javascript	104.20.14.96 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/counters/cc_2.js Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.14.96 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5df1a258afd0bcec2485c7422a657121a4eb3fc240ba52535d66726785f645c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers cache-control max-age=28800 content-encoding gzip cf-cache-status MISS etag "-44229764" cf-ray 9bcebf974d48c22f-TLV accept-ranges bytes content-length 9007 date Mon, 12 Jan 2026 18:34:31 GMT content-type text/javascript last-modified Thu, 16 Apr 2020 10:45:08 GMT vary Accept-Encoding server cloudflare
GET H2	200	gtm.js Show response www.googletagmanager.com/	842 KB 185 KB	456ms 194ms	Script application/javascript	142.250.184.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KFBPZ6R Requested by Host: dangnhapfun88-3.com URL: https://dangnhapfun88-3.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f8.1e100.net Software Google Tag Manager / Resource Hash d1f9db9776ddc9632b20dd11925b8d2d979e3d4919814675e954177800af221a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-encoding zstd expires Mon, 12 Jan 2026 18:34:31 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 12 Jan 2026 18:34:31 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Mon, 12 Jan 2026 18:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin * content-length 189165 x-xss-protection 0 server Google Tag Manager
POST H3	404	rum Show response dangnhapfun88-3.com/cdn-cgi/	151 B 630 B	75ms 73ms	XHR text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dangnhapfun88-3.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d66dd0f2f24c4343661a5396e1ba76782fe651f7d422209eded956ebf90900fc Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 content-type application/json Referer https://dangnhapfun88-3.com/ Response headers cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding zstd report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=YRvKbYkEKiILWYJyVrOC%2BFwtVOofeEXV%2Bkzh1YIFs6eclsDm3dTr%2BdziKSxa9gBcY9GpHzOCmrEDFHzI6GvhRVKuB%2FugTpPTfV5%2FfzUicI%2Fh7os%3D"}]} referrer-policy same-origin cf-ray 9bcebf9babbe7d94-TLV expires Thu, 01 Jan 1970 00:00:01 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 12 Jan 2026 18:34:31 GMT content-type text/html; charset=UTF-8 server cloudflare priority u=1,i x-frame-options SAMEORIGIN
GET H2	200	Hdorbo8.png i.imgur.com/	4 KB 4 KB	122ms 122ms	Other image/png	199.232.196.193 FASTLY
General Check archive.org Show headers Download Go to Full URL https://i.imgur.com/Hdorbo8.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.196.193 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash a5b10c3032420b8c2897522539d177cbf4bc53eff5d1f582e3d7f8d5de27461b Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers etag "013a26f3f9bb70b722d33938d211cfdd" age 1734266 access-control-allow-methods GET, OPTIONS x-content-type-options nosniff x-cache Miss from cloudfront, HIT, HIT x-amz-cf-id i7i8gNJ3c20Yg7qZaynT9UD6qPa6am_UYf1eDCZJ2QN4Q-iK2QTUEw== date Mon, 12 Jan 2026 18:34:31 GMT content-type image/png last-modified Sat, 01 Nov 2025 12:51:13 GMT x-cache-hits 181, 0 x-served-by cache-iad-kjyo7100093-IAD, cache-fra-eddf8230179-FRA strict-transport-security max-age=300 cache-control public, max-age=31536000 x-timer S1768242872.646384,VS0,VE1 accept-ranges bytes access-control-allow-origin * content-length 3913 x-amz-cf-pop IAD89-P1 server cat factory 1.0 x-amz-server-side-encryption AES256
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 26a51cc0c02d2e690eca1c135d230177811950b36d494e0a3b2aaef1f58c191e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	Hdorbo8.png i.imgur.com/	4 KB 0	0ms 0ms	Other image/png	199.232.196.193 FASTLY
