muaban.net Open in urlscan Pro
2606:4700:10::ac43:f4e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id6243...
Submission: On April 27 via manual (April 27th 2021, 6:05:44 pm UTC) from VN

Summary HTTP 103 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 37 IPs in 4 countries across 18 domains to perform 103 HTTP transactions. The main IP is 2606:4700:10::ac43:f4e, located in United States and belongs to CLOUDFLARENET, US. The main domain is muaban.net.
TLS certificate: Issued by Entrust Certification Authority - L1M on June 27th 2019. Valid for: 2 years.

This is the only time muaban.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:10:... 2606:4700:10::ac43:f4e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:1382	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	49.213.114.132 49.213.114.132	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:a772	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	120.138.69.5 120.138.69.5	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
2	120.138.69.12 120.138.69.12	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
1	49.213.114.149 49.213.114.149	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
103	37

16 2606:4700:10::ac43:f4e (United States)

ASN13335 (CLOUDFLARENET, US)

muaban.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1382 (United States)

ASN13335 (CLOUDFLARENET, US)

cloud.muaban.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 49.213.114.132 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)

sp.zalo.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:a772 (United States)

ASN13335 (CLOUDFLARENET, US)

muaban.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 120.138.69.5 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)
PTR: ptr.vng.vn

stc.za.zaloapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 120.138.69.12 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)
PTR: ptr.vng.vn

stc.sp.zdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.213.114.149 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)

za.zalo.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	280 KB
18	muaban.net muaban.net cloud.muaban.net	137 KB
15	doubleclick.net 1 redirects googleads.g.doubleclick.net ad.doubleclick.net stats.g.doubleclick.net	66 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	102 KB
6	google-analytics.com www.google-analytics.com	55 KB
6	google.com 1 redirects adservice.google.com www.google.com	573 B
5	google.de adservice.google.de www.google.de	550 B
4	facebook.net connect.facebook.net	162 KB
3	zalo.me sp.zalo.me za.zalo.me	31 KB
3	googletagservices.com www.googletagservices.com	98 KB
2	zdn.vn stc.sp.zdn.vn	4 KB
2	facebook.com www.facebook.com	273 B
2	useinsider.com muaban.api.useinsider.com	86 KB
2	googleadservices.com partner.googleadservices.com www.googleadservices.com	15 KB
1	zaloapp.com stc.za.zaloapp.com	14 KB
1	googletagmanager.com www.googletagmanager.com	43 KB
1	googleapis.com fonts.googleapis.com	578 B
1	onesignal.com cdn.onesignal.com	3 KB
103	18

	Domain	Requested by
16	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com muaban.net googleads.g.doubleclick.net
16	muaban.net	muaban.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com muaban.net googleads.g.doubleclick.net www.googleadservices.com
9	pagead2.googlesyndication.com	muaban.net pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	1 redirects
4	www.google.de
4	connect.facebook.net	muaban.net connect.facebook.net
3	stats.g.doubleclick.net	www.google-analytics.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	stc.sp.zdn.vn	sp.zalo.me
2	www.facebook.com	connect.facebook.net
2	muaban.api.useinsider.com	www.googletagmanager.com muaban.api.useinsider.com
2	sp.zalo.me	muaban.net sp.zalo.me
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	cloud.muaban.net	muaban.net
1	za.zalo.me	stc.za.zaloapp.com
1	stc.za.zaloapp.com	sp.zalo.me
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	muaban.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.onesignal.com	muaban.net
103	27

This site contains links to these domains. Also see Links.

Domain
id.muaban.net
congty.muaban.net
epaper.muaban.net
blog.muaban.net
mogi.vn
apps.apple.com
play.google.com
www.facebook.com
youtube.com
zalo.me
online.gov.vn

Subject Issuer	Validity	Valid
muaban.net Entrust Certification Authority - L1M	`2019-06-27` - `2021-06-28`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.zalo.me DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-07-24`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2021-03-08` - `2022-03-07`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.zaloapp.com DigiCert SHA2 Secure Server CA	`2019-12-10` - `2022-01-19`	2 years	crt.sh
*.zdn.vn DigiCert SHA2 Secure Server CA	`2019-07-04` - `2021-09-01`	2 years	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
Frame ID: DA2EC09283720C1CB59FA782920DC889
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/zrt_lookup.html
Frame ID: 825F2DAAF29CE2E81A69008A4FB38332
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3000426983537206&output=html&h=90&slotname=8303536901&adk=3952930891&adf=4256982266&pi=t.ma~as.8303536901&w=672&lmt=1619546716&rafmt=12&psa=0&format=672x90&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716908&bpp=8&bdt=1703&idt=61&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6184824241837&frm=20&pv=2&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=304&ady=1807&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7Wcm2JFfNO&p=https%3A//muaban.net&dtd=76
Frame ID: B0FCEC2C09BF55DCADBD8F50E3BADD7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3000426983537206&output=html&h=600&slotname=1188707486&adk=3232104161&adf=3072462398&pi=t.ma~as.1188707486&w=300&fwrn=4&fwrnh=100&lmt=1619546716&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716917&bpp=3&bdt=1712&idt=76&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=672x90&correlator=6184824241837&frm=20&pv=1&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=349&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iwTgNS9y08&p=https%3A//muaban.net&dtd=79
Frame ID: 1798CF3CC6451238A31116301AF1682F
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3000426983537206&output=html&h=250&slotname=2827848940&adk=3525220402&adf=181143286&pi=t.ma~as.2827848940&w=0&lmt=1619546717&rafmt=12&psa=0&format=0x250&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716920&bpp=1&bdt=1715&idt=81&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=672x90%2C300x600&correlator=6184824241837&frm=20&pv=1&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hfiLFNXDOP&p=https%3A//muaban.net&dtd=85
Frame ID: 1AF36315945B2559FFC881325CEF7FB5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3000426983537206&output=html&adk=1812271804&adf=3025194257&lmt=1619546717&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716921&bpp=1&bdt=1716&idt=86&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=672x90%2C300x600%2C0x250&nras=1&correlator=6184824241837&frm=20&pv=1&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=89
Frame ID: FF6B5E294056A680A3EBC0625C9D3A88
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: B7AFDC55091A47556C49C98801257806
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7341577972064756845/468x60/index.html
Frame ID: 1CF2ED5155649C98C7AC48D078E2219D
Requests: 6 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=COjdqdaBn_ACFXjyuwgdiKECFg;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3786979604;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: 3E9E28251B75A1CC2DAB2F2F633246F6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: DD4CDC59EDC866B69DA754A941C484D5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js
Frame ID: 3DDF36574C21CEAF3C9FAD61CB4D1B9C
Requests: 1 HTTP requests in this frame