General Check archive.org Show headers Download Go to Full URL https://i.imgur.com/Hdorbo8.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.196.193 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash a5b10c3032420b8c2897522539d177cbf4bc53eff5d1f582e3d7f8d5de27461b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers etag "013a26f3f9bb70b722d33938d211cfdd" age 1734266 access-control-allow-methods GET, OPTIONS x-content-type-options nosniff x-cache Miss from cloudfront, HIT, HIT x-amz-cf-id i7i8gNJ3c20Yg7qZaynT9UD6qPa6am_UYf1eDCZJ2QN4Q-iK2QTUEw== date Mon, 12 Jan 2026 18:34:31 GMT content-type image/png last-modified Sat, 01 Nov 2025 12:51:13 GMT x-cache-hits 181, 0 x-served-by cache-iad-kjyo7100093-IAD, cache-fra-eddf8230179-FRA cache-control public, max-age=31536000 x-timer S1768242872.646384,VS0,VE1 accept-ranges bytes access-control-allow-origin * content-length 3913 x-amz-cf-pop IAD89-P1 server cat factory 1.0 x-amz-server-side-encryption AES256
GET H2	200	bat.js Show response bat.bing.com/	53 KB 15 KB	373ms 141ms	Script application/javascript	150.171.28.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFBPZ6R Protocol H2 Security TLS 1.3, , AES_256_GCM Server 150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 567e72c15064f42d211a6a03b4675b66e237b2b159079dedf732421f13fdbf41 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding gzip etag "801a5640335edc1:0" accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 0D90F157D55B458C90E29EFE564A40AC Ref B: TLV30EDGE0109 Ref C: 2026-01-12T18:34:32Z accept-ranges bytes x-cache CONFIG_NOCACHE content-length 15132 date Mon, 12 Jan 2026 18:34:32 GMT content-type application/javascript last-modified Tue, 25 Nov 2025 17:45:13 GMT vary Accept-Encoding
POST H3	200	collect www.google.com/ccm/	0 0	266ms 133ms	Fetch text/plain	142.250.186.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ccm/collect?frm=0&en=page_view&dl=https%3A%2F%2Fdangnhapfun88-3.com%2F&scrsrc=www.googletagmanager.com&rnd=821776165.1768242872&dt=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&auid=1850796051.1768242872&navt=n&npa=0&gtm=45He6180v862212920za200zd862212920xea&gcd=13l3l3l3l1l1&dma=0&tag_exp=103116026~103200004~104527906~104528501~104684208~104684211~105391252~115616986~115938465~115938468~116514482~116682876~116988316&tft=1768242872347&tfd=6718&apve=1&apvf=f Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFBPZ6R Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f4.1e100.net Software / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers
GET H/1.1	204 No Content	undefined Show response www.clarity.ms/tag/	0 171 B	380ms 119ms	Script text/plain	20.250.198.32 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/undefined?ref=gtm Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFBPZ6R Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.250.198.32 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers Request-Context appId=cid-v1:24dd0b7c-7995-45d6-b3b6-925639dc2d30 Date Mon, 12 Jan 2026 18:34:32 GMT Server nginx Connection keep-alive
GET H2	200	destination Show response www.googletagmanager.com/gtag/	387 KB 134 KB	151ms 151ms	Script application/javascript	142.250.184.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-604785482&cx=c&gtm=4e6180 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFBPZ6R Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f8.1e100.net Software Google Tag Manager / Resource Hash b2dcc1d9e859fa367f36f94628a05881cb04d590fa3ea31d1f5500570e13548b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-encoding zstd report-to {"group":"ascgsrsghrgc:72:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgsrsghrgc:72:0"}],} expires Mon, 12 Jan 2026 18:34:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 12 Jan 2026 18:34:32 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Mon, 12 Jan 2026 18:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgsrsghrgc:72:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=ascgsrsghrgc:72:0 content-length 136610 x-xss-protection 0 server Google Tag Manager
GET H2	200	destination Show response www.googletagmanager.com/gtag/	386 KB 134 KB	139ms 139ms	Script application/javascript	142.250.184.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-17223476229&cx=c&gtm=4e6180 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFBPZ6R Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f8.1e100.net Software Google Tag Manager / Resource Hash c0f289ff5fcef0409a6ddc4de281e754e254d66fc5ac7758fbcfaae6ce1c273c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-encoding zstd report-to {"group":"ascgsrsghrgc:72:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgsrsghrgc:72:0"}],} expires Mon, 12 Jan 2026 18:34:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 12 Jan 2026 18:34:32 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Mon, 12 Jan 2026 18:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgsrsghrgc:72:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=ascgsrsghrgc:72:0 content-length 136544 x-xss-protection 0 server Google Tag Manager