Frame: https://muaban.api.useinsider.com/worker-new.html
Frame ID: F7D5D0D357EEB9A1ABF830C9A42BEF2D
Requests: 1 HTTP requests in this frame

Frame: https://sp.zalo.me/plugins/share?dev=null&color=blue&oaid=579745863508352884&href=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&layout=1&customize=true&callback=null&id=41a67768-7b25-4ef5-be14-d4ae41ffcef5&domain=muaban.net&android=false&ios=false
Frame ID: 739697C1DE8E34EB7B93EBB3E226ED4A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

103
Requests

99 %
HTTPS

81 %
IPv6

18
Domains

27
Subdomains

37
IPs

4
Countries

1099 kB
Transfer

3157 kB
Size

1
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://id.muaban.net/?t=637551659738913108
Title: Đăng nhập

Search URL Search Domain Scan URL

URL: https://congty.muaban.net/dich-vu-tin-dang-online/
Title: Tin quảng cáo

Search URL Search Domain Scan URL

URL: https://congty.muaban.net/mo-rong-mang-luoi-dai-ly-diem-nhan-tin-khu-vuc-ha-noi-va-lan-can/
Title: Mở rộng mạng lưới đại lý - điểm nhận tin tại Hà Nội và lân cận

Search URL Search Domain Scan URL

URL: https://congty.muaban.net/gioi-thieu/
Title: Giới thiệu

Search URL Search Domain Scan URL

URL: https://congty.muaban.net/quy-che-hoat-dong/
Title: Quy chế hoạt động

Search URL Search Domain Scan URL

URL: https://congty.muaban.net/dieu-khoan-su-dung/
Title: Điều khoản sử dụng

Search URL Search Domain Scan URL

URL: https://congty.muaban.net/tro-giup/nguoi-mua/
Title: Mua hàng an toàn

Search URL Search Domain Scan URL

URL: https://congty.muaban.net/tin-tuc/
Title: Tin tức & khuyến mãi

Search URL Search Domain Scan URL

URL: https://congty.muaban.net/tag/dang-tin-muaban-net/
Title: Hỗ trợ đăng tin

Search URL Search Domain Scan URL

URL: https://congty.muaban.net/tag/thanh-toan/
Title: Hướng dẫn thanh toán

Search URL Search Domain Scan URL

URL: https://epaper.muaban.net/ho-chi-minh.htm
Title: Báo Mua&Bán TPHCM

Search URL Search Domain Scan URL

URL: https://epaper.muaban.net/ha-noi.htm
Title: Báo Mua&Bán Hà Nội

Search URL Search Domain Scan URL

URL: https://blog.muaban.net/
Title: Cẩm Nang Mua Bán

Search URL Search Domain Scan URL

URL: https://mogi.vn/tim-moi-gioi
Title: Môi giới Bất động sản

Search URL Search Domain Scan URL

URL: https://mogi.vn/gia-nha-dat
Title: Giá nhà đất

Search URL Search Domain Scan URL

URL: https://apps.apple.com/vn/app/mua-ban-%C4%91%C4%83ng-tin-rao-v%E1%BA%B7t/id1034726283

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=net.muaban.docbao

Search URL Search Domain Scan URL

URL: https://www.facebook.com/baomuaban

Search URL Search Domain Scan URL

URL: http://youtube.com/c/baomuabantv

Search URL Search Domain Scan URL

URL: https://zalo.me/2756777849210475923

Search URL Search Domain Scan URL

URL: http://online.gov.vn/HomePage/WebsiteDisplay.aspx?DocId=9110

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3786979604;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=COjdqdaBn_ACFXjyuwgdiKECFg;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3786979604;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 45

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

103 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450 Show response
muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/ 98 KB
27 KB 1349ms
1298ms Document
text/html 2606:4700:10::ac43:f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afbc2179595836cb069ce7a28ecb5e591e9128c1a41c37b74235e88024910c90

Request headers

:method: GET
:authority: muaban.net
:scheme: https
:path: /lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:15 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d3202422c3ea0291f88613824777e62261619546713; expires=Thu, 27-May-21 18:05:13 GMT; path=/; domain=.muaban.net; HttpOnly; SameSite=Lax; Secure
cache-control: public, max-age=300
vary: Accept-Encoding
x-cache: HIT
cf-cache-status: MISS
cf-request-id: 09b61ac73100001f292b9df000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6469fa51e9381f29-FRA
content-encoding: gzip

GET
H2 200 detail2.min.css
muaban.net/Content/ 8 KB
3 KB 34ms
34ms Stylesheet
text/css 2606:4700:10::ac43:f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://muaban.net/Content/detail2.min.css?v=20210415
Requested by: Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79dd3703fe742a95c8fe621e74a5dd5596d99dc3e5fdefcb1f8c2f12e4e22a06

Request headers

:path: /Content/detail2.min.css?v=20210415
pragma: no-cache
cookie: __cfduid=d3202422c3ea0291f88613824777e62261619546713
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: muaban.net
referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 712580
x-cache: MISS
content-length: 2423
cf-request-id: 09b61acc4a00001f2948891000000001
last-modified: Wed, 07 Apr 2021 01:48:32 GMT
server: cloudflare
etag: "95a0a71d502bd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 6469fa5a09f51f29-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38915c5dc1e45b8236888c33371c08cb547c7bfa9d3edfbf54e2a6c7042a2127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48208
x-xss-protection: 0
server: cafe
etag: 3202113108096534364
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 18:05:15 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 32ms
14ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53d498637d3729f9082115b547255e3741d328021543c3cc38814a1112a26901

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:15 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 1964
etag: W/"d199313092146033fbc76e9fc961ead7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6469fa5a3e0d16e6-FRA
cf-request-id: 09b61acc62000016e6853e7000000001
expires: Fri, 30 Apr 2021 18:05:15 GMT

GET
H2 200 Layout.js Show response
muaban.net/ScriptsApp/Views/ 6 KB
2 KB 30ms
28ms Script
application/javascript 2606:4700:10::ac43:f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://muaban.net/ScriptsApp/Views/Layout.js?v=20210415
Requested by: Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e260862291123471876481d6cac0cb31c1e91102dc105fa8d78dd7749230f703

Request headers

:path: /ScriptsApp/Views/Layout.js?v=20210415
pragma: no-cache
cookie: __cfduid=d3202422c3ea0291f88613824777e62261619546713
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: muaban.net
referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 474160
cf-polished: origSize=9061
x-cache: MISS
cf-request-id: 09b61acc5500001f291d92f000000001
last-modified: Mon, 12 Apr 2021 02:23:51 GMT
server: cloudflare
etag: W/"b2dfde0422fd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
cf-ray: 6469fa5a1a0d1f29-FRA
cf-bgj: minify

GET
H2 200 424af9b173b04d66a3da9fe2dc44b46c.jpg
cloud.muaban.net/images/thumb-detail/2021/04/27/031/ 58 KB
59 KB 1667ms
1635ms Image
image/jpeg 2606:4700:10::6816:1382
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloud.muaban.net/images/thumb-detail/2021/04/27/031/424af9b173b04d66a3da9fe2dc44b46c.jpg
Requested by: Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1382 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24fd25e112d3e772e9fd6025392f043b7d8ead61d9ab87e10f62dea7b131d69c

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:16 GMT
cf-cache-status: MISS
server: cloudflare
apigw-requestid: edHOaj-KSQ0EJMw=
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536001
x-error
accept-ranges: bytes
cf-ray: 6469fa5a4a2ec2bd-FRA
content-length: 59795
cf-request-id: 09b61acc6e0000c2bdd895b000000001

GET
H2 200 1x1.gif
muaban.net/content/images/ 43 B
199 B 29ms
27ms Image
image/gif 2606:4700:10::ac43:f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://muaban.net/content/images/1x1.gif
Requested by: Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:path: /content/images/1x1.gif
pragma: no-cache
cookie: __cfduid=d3202422c3ea0291f88613824777e62261619546713
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: muaban.net
referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:15 GMT
cf-cache-status: HIT
age: 607238
cf-polished: status=not_needed
x-cache: MISS
content-length: 43
cf-request-id: 09b61acc5500001f29711b8000000001
last-modified: Fri, 08 Jun 2018 02:47:50 GMT
server: cloudflare
etag: "3d3d3f17d3fed31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 6469fa5a1a141f29-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 fd2489c5648a4412a4ad830b0bb35e54.jpg
cloud.muaban.net/images/thumb-glist/2021/02/24/147/ 6 KB
6 KB 57ms
25ms Image
image/jpeg 2606:4700:10::6816:1382
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloud.muaban.net/images/thumb-glist/2021/02/24/147/fd2489c5648a4412a4ad830b0bb35e54.jpg
Requested by: Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1382 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb1d22ee777fbb68261ae5849edcabb1c41d52af0116ba859ed2f87c2d8755f

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:15 GMT
cf-cache-status: HIT
age: 10985
cf-polished: origSize=6269
x-error
content-length: 6066
cf-request-id: 09b61acc6e0000c2bdf90d9000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
apigw-requestid: ecsZ7ikfyQ0EPEQ=
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536001
accept-ranges: bytes
cf-ray: 6469fa5a4a2fc2bd-FRA

GET
H2 200 cho-quang-cao-1.png
muaban.net/Content/images/qc/ 9 KB
10 KB 20ms
18ms Image
image/png 2606:4700:10::ac43:f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://muaban.net/Content/images/qc/cho-quang-cao-1.png
Requested by: Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ef6932c99bd03d97119937b64466fe4ad67f811e0a78945543dacfd11220fb8

Request headers

:path: /Content/images/qc/cho-quang-cao-1.png
pragma: no-cache
cookie: __cfduid=d3202422c3ea0291f88613824777e62261619546713
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: muaban.net
referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:15 GMT
cf-cache-status: HIT
age: 389455
cf-polished: origSize=9794
x-cache: MISS
content-length: 9662
cf-request-id: 09b61acc5500001f2932854000000001
last-modified: Mon, 30 Nov 2020 08:17:33 GMT
server: cloudflare
etag: "f60f040f1c6d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 6469fa5a1a171f29-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 mbn.svg
muaban.net/fonts/ 4 KB
2 KB 31ms
29ms Other
image/svg+xml 2606:4700:10::ac43:f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://muaban.net/fonts/mbn.svg
Requested by: Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 264b6c933f181b4a2f907d105d872ae19bd0da391c1cef8532388c5f86b93413

Request headers

:path: /fonts/mbn.svg
pragma: no-cache
cookie: __cfduid=d3202422c3ea0291f88613824777e62261619546713
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: same-origin
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: muaban.net
referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 10 Mar 2020 02:04:02 GMT
server: cloudflare
age: 402
etag: W/"e88cb2b80f6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: max-age=900
cf-ray: 6469fa5a1a1a1f29-FRA
cf-request-id: 09b61acc5500001f295d0f0000000001

GET
H2 200 siema.min.js Show response
muaban.net/scripts/ 12 KB
4 KB 28ms
27ms Script
application/javascript 2606:4700:10::ac43:f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://muaban.net/scripts/siema.min.js?v=20210415
Requested by: Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ebfa996e00b5996c405b134e1efe921ef064d8185810e5ad6a7b71155dcde56