GET H2	200	uwt.js Show response static.ads-twitter.com/	54 KB 16 KB	460ms 128ms	Script application/javascript	146.75.116.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFBPZ6R Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 201aab1787f65dd70b7d47a88aef97a4775a0857afaefb908baf2a05eb1b0e38 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers vary Accept-Encoding,Host cache-control no-cache content-encoding gzip etag "69a7ed3b506e6df98df4f32a1f87bf09+gzip+gzip" accept-ranges bytes x-cache HIT, HIT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" content-length 15523 date Mon, 12 Jan 2026 18:34:32 GMT x-tw-cdn FT last-modified Sat, 22 Nov 2025 04:33:58 GMT content-type application/javascript; charset=utf-8 x-served-by cache-iad-kjyo7100106-IAD, cache-fra-eddf8230141-FRA x-amz-server-side-encryption AES256
GET H2	200	destination Show response www.googletagmanager.com/gtag/	381 KB 132 KB	152ms 151ms	Script application/javascript	142.250.184.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-866006020&cx=c&gtm=4e6180 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFBPZ6R Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f8.1e100.net Software Google Tag Manager / Resource Hash 4509558d1ee90e6de3430fc22f575de67f52358c88a68e25a7f54160cc6f9cc2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-encoding zstd report-to {"group":"ascgsrsghrgc:72:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgsrsghrgc:72:0"}],} expires Mon, 12 Jan 2026 18:34:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 12 Jan 2026 18:34:32 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Mon, 12 Jan 2026 18:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgsrsghrgc:72:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=ascgsrsghrgc:72:0 content-length 135257 x-xss-protection 0 server Google Tag Manager
GET H2	200	sw_iframe.html Show response www.googletagmanager.com/static/service_worker/6150/ Frame D00B	3 KB 2 KB	395ms 139ms	Document text/html	142.250.184.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/static/service_worker/6150/sw_iframe.html?origin=https%3A%2F%2Fdangnhapfun88-3.com Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFBPZ6R Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f8.1e100.net Software sffe / Resource Hash 2ada301d803d8f4b2ba210c9c57091378255ed54b96e4236a9e2ce587a2a4035 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 1486 content-type text/html cross-origin-opener-policy same-origin; report-to="analytics-container-tag-serving" cross-origin-resource-policy cross-origin date Mon, 12 Jan 2026 18:34:32 GMT expires Tue, 12 Jan 2027 18:34:32 GMT last-modified Mon, 05 Jan 2026 09:38:00 GMT report-to {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]} server sffe service-worker-allowed /static/service_worker vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	/ Show response www.googleadservices.com/pagead/conversion/17223476229/	3 KB 1 KB	272ms 139ms	Fetch application/json	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/17223476229/?random=1768242872674&cv=11&fst=1768242872674&bg=ffffff&guid=ON&async=1&en=conversion&gtm=45be6180v9239506606z8862212920za20gzb862212920zd862212920xea&gcd=13l3l3l3l1l1&dma=0&tag_exp=103116026~103200004~104527906~104528501~104684208~104684211~105391252~115616986~115938465~115938469~116514482~116682876&u_w=1600&u_h=1200&url=https%3A%2F%2Fdangnhapfun88-3.com%2F&label=eXWVCKmohKIbEIXI5ZRA&capi=1&frm=0&tiba=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&bttype=purchase&value=0&hn=www.googleadservices.com&npa=0&pscdl=noapi&auid=1850796051.1768242872&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&_tu=CA&gcl_ctr=1~0&em=tv.1&fmt=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-17223476229&cx=c&gtm=4e6180 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash a4b9640ad82827f1bf09d9781407bda9bed60954e97849b8266162f5deb28fc2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-encoding br x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Mon, 12 Jan 2026 18:34:32 GMT content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://dangnhapfun88-3.com content-length 1113 x-xss-protection 0 server cafe