Request headers

:path: /scripts/siema.min.js?v=20210415
pragma: no-cache
cookie: __cfduid=d3202422c3ea0291f88613824777e62261619546713
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: muaban.net
referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 712580
x-cache: MISS
content-length: 3813
cf-request-id: 09b61acc5500001f2952801000000001
last-modified: Wed, 13 May 2020 07:21:52 GMT
server: cloudflare
etag: "b6c2722cf728d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 6469fa5a1a1d1f29-FRA

GET
H2 200 lozad.min.js Show response
muaban.net/scripts/ 3 KB
2 KB 32ms
31ms Script
application/javascript 2606:4700:10::ac43:f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://muaban.net/scripts/lozad.min.js?v=20210415
Requested by: Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cb0dcf2f6ec0615a804858f8a0bc47cd3a68977ace2eb937f1848c0dec69b1a

Request headers

:path: /scripts/lozad.min.js?v=20210415
pragma: no-cache
cookie: __cfduid=d3202422c3ea0291f88613824777e62261619546713
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: muaban.net
referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 712580
x-cache: MISS
content-length: 1428
cf-request-id: 09b61acc6600001f29458cb000000001
last-modified: Tue, 10 Mar 2020 02:04:02 GMT
server: cloudflare
etag: "ed8bc2b80f6d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 6469fa5a3a531f29-FRA

GET
H2 200 Detail.js Show response
muaban.net/ScriptsApp/Views/ 19 KB
5 KB 29ms
26ms Script
application/javascript 2606:4700:10::ac43:f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://muaban.net/ScriptsApp/Views/Detail.js?v=20210415
Requested by: Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2cb6eea5e458f9920467e536edae265d5b38114ed4c1013442f5854f6cde650

Request headers

:path: /ScriptsApp/Views/Detail.js?v=20210415
pragma: no-cache
cookie: __cfduid=d3202422c3ea0291f88613824777e62261619546713
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: muaban.net
referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 712580
cf-polished: origSize=28245
x-cache: MISS
cf-request-id: 09b61acc7400001f2913806000000001
last-modified: Fri, 16 Apr 2021 05:43:57 GMT
server: cloudflare
etag: W/"45c24d7e8332d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
cf-ray: 6469fa5a5a791f29-FRA
cf-bgj: minify

GET
H2 200 mbn-qrcode.png
muaban.net/Content/images/qrcode/ 2 KB
2 KB 28ms
26ms Image
image/png 2606:4700:10::ac43:f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://muaban.net/Content/images/qrcode/mbn-qrcode.png
Requested by: Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b49b514d1205276e6748e4d00a867a63b02d2d3f112559e76657fc405ac06bd1

Request headers

:path: /Content/images/qrcode/mbn-qrcode.png
pragma: no-cache
cookie: __cfduid=d3202422c3ea0291f88613824777e62261619546713
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: muaban.net
referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:15 GMT
cf-cache-status: HIT
age: 474159
cf-polished: origSize=2804
x-cache: MISS
content-length: 1885
cf-request-id: 09b61acc7400001f295c07a000000001
last-modified: Fri, 08 Jun 2018 02:47:54 GMT
server: cloudflare
etag: "fb26d319d3fed31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 6469fa5a5a7c1f29-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 gov.png
muaban.net/content/images/ 10 KB
10 KB 20ms
18ms Image
image/png 2606:4700:10::ac43:f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://muaban.net/content/images/gov.png
Requested by: Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8516fdd9140b30ce114cbe6d7d8b92ea81c99fca498cca52f862ddac1b63a823

Request headers

:path: /content/images/gov.png
pragma: no-cache
cookie: __cfduid=d3202422c3ea0291f88613824777e62261619546713
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: muaban.net
referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:15 GMT
cf-cache-status: HIT
age: 474158
cf-polished: origSize=15424
x-cache: MISS
content-length: 9924
cf-request-id: 09b61acc7400001f2957802000000001
last-modified: Mon, 24 Jun 2019 03:47:44 GMT
server: cloudflare
etag: "ebe08e943f2ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 6469fa5a5a7d1f29-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 UserLogin Show response
muaban.net/info/ 24 B
108 B 1067ms
1067ms Fetch
application/json 2606:4700:10::ac43:f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://muaban.net/info/UserLogin?rd=0.8917008971572236
Requested by: Host: muaban.net
URL: https://muaban.net/ScriptsApp/Views/Layout.js?v=20210415
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58f547f347c4f3c8feed01bf528952a1f05e993f6a492576b4e4ffe968476dfd

Request headers

:path: /info/UserLogin?rd=0.8917008971572236
pragma: no-cache
cookie: __cfduid=d3202422c3ea0291f88613824777e62261619546713
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: muaban.net
referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:17 GMT
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
cache-control: private
accept-ranges: bytes
cf-ray: 6469fa649f821f29-FRA
content-length: 24
cf-request-id: 09b61ad2dd00001f29501d2000000001

GET
H2 200 Detail2 Show response
muaban.net/info/ 48 B
274 B 1039ms
1039ms Fetch
application/json 2606:4700:10::ac43:f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://muaban.net/info/Detail2?rd=0.4713311206583357&classifiedId=62438450
Requested by: Host: muaban.net
URL: https://muaban.net/ScriptsApp/Views/Detail.js?v=20210415
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b716b185297254c2898e71edcc8986481f8a4d71721f00f4b0c26c9364654a0

Request headers

:path: /info/Detail2?rd=0.4713311206583357&classifiedId=62438450
pragma: no-cache
cookie: __cfduid=d3202422c3ea0291f88613824777e62261619546713
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: muaban.net
referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:17 GMT
content-encoding: gzip
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
cache-control: private
set-cookie: MBNClientId=cb16750f-7f11-49cb-ad36-93b69657b67e; expires=Sun, 27-Apr-2121 18:05:17 GMT; path=/
cf-ray: 6469fa649f851f29-FRA
cf-request-id: 09b61ad2de00001f2948924000000001

GET
H2 200 image.png
muaban.net/Content/images/introAppMB/ 5 KB
5 KB 21ms
21ms Image
image/png 2606:4700:10::ac43:f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://muaban.net/Content/images/introAppMB/image.png
Requested by: Host: muaban.net
URL: https://muaban.net/Content/detail2.min.css?v=20210415
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f0a00a6dede9a19d80f4b830a6178aee60f648b5d4b58ac72ffff39a00e36bc

Request headers

:path: /Content/images/introAppMB/image.png
pragma: no-cache
cookie: __cfduid=d3202422c3ea0291f88613824777e62261619546713
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: muaban.net
referer: https://muaban.net/Content/detail2.min.css?v=20210415
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://muaban.net/Content/detail2.min.css?v=20210415
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:16 GMT
cf-cache-status: HIT
age: 391778
cf-polished: origSize=6875
x-cache: MISS
content-length: 4872
cf-request-id: 09b61ad2e200001f292f32d000000001
last-modified: Fri, 08 Jun 2018 02:47:53 GMT
server: cloudflare
etag: "acfef618d3fed31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 6469fa649f901f29-FRA
cf-bgj: imgq:100,h2pri

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ 223 KB
83 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3000426983537206&plah=muaban.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 18:05:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/ Frame 825F 10 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210422/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://muaban.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://muaban.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 26 Apr 2021 19:34:12 GMT
expires: Mon, 10 May 2021 19:34:12 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 81064
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
639 B 38ms
15ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=muaban.net&callback=_gfp_s_&client=ca-pub-3000426983537206

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3000426983537206&plah=muaban.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

c2b70af99c3ce932305e43d8ee1874d5ca18f185d431de495880dcb84dd2482f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=muaban.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 18:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=muaban.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 18:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B0FC 113 KB
35 KB 403ms
401ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3000426983537206&output=html&h=90&slotname=8303536901&adk=3952930891&adf=4256982266&pi=t.ma~as.8303536901&w=672&lmt=1619546716&rafmt=12&psa=0&format=672x90&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716908&bpp=8&bdt=1703&idt=61&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6184824241837&frm=20&pv=2&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=304&ady=1807&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7Wcm2JFfNO&p=https%3A//muaban.net&dtd=76

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3273182bd422a89d6800c0f09ddca2b73128f57172e929f6d0d720903275234

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7341577972064756845/468x60/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7341577972064756845/468x60/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLD7jtaBn_ACFQfDuwgdddMLmg&gqi=XVKIYL8f1dnfA73dk-AI&layout=/sadbundle/%24csp%253Der3%24/7341577972064756845/468x60/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3000426983537206&output=html&h=90&slotname=8303536901&adk=3952930891&adf=4256982266&pi=t.ma~as.8303536901&w=672&lmt=1619546716&rafmt=12&psa=0&format=672x90&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716908&bpp=8&bdt=1703&idt=61&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6184824241837&frm=20&pv=2&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=304&ady=1807&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7Wcm2JFfNO&p=https%3A//muaban.net&dtd=76
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://muaban.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://muaban.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7341577972064756845/468x60/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7341577972064756845/468x60/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLD7jtaBn_ACFQfDuwgdddMLmg&gqi=XVKIYL8f1dnfA73dk-AI&layout=/sadbundle/%24csp%253Der3%24/7341577972064756845/468x60/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 27 Apr 2021 18:05:17 GMT
server: cafe
content-length: 35583
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Apr-2021 18:20:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Apr 2021 18:05:17 GMT
cache-control: private

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 26ms
25ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d4b15c20926ee0d2197fd411f6d77c8e5ae286e1b08efb7ba8ab3ca0e0902a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 18:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6986
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188783439141"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28201
x-xss-protection: 0
expires: Tue, 27 Apr 2021 18:05:16 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1798 76 KB
24 KB 488ms
488ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3000426983537206&output=html&h=600&slotname=1188707486&adk=3232104161&adf=3072462398&pi=t.ma~as.1188707486&w=300&fwrn=4&fwrnh=100&lmt=1619546716&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716917&bpp=3&bdt=1712&idt=76&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=672x90&correlator=6184824241837&frm=20&pv=1&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=349&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iwTgNS9y08&p=https%3A//muaban.net&dtd=79

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

515c9387d795aa4d00777297ec8b2626b6974781fe4004c95abba1cae32dc598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3000426983537206&output=html&h=600&slotname=1188707486&adk=3232104161&adf=3072462398&pi=t.ma~as.1188707486&w=300&fwrn=4&fwrnh=100&lmt=1619546716&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716917&bpp=3&bdt=1712&idt=76&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=672x90&correlator=6184824241837&frm=20&pv=1&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=349&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iwTgNS9y08&p=https%3A//muaban.net&dtd=79
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://muaban.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://muaban.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 27 Apr 2021 18:05:17 GMT
server: cafe
content-length: 24500
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Apr-2021 18:20:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Apr 2021 18:05:17 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1AF3 399 B
222 B 132ms
132ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3000426983537206&output=html&h=250&slotname=2827848940&adk=3525220402&adf=181143286&pi=t.ma~as.2827848940&w=0&lmt=1619546717&rafmt=12&psa=0&format=0x250&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716920&bpp=1&bdt=1715&idt=81&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=672x90%2C300x600&correlator=6184824241837&frm=20&pv=1&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hfiLFNXDOP&p=https%3A//muaban.net&dtd=85

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

351eba3d97591361dd65cd3f3d7acf6f47367c33c52acb7deb60f1f999890554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3000426983537206&output=html&h=250&slotname=2827848940&adk=3525220402&adf=181143286&pi=t.ma~as.2827848940&w=0&lmt=1619546717&rafmt=12&psa=0&format=0x250&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716920&bpp=1&bdt=1715&idt=81&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=672x90%2C300x600&correlator=6184824241837&frm=20&pv=1&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=hfiLFNXDOP&p=https%3A//muaban.net&dtd=85
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://muaban.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://muaban.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 27 Apr 2021 18:05:17 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Apr-2021 18:20:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Apr 2021 18:05:17 GMT
cache-control: private