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/604785482/	5 KB 2 KB	282ms 142ms	Script text/javascript	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/604785482/?random=1768242872726&cv=11&fst=1768242872726&bg=ffffff&guid=ON&async=1&gtm=45be6180v9171887271z8862212920za20gzb862212920zd862212920xea&gcd=13l3l3l3l1l1&dma=0&tag_exp=103116026~103200004~104527906~104528501~104684208~104684211~105391252~115616986~115938465~115938469~116514482~116682876&u_w=1600&u_h=1200&url=https%3A%2F%2Fdangnhapfun88-3.com%2F&frm=0&tiba=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&hn=www.googleadservices.com&npa=0&pscdl=noapi&auid=1850796051.1768242872&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_tu=CA&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-604785482&cx=c&gtm=4e6180 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash 644235c2680117c6f7f44c090eb4a4c573b609178f21241130b05f4937a06cd3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * content-encoding br pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 2119 date Mon, 12 Jan 2026 18:34:32 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/866006020/	5 KB 2 KB	249ms 146ms	Script text/javascript	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/866006020/?random=1768242872763&cv=11&fst=1768242872763&bg=ffffff&guid=ON&async=1&gtm=45be6180v9236153979z8862212920za20gzb862212920zd862212920xea&gcd=13l3l3l3l1l1&dma=0&tag_exp=103116026~103200004~104527906~104528500~104573694~104684208~104684211~105391253~115938465~115938469~116514482~116682876&u_w=1600&u_h=1200&url=https%3A%2F%2Fdangnhapfun88-3.com%2F&frm=0&tiba=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&hn=www.googleadservices.com&npa=0&pscdl=noapi&auid=1850796051.1768242872&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_tu=CA&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-866006020&cx=c&gtm=4e6180 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash 732bdf9f69c6fa0e71273e58eeddfb8ce1ef9c5babfd17f8ef5300d407a44790 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * content-encoding br pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 2121 date Mon, 12 Jan 2026 18:34:32 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	199015794.js Show response bat.bing.com/p/action/	4 KB 2 KB	144ms 143ms	Script application/javascript	150.171.28.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/199015794.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e5e4b2e2f240c00e38e1cd338347d0e8d539eeff46a1685a90ebbd3ed687356d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=60 content-encoding br accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 493925374A6B44AB9D97C4C0DEED81BF Ref B: TLV30EDGE0109 Ref C: 2026-01-12T18:34:32Z x-cache CONFIG_NOCACHE date Mon, 12 Jan 2026 18:34:32 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding
GET H2	200	adsct t.co/i/	43 B 658 B	473ms 321ms	Image image/gif	162.159.140.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=5&dv=Asia%2FJerusalem%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2628%2624%261600%261200%260%26na&eci=2&event_id=4689d8d4-7aa6-4b9c-ab14-4480f6547309&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a33b8f77-56ae-4e82-b46d-66f9d80e3dc2&pt=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&tw_document_href=https%3A%2F%2Fdangnhapfun88-3.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=qlcae&type=javascript&version=2.3.35 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.140.229 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare envoy / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519; includeSubdomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers strict-transport-security max-age=631138519; includeSubdomains x-transaction-id 0cd0044795bb0f5d cache-control no-cache, no-store, max-age=0 origin-cf-ray 9bcebfa51f65c222-TLV cf-cache-status DYNAMIC cf-ray 9bcebfa51f65c222-TLV x-response-time 86 content-length 43 date Mon, 12 Jan 2026 18:34:33 GMT content-type image/gif;charset=utf-8 perf 7402827104 server cloudflare envoy x-served-by t4_a