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&tn=HEADER&cls=navbar&ign=false

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 18:05:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF6B 0
19 B 16ms
16ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3000426983537206&output=html&adk=1812271804&adf=3025194257&lmt=1619546717&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716921&bpp=1&bdt=1716&idt=86&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=672x90%2C300x600%2C0x250&nras=1&correlator=6184824241837&frm=20&pv=1&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=89

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3000426983537206&output=html&adk=1812271804&adf=3025194257&lmt=1619546717&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716921&bpp=1&bdt=1716&idt=86&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=672x90%2C300x600%2C0x250&nras=1&correlator=6184824241837&frm=20&pv=1&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&dtd=89
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://muaban.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://muaban.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 27 Apr 2021 18:05:17 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Apr-2021 18:20:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Apr 2021 18:05:17 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 27 Apr 2021 18:05:17 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame B7AF 12 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://muaban.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://muaban.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 27 Apr 2021 17:12:20 GMT
expires: Wed, 27 Apr 2022 17:12:20 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3177
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame B7AF 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 07:35:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 37803
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Wed, 27 Apr 2022 07:35:14 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=3541983712337132&bg=!3d6l3prNAAZUuIlwVLg7ACkAdvg8WrzzWEEP6TCtarxyy98wjgQ4J0sdZZgifhRhDWeB-eadrYodaAIAAABPUgAAAAxoAQcKAXM0plUIoch_SjX00lA3sDV521wMWZ1D6l2dXA1KGZFYNxXep6K49A69jhm1ONB_3Ja99O9vn7zCWjWuoCHYC_eb78Cj8uZh7Iy_VJEDDFMFTg2lUs-3FISxvXfY-FijVrO1dI2_xQfvOzkD3OYZzR8eAoBIDXnv8dSV9nmiyd329sAZunMuPJ38d68qP1fgPJ1fkCM5xIQSoHisfBREBI-ZGSqfa3kYofe2SwKGw6tvMk7vtAntinDhykd_JzJHJoaQhbk2ddarP0FWC1K8P7Y8wyKab2LPQMTnt1L9L-RLSyiDtdFxgHavS3T4CpHTVyc4bS-Fo0no6vzoAjGCs8nZp-AF_qe0U7frIsHNiMgUQUWJfkrBVR4KECQyX1hYPawzgapA35d7Cirbu0QgYTrgGqlznWQTUCfYCu-g0aGel4Xyr0Yx8uRpIc15H-BspUtWEij8Rzith3EWolANqCt9ymNNdnjl-3JQWCHZIYSPxQEEaZkCHauGhNYQ8gXXf4ci-WiWGcH9ZswABhD8QM4g8lrfZ0sEoikR-LYzbi7o92jzi_jRISbpsM0lZQpZgmgJHDvZD3gcdmQnorksqmuxNg0WIwXl8MeILgVSAnH85eOvkXJhgVWYe5xpAIq-CwbbAWqvXJJ8AhTm3sKzMlOSU1jLrDfu8aAliimE_5MYgjMFqFAsSAfr19qR28ZFinVHkp_w5pgkbBiGQt0yw_BKOoVvX_TmA8lHi9kHxHqHHXxhicwPE1Uh8I4ZZSzk7ZTaLCDgmbky-6DJuISTTB5q4joXxWOp64Cft_IsiaeEYj-a1uoOVi-thM_P8yV3UCQwBaO_5uk4MKn4QAqRE_bpbXPocOyAN7uAlYbo2xjv_qvnV0F0qWnwjCCYhSCsuN9E-eE7fmJevyXZYFGTA7fIEE9B2xnCscE5UR7VGgVMZ0CTT_8eZ2up_RwKazm3DAI0TBhpUAWtKqD_wbqDmcPZJ866iJumh5VY1JL3xTqpDnuxkuuIk-uX1vCZYkQiCdMYAhNMlI8Cwioo-S124fod2WIheNAq1lJ6HvDfmAGlDVEPj7lJwuf3DEZjCqMs7_aNAPucKV0fdE3fdsv2pbzuz9CgD4kcUgnnKoYO8jcUxQe8WOYQjXHc_Tbyd-tTs1TLilxPNPjxv9ijsrLQncbncioxd3GEpYg9lAS_0ekr37tqPHn-ZC5UC3oTXu9jB4_cX_0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 18:05:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7341577972064756845/468x60/ Frame 1CF2 2 KB
897 B 7ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7341577972064756845/468x60/index.html

Requested by

Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a5068f5c7ebfc8634d949ce1f83fbd6b789bef1c79bfe9667eed4e1bc73a0f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/7341577972064756845/468x60/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 869
date: Thu, 22 Apr 2021 00:09:26 GMT
expires: Fri, 22 Apr 2022 00:09:26 GMT
last-modified: Thu, 18 Feb 2021 08:51:12 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 496551
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

B25368779.296294406;dc_pre=COjdqdaBn_ACFXjyuwgdiKECFg;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3786979604;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 3E9E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3786979604;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=COjdqdaBn_ACFXjyuwgdiKECFg;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3786979604;dc_lat=;dc_rdid=;tag...

42 B
63 B

43ms
28ms

Fetch
image/gif

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=COjdqdaBn_ACFXjyuwgdiKECFg;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3786979604;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3000426983537206&output=html&h=90&slotname=8303536901&adk=3952930891&adf=4256982266&pi=t.ma~as.8303536901&w=672&lmt=1619546716&rafmt=12&psa=0&format=672x90&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716908&bpp=8&bdt=1703&idt=61&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6184824241837&frm=20&pv=2&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=304&ady=1807&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7Wcm2JFfNO&p=https%3A//muaban.net&dtd=76