GET H2	200	adsct analytics.twitter.com/i/	43 B 672 B	418ms 240ms	Image image/gif	162.159.140.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=5&dv=Asia%2FJerusalem%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2628%2624%261600%261200%260%26na&eci=2&event_id=4689d8d4-7aa6-4b9c-ab14-4480f6547309&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a33b8f77-56ae-4e82-b46d-66f9d80e3dc2&pt=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&tw_document_href=https%3A%2F%2Fdangnhapfun88-3.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=qlcae&type=javascript&version=2.3.35 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.140.229 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare envoy / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519; includeSubdomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers strict-transport-security max-age=631138519; includeSubdomains x-transaction-id 33520a0bd858d826 cache-control no-cache, no-store, max-age=0 origin-cf-ray 9bcebfa54c487d9b-ATL cf-cache-status DYNAMIC cf-ray 9bcebfa54c487d9b-TLV x-response-time 8 content-length 43 date Mon, 12 Jan 2026 18:34:33 GMT content-type image/gif;charset=utf-8 perf 7402827104 server cloudflare envoy x-served-by t4_a
GET H2	200	adsct t.co/1/i/	43 B 465 B	485ms 334ms	Image image/gif	162.159.140.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/1/i/adsct?bci=5&dv=Asia%2FJerusalem%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2628%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=bd069018-0bcc-48f6-b8af-051ebcdda2e2&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a33b8f77-56ae-4e82-b46d-66f9d80e3dc2&pt=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&tw_document_href=https%3A%2F%2Fdangnhapfun88-3.com%2F&tw_iframe_status=0&txn_id=qlcae&type=javascript&version=2.3.35 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.140.229 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare envoy / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519; includeSubdomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers strict-transport-security max-age=631138519; includeSubdomains x-transaction-id bb2d771812660fb6 cache-control no-cache, no-store, max-age=0 origin-cf-ray 9bcebfa51f66c222-TLV cf-cache-status DYNAMIC cf-ray 9bcebfa51f66c222-TLV x-response-time 86 content-length 43 date Mon, 12 Jan 2026 18:34:33 GMT content-type image/gif;charset=utf-8 perf 7402827104 server cloudflare envoy x-served-by t4_a
GET H2	200	adsct analytics.twitter.com/1/i/	43 B 812 B	420ms 242ms	Image image/gif	162.159.140.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/1/i/adsct?bci=5&dv=Asia%2FJerusalem%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2628%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=bd069018-0bcc-48f6-b8af-051ebcdda2e2&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a33b8f77-56ae-4e82-b46d-66f9d80e3dc2&pt=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&tw_document_href=https%3A%2F%2Fdangnhapfun88-3.com%2F&tw_iframe_status=0&txn_id=qlcae&type=javascript&version=2.3.35 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.140.229 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare envoy / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519; includeSubdomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers strict-transport-security max-age=631138519; includeSubdomains x-transaction-id 5ec87b21c5192b87 cache-control no-cache, no-store, max-age=0 origin-cf-ray 9bcebfa54c4b7d9b-ATL cf-cache-status DYNAMIC cf-ray 9bcebfa54c4b7d9b-TLV x-response-time 6 content-length 43 date Mon, 12 Jan 2026 18:34:33 GMT content-type image/gif;charset=utf-8 perf 7402827104 server cloudflare envoy x-served-by t4_a
GET H/1.1	200 OK	199015794 Show response www.clarity.ms/tag/uet/	947 B 1 KB	122ms 121ms	Script application/x-javascript	20.250.198.32 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/uet/199015794?conversions=1 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/199015794.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.250.198.32 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 6f6d444f266b0bbc1380a0f12f698f7abfb4d670a58e836699c515a9030d4e5d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers Cache-Control no-cache, no-store Connection keep-alive Request-Context appId=cid-v1:24dd0b7c-7995-45d6-b3b6-925639dc2d30 Expires -1 Content-Length 947 Date Mon, 12 Jan 2026 18:34:33 GMT Content-Type application/x-javascript Server nginx
GET H2	204	0 bat.bing.com/action/	0 287 B	142ms 142ms	Image text/plain	150.171.28.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=199015794&tm=gtm002&Ver=2&mid=d12e1cff-91af-402e-838d-8e8059358c92&bo=1&sid=56b31980efe511f09dfd4b6e96045664&vid=56b328f0efe511f0ad050bc7dd4d599d&vids=1&msclkid=N&pi=918639831&lg=he-IL&sw=1600&sh=1200&sc=24&tl=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&kw=Dewidewitoto,%20Dewidewitoto%20macau,%20Dewidewitoto%20asia,%20Dewidewitoto%20alternatif,%20Dewidewitoto%20link%20resmi&p=https%3A%2F%2Fdangnhapfun88-3.com%2F&r=&lt=5960&evt=pageLoad&sv=2&cdb=AQAQ&rn=512779 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache, must-revalidate pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: E2609413DBF74238A1941BDCE1F51D03 Ref B: TLV30EDGE0109 Ref C: 2026-01-12T18:34:32Z expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * x-cache CONFIG_NOCACHE date Mon, 12 Jan 2026 18:34:32 GMT
GET H2	200	/ www.google.co.il/pagead/1p-conversion/17223476229/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/17223476229/?random=1291879585&cv=11&fst=1768242872674&bg=ffffff&guid=ON&async=1&en=conversion&gtm=45be6180v9239506606z8862212920za2... https://www.google.com/pagead/1p-conversion/17223476229/?random=1291879585&cv=11&fst=1768242872674&bg=ffffff&guid=ON&async=1&en=conversion&gtm=45be6180v9239506606z8862212920za20gzb862212920zd862212... https://www.google.co.il/pagead/1p-conversion/17223476229/?random=1291879585&cv=11&fst=1768242872674&bg=ffffff&guid=ON&async=1&en=conversion&gtm=45be6180v9239506606z8862212920za20gzb862212920zd8622...	42 B 108 B	141ms 141ms	Image image/gif	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.il/pagead/1p-conversion/17223476229/?random=1291879585&cv=11&fst=1768242872674&bg=ffffff&guid=ON&async=1&en=conversion&gtm=45be6180v9239506606z8862212920za20gzb862212920zd862212920xea&gcd=13l3l3l3l1l1&dma=0&tag_exp=103116026~103200004~104527906~104528501~104684208~104684211~105391252~115616986~115938465~115938469~116514482~116682876&u_w=1600&u_h=1200&url=https%3A%2F%2Fdangnhapfun88-3.com%2F&label=eXWVCKmohKIbEIXI5ZRA&capi=1&frm=0&tiba=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&value=0&hn=www.googleadservices.com&npa=0&pscdl=noapi&auid=1850796051.1768242872&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&_tu=CA&gcl_ctr=1~0&em=tv.1&fmt=3&ct_cookie_present=false&crd=CPLOsQIItN6xAgihuLECCLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgi0xrECCPvYsQII29yxAgjZ17ECCIfbsQII08WxAgjrzLECCO3OsQII1c-xAgju0LECCJfUsQIIyduxAgjF3LECSjBub3QtZXZlbnQtc291cmNlLCBub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIDCgED&cerd=CgEA&fsk=ChEIgNSSywYQjPz14Ka0vtm_ARIsACaNjXcs3m8f9ddr1BzyDjJO94c-XZb7CVCce9RWhhk7CMd-M4dAY8qx33caAoSE&is_vtc=1&cid=CAQSfwDCSxrRIJ_kQLSX3wTukS34-JomBloJDVchZXHmK7v55qXi5Jjy5ANuv98G59pKpyYEKV13tPm9l8y3JWzKIPkr1G9AUFYJ_vDsckZWaU3LgsDdtXO8IZFy1lC40NImP0niUQa8ndF7W8swhjRcvfNecPhIw5QUsanxgsTKlPg&eitems=ChAIgNSSywYQhcKKobaSvehnEh0AGLMYytCyaeerjEArl3av617iQFUD9jTrRiz8cg&random=2295053580&ipr=y&pscrd=IhMI3Z_DgtKGkgMVa1n2CB21EhqTMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhxodHRwczovL2RhbmduaGFwZnVuODgtMy5jb20vQlZDaEFJZ05TU3l3WVF1dTY3emVuVXdadGNFaXdBR3FCLWJuS25NbXAzMWFGQXFtdnZELUZMMDMtUFZjeFdVVW5KUFpiWndvMDNDRzdXNVk5TzRyVkhsUXoMCAliCAgAEAAYACAAggEFcAGIAQE Protocol H2 Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Mon, 12 Jan 2026 18:34:33 GMT x-xss-protection 