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 18:05:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Apr 2021 18:05:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25368779.296294406;dc_pre=COjdqdaBn_ACFXjyuwgdiKECFg;dc_trk_aid=489585069;dc_trk_cid=146350521;ord=3786979604;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3E9E 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1okLXVKIYPBYh4bv9Q_1pq_QCZjBoeVhr-i2xOYN29keEAEgtMi9bGCVAqAB9Li_xQPIAQmoAwHIA0iqBJwCT9DazHC6YhfnJ_Gp_48evJMVlCVg45nuE73_O_BsbMQSmknAwQqOCeIFWZ07pr_sAu8DN7N3Rr2R8lRNg3egJPH7uSkXBHxqN9QbxXxAnm7q4YhYgpdG0Ie48e2MHcqvroCLvOPR9dpZ-bj5jxcqLTdkoNolEElnHmIE0PSLXiYyZljWNT7RcWkJ4hjnb2xD2GPJfeu4mjVOoz4hRSFwgttOLs4AtXyHaOhdtPhECiKvyemYJU7b2ziZiU8sty9NBrIdlI7O-pFNXhEstXm-ZN_embPz2Q5gAW5D6qt3Jrn19wH-pO9jGQv4blVJ6sIR-cwI_eEUEtLjcD3_0lcViTO9rdcFI3j3n2rqiStD_WwaHgDXiT8Lz4MJRrrABN-xhrO0A5IFBAgEGAGSBQQIBRgEoAYugAfsoaimAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHAxDYV9IICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi0zMDAwNDI2OTgzNTM3MjA2&sigh=KsylHT1NYOQ&template_id=419

Requested by

Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3000426983537206&output=html&h=90&slotname=8303536901&adk=3952930891&adf=4256982266&pi=t.ma~as.8303536901&w=672&lmt=1619546716&rafmt=12&psa=0&format=672x90&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716908&bpp=8&bdt=1703&idt=61&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6184824241837&frm=20&pv=2&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=304&ady=1807&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7Wcm2JFfNO&p=https%3A//muaban.net&dtd=76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 27 Apr 2021 18:05:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 27 Apr 2021 18:05:17 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 3E9E 17 KB
7 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 18:01:17 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 3E9E 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 18:04:51 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E9E 116 KB
35 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Tue, 27 Apr 2021 18:05:17 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 3E9E 13 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 18:04:58 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 1CF2 9 KB
3 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7341577972064756845/468x60/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 23:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 27 Apr 2021 23:34:05 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1CF2 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7341577972064756845/468x60/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 27 Apr 2021 23:11:01 GMT

GET
H3-29 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7341577972064756845/468x60/ Frame 1CF2 140 KB
39 KB 9ms
9ms Script
application/x-javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7341577972064756845/468x60/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7341577972064756845/468x60/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d09da0c3245664a4a6b03f0e4d6b132db88ce994750d8324640403f93814d6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 57685
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40127
x-xss-protection: 0
last-modified: Thu, 18 Feb 2021 08:51:12 GMT
server: sffe
date: Tue, 27 Apr 2021 02:03:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 02:03:52 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DD4C 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3000426983537206&output=html&h=90&slotname=8303536901&adk=3952930891&adf=4256982266&pi=t.ma~as.8303536901&w=672&lmt=1619546716&rafmt=12&psa=0&format=672x90&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716908&bpp=8&bdt=1703&idt=61&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6184824241837&frm=20&pv=2&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=304&ady=1807&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7Wcm2JFfNO&p=https%3A//muaban.net&dtd=76
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3000426983537206&output=html&h=90&slotname=8303536901&adk=3952930891&adf=4256982266&pi=t.ma~as.8303536901&w=672&lmt=1619546716&rafmt=12&psa=0&format=672x90&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716908&bpp=8&bdt=1703&idt=61&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6184824241837&frm=20&pv=2&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=304&ady=1807&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7Wcm2JFfNO&p=https%3A//muaban.net&dtd=76

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 27 Apr 2021 17:56:55 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 502
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 data.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7341577972064756845/468x60/ Frame 1CF2 168 KB
18 KB 21ms
7ms XHR
application/json 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7341577972064756845/468x60/data.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7341577972064756845/468x60/lottie_light.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2c3c88a789def78c3f6caf29cc9089a3269dcab372d1daf85f072dc69bd4e74

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 417342
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18166
x-xss-protection: 0
last-modified: Thu, 18 Feb 2021 08:51:12 GMT
server: sffe
date: Thu, 22 Apr 2021 22:09:35 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 22:09:35 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DD4C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

42ms
41ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkL0OfwZDtpd5jB6BaXbesqN8_cp1UmvP4cF9knL79t7nXexNot3tyFbGuUuHw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 27 Apr 2021 18:05:17 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 27-Apr-2021 19:05:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Apr 2021 18:05:17 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 27 Apr 2021 18:05:17 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3E9E 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ef3dcb6b8d75ab0d9a82d83b7398d70ae07e02295934ddbe67fecf6dafb153c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame 1798 3 KB
578 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3000426983537206&output=html&h=600&slotname=1188707486&adk=3232104161&adf=3072462398&pi=t.ma~as.1188707486&w=300&fwrn=4&fwrnh=100&lmt=1619546716&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716917&bpp=3&bdt=1712&idt=76&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=672x90&correlator=6184824241837&frm=20&pv=1&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=349&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iwTgNS9y08&p=https%3A//muaban.net&dtd=79

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 17:06:41 GMT
server: ESF
date: Tue, 27 Apr 2021 18:05:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Apr 2021 18:05:17 GMT

GET
H3-29 200 spam_signals_bundle_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/elements/html/spam_signals/ Frame 1798 6 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2925
x-xss-protection: 0
server: cafe
etag: 11749031388657934619
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 18:04:42 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 1798 1 KB
910 B 9ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 17:59:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 17:59:55 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 1798 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 18:01:17 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 1798 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 18:04:51 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1798 116 KB
35 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Tue, 27 Apr 2021 18:05:17 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 1798 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 18:04:58 GMT

GET
H2 200 95e6c1f88e21b7366c50a3f905bff199.js Show response
www.gstatic.com/mysidia/ Frame 1798 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95e6c1f88e21b7366c50a3f905bff199.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 13:01:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 12:42:48 GMT
server: sffe
age: 536611
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
expires: Tue, 20 Jul 2021 13:01:46 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1CF2 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 07:35:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 37803
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Wed, 27 Apr 2022 07:35:14 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1018797314796343536/ Frame 1798 14 KB
14 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1018797314796343536/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