0 content-type image/gif server cafe Redirect headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * location https://www.google.co.il/pagead/1p-conversion/17223476229/?random=1291879585&cv=11&fst=1768242872674&bg=ffffff&guid=ON&async=1&en=conversion&gtm=45be6180v9239506606z8862212920za20gzb862212920zd862212920xea&gcd=13l3l3l3l1l1&dma=0&tag_exp=103116026~103200004~104527906~104528501~104684208~104684211~105391252~115616986~115938465~115938469~116514482~116682876&u_w=1600&u_h=1200&url=https%3A%2F%2Fdangnhapfun88-3.com%2F&label=eXWVCKmohKIbEIXI5ZRA&capi=1&frm=0&tiba=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&value=0&hn=www.googleadservices.com&npa=0&pscdl=noapi&auid=1850796051.1768242872&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&_tu=CA&gcl_ctr=1~0&em=tv.1&fmt=3&ct_cookie_present=false&crd=CPLOsQIItN6xAgihuLECCLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgi0xrECCPvYsQII29yxAgjZ17ECCIfbsQII08WxAgjrzLECCO3OsQII1c-xAgju0LECCJfUsQIIyduxAgjF3LECSjBub3QtZXZlbnQtc291cmNlLCBub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIDCgED&cerd=CgEA&fsk=ChEIgNSSywYQjPz14Ka0vtm_ARIsACaNjXcs3m8f9ddr1BzyDjJO94c-XZb7CVCce9RWhhk7CMd-M4dAY8qx33caAoSE&is_vtc=1&cid=CAQSfwDCSxrRIJ_kQLSX3wTukS34-JomBloJDVchZXHmK7v55qXi5Jjy5ANuv98G59pKpyYEKV13tPm9l8y3JWzKIPkr1G9AUFYJ_vDsckZWaU3LgsDdtXO8IZFy1lC40NImP0niUQa8ndF7W8swhjRcvfNecPhIw5QUsanxgsTKlPg&eitems=ChAIgNSSywYQhcKKobaSvehnEh0AGLMYytCyaeerjEArl3av617iQFUD9jTrRiz8cg&random=2295053580&ipr=y&pscrd=IhMI3Z_DgtKGkgMVa1n2CB21EhqTMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhxodHRwczovL2RhbmduaGFwZnVuODgtMy5jb20vQlZDaEFJZ05TU3l3WVF1dTY3emVuVXdadGNFaXdBR3FCLWJuS25NbXAzMWFGQXFtdnZELUZMMDMtUFZjeFdVVW5KUFpiWndvMDNDRzdXNVk5TzRyVkhsUXoMCAliCAgAEAAYACAAggEFcAGIAQE pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Mon, 12 Jan 2026 18:34:33 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	/ www.google.com/pagead/1p-user-list/604785482/	42 B 64 B	139ms 138ms	Image image/gif	142.250.186.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/604785482/?random=1768242872726&cv=11&fst=1768240800000&bg=ffffff&guid=ON&async=1&gtm=45be6180v9171887271z8862212920za20gzb862212920zd862212920xea&gcd=13l3l3l3l1l1&dma=0&tag_exp=103116026~103200004~104527906~104528501~104684208~104684211~105391252~115616986~115938465~115938469~116514482~116682876&u_w=1600&u_h=1200&url=https%3A%2F%2Fdangnhapfun88-3.com%2F&frm=0&tiba=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&hn=www.googleadservices.com&npa=0&pscdl=noapi&auid=1850796051.1768242872&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_tu=CA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSfwDnonV5Nz1QDHek5d498V9E90nPIS5TFVUQWUpxgAwoW8Emww-lDADn5yibnai027hgjy34A2k1jnJSEPLJY3Mcw-Z_gP1SccHQxhe-Z3__G4n8drbAjWf5svaFUKQOBOdbVY7gVXkZXPeJksUVN3WTnMz9fo0S3Gkti_3g4BI&random=549289200&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Mon, 12 Jan 2026 18:34:33 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	/ www.google.co.il/pagead/1p-user-list/604785482/	42 B 455 B	400ms 136ms	Image image/gif	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.il/pagead/1p-user-list/604785482/?random=1768242872726&cv=11&fst=1768240800000&bg=ffffff&guid=ON&async=1&gtm=45be6180v9171887271z8862212920za20gzb862212920zd862212920xea&gcd=13l3l3l3l1l1&dma=0&tag_exp=103116026~103200004~104527906~104528501~104684208~104684211~105391252~115616986~115938465~115938469~116514482~116682876&u_w=1600&u_h=1200&url=https%3A%2F%2Fdangnhapfun88-3.com%2F&frm=0&tiba=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&hn=www.googleadservices.com&npa=0&pscdl=noapi&auid=1850796051.1768242872&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_tu=CA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSfwDnonV5Nz1QDHek5d498V9E90nPIS5TFVUQWUpxgAwoW8Emww-lDADn5yibnai027hgjy34A2k1jnJSEPLJY3Mcw-Z_gP1SccHQxhe-Z3__G4n8drbAjWf5svaFUKQOBOdbVY7gVXkZXPeJksUVN3WTnMz9fo0S3Gkti_3g4BI&random=549289200&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Mon, 12 Jan 2026 18:34:33 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	/ www.google.com/pagead/1p-user-list/866006020/	42 B 64 B	138ms 137ms	Image image/gif	142.250.186.