543fb8dee3e8c98880956dbc1a30d18cd827ec07e86e8772a6868e3aaafe1b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:45:29 GMT
x-content-type-options: nosniff
age: 440388
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14522
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 12:06:15 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 15:45:29 GMT

GET
DATA 200
OK truncated
/ Frame 1798 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1798 0
0 46ms
45ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdZw3XVKIYNZwlo3v9Q-Gy7PQApq0vbdipdL2mrwN2tkeEAEgtMi9bGCVAqAB1-2jxwHIAQmpAr8ZF4zrRrQ-qAMByAPLBKoEowJP0J0TVl5qxuLk-Qgs3-BvT5N5kpOOBJNHNPXvvw-42BQwfBHmOwAdA_Yd25UGsH7FXMe42NQLBifGtErkKmeUN6vqzwfBI91ll8LxqtWCqKF5AuAEvD7GFaXOdqDqO8Rxkd17snFGGisNTKfUYsCWGWNoElgyiCa1Ams8ne4-d_-zRgSmTiP5xkeeoG0AU9h6qUm9dlcKN3zxo5uMcXb9pR08iXfbwABpiBm0WGOT3qDsbtHMeE0m3Dc7R_pivjnwNh3l1agkNf2m62Vzoofu6Pb9ZzbybVBjnU4rmN1GsERPbQ6x9DtF55DHBKkXqofUULABbZkNipnQL69gkvukbLQpV8EbxUW4bYnURdknJ64_HtH881kpRRYtcEaUAm4y8PPABK6e7o_EA5IFBAgEGAGSBQQIBRgEoAYugAeRkty4AqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCJmiDSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMNshcaChgIABIUcHViLTMwMDA0MjY5ODM1MzcyMDY&sigh=d0bX8-axtus&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3000426983537206&output=html&h=600&slotname=1188707486&adk=3232104161&adf=3072462398&pi=t.ma~as.1188707486&w=300&fwrn=4&fwrnh=100&lmt=1619546716&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619546716917&bpp=3&bdt=1712&idt=76&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=672x90&correlator=6184824241837&frm=20&pv=1&ga_vid=953050923.1619546717&ga_sid=1619546717&ga_hid=1029988206&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=349&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3541983712337132&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=iwTgNS9y08&p=https%3A//muaban.net&dtd=79
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 27 Apr 2021 18:05:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1798 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 599df00fec0f1deb0cf0a541c0f00a8f4ecc89f21ad47c98b5e828d1e567381d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1798 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 01:32:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 491595
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 22 Apr 2022 01:32:02 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94Yt9CwZ-Pw.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1798 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94Yt9CwZ-Pw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c4e4e0b02318697c2eb4a16c05126c5113eea9f0a4a9a6cb40c8261bbd17ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 02:58:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:26 GMT
server: sffe
age: 486390
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15456
x-xss-protection: 0
expires: Fri, 22 Apr 2022 02:58:47 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1798 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 21:23:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 592881
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Wed, 20 Apr 2022 21:23:56 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Awp5MKg.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1798 15 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Awp5MKg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d190b33e3768d3d52e4ace23765ec377bbb939773376813d72cc22c298a59f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:35:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:20 GMT
server: sffe
age: 440975
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15620
x-xss-protection: 0
expires: Fri, 22 Apr 2022 15:35:42 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94Yt8CwZ-Pw.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1798 9 KB
9 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94Yt8CwZ-Pw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98e9c0016216aa436a564a8a0a73903edfa3916abbcdf32c241d11bd32126ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 05:02:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:24 GMT
server: sffe
age: 478939
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9636
x-xss-protection: 0
expires: Fri, 22 Apr 2022 05:02:58 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Bwp5MKg.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1798 9 KB
9 KB 18ms
16ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Bwp5MKg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ddc0c4a5e5e4bf7fd9f4f06b4f60248b628358aa852635fc71adaee18c08b85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 04:11:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:13 GMT
server: sffe
age: 222826
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9404
x-xss-protection: 0
expires: Mon, 25 Apr 2022 04:11:31 GMT

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DDF 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 07:35:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 37803
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Wed, 27 Apr 2022 07:35:14 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 127 KB
43 KB 45ms
41ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KFP6KV

Requested by

Host: muaban.net
URL: https://muaban.net/ScriptsApp/Views/Layout.js?v=20210415

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4036282c6005583d0b35279943fffe5b45b3e08ae49ccb1483e40dcc037d722b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44179
x-xss-protection: 0
expires: Tue, 27 Apr 2021 18:05:17 GMT

GET
H2 200 LoadUserInsider Show response
muaban.net/info/ 72 B
145 B 1047ms
1046ms Fetch
application/json 2606:4700:10::ac43:f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://muaban.net/info/LoadUserInsider?rd=0.18437226131639606
Requested by: Host: muaban.net
URL: https://muaban.net/ScriptsApp/Views/Layout.js?v=20210415
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36ca18d3980fc92f4f4306526e9d71b52603e49ea9859d19e6ae3e3ef1747d11

Request headers

:path: /info/LoadUserInsider?rd=0.18437226131639606
pragma: no-cache
cookie: __cfduid=d3202422c3ea0291f88613824777e62261619546713; __gads=ID=5290af0490245d53-2225f63fb0a700f3:T=1619546717:RT=1619546717:S=ALNI_MbphXgMF8dqi2YC29l7dsX4cYO2EA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: muaban.net
referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:18 GMT
content-encoding: gzip
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 6469fa6adcd41f29-FRA
cf-request-id: 09b61ad6c500001f29528e5000000001

GET
H2 200 GetClassifiedsByUrl Show response
muaban.net/home/ 3 KB
695 B 1012ms
1011ms Fetch
application/json 2606:4700:10::ac43:f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://muaban.net/home/GetClassifiedsByUrl?url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123&time=1619546717921
Requested by: Host: muaban.net
URL: https://muaban.