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/866006020/?random=1768242872763&cv=11&fst=1768240800000&bg=ffffff&guid=ON&async=1&gtm=45be6180v9236153979z8862212920za20gzb862212920zd862212920xea&gcd=13l3l3l3l1l1&dma=0&tag_exp=103116026~103200004~104527906~104528500~104573694~104684208~104684211~105391253~115938465~115938469~116514482~116682876&u_w=1600&u_h=1200&url=https%3A%2F%2Fdangnhapfun88-3.com%2F&frm=0&tiba=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&hn=www.googleadservices.com&npa=0&pscdl=noapi&auid=1850796051.1768242872&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_tu=CA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSfwDCSxrRHeivEZgkCIUASqlmnh7jjRpDubEooepnYzL14g2-vPDh_Mm5MN4IyF20xEyvDP_QwLCnNaDRw29Hua0gnVcQ87r02ZJlx74y_IB3BRz23ooV-upHMN6VzamNyalM3ZZewR1NBOmc3WAXqm5ycVyLVs7-k05oipohSqk&random=1239612855&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Mon, 12 Jan 2026 18:34:33 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	/ www.google.co.il/pagead/1p-user-list/866006020/	42 B 108 B	398ms 138ms	Image image/gif	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.il/pagead/1p-user-list/866006020/?random=1768242872763&cv=11&fst=1768240800000&bg=ffffff&guid=ON&async=1&gtm=45be6180v9236153979z8862212920za20gzb862212920zd862212920xea&gcd=13l3l3l3l1l1&dma=0&tag_exp=103116026~103200004~104527906~104528500~104573694~104684208~104684211~105391253~115938465~115938469~116514482~116682876&u_w=1600&u_h=1200&url=https%3A%2F%2Fdangnhapfun88-3.com%2F&frm=0&tiba=DEWIDEWITOTO%20promo%20bonus%20cashback%20mingguan%20untuk%20semua%20member&hn=www.googleadservices.com&npa=0&pscdl=noapi&auid=1850796051.1768242872&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_tu=CA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSfwDCSxrRHeivEZgkCIUASqlmnh7jjRpDubEooepnYzL14g2-vPDh_Mm5MN4IyF20xEyvDP_QwLCnNaDRw29Hua0gnVcQ87r02ZJlx74y_IB3BRz23ooV-upHMN6VzamNyalM3ZZewR1NBOmc3WAXqm5ycVyLVs7-k05oipohSqk&random=1239612855&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Mon, 12 Jan 2026 18:34:33 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	clarity.js Show response scripts.clarity.ms/0.8.47/	78 KB 26 KB	343ms 98ms	Script application/javascript	13.107.246.45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://scripts.clarity.ms/0.8.47/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/uet/199015794?conversions=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash dce02c2e002125b56c8ae2ecbc21dd995d7dc391d85f3e6d2adb5c0355b86242 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://dangnhapfun88-3.com/ Response headers x-azure-ref 20260112T183433Z-r1b9cb48996jjcsghC1TLV4hfg0000000pb00000000063s9 x-ms-version 2018-03-28 content-encoding br etag W/"0x8DE5138DC2504C3" x-fd-int-roxy-purgeid 0 x-ms-request-id 98b03199-401e-0078-22b1-838d23000000 access-control-allow-origin * x-cache TCP_HIT date Mon, 12 Jan 2026 18:34:33 GMT content-type application/javascript;charset=utf-8 vary Accept-Encoding last-modified Sun, 11 Jan 2026 17:42:58 GMT
GET		c.gif c.bing.com/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A3D160F445914579826490741DF1AF5D&RedC=c.clarity.ms&MXFR=1E8F4F1F679F6963107059C0639F6762	0 0
POST H/1.1	204 No Content	collect Show response y.clarity.ms/	0 283 B	992ms 447ms	XHR text/plain	172.171.87.38
General Check archive.org Show headers Download Go to Full URL https://y.clarity.ms/collect Requested by Host: scripts.clarity.ms URL: https://scripts.clarity.ms/0.8.47/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.171.87.38 -, , ASN (), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Accept application/x-clarity-gzip Referer https://dangnhapfun88-3.com/ Response headers Request-Context appId=cid-v1:9be176e0-8728-424b-869d-39f1780884cb Access-Control-Allow-Origin https://dangnhapfun88-3.com Date Mon, 12 Jan 2026 18:34:34 GMT Vary Origin Server nginx Connection keep-alive Access-Control-Allow-Credentials true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

c.bing.com

URL

https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A3D160F445914579826490741DF1AF5D&RedC=c.clarity.ms&MXFR=1E8F4F1F679F6963107059C0639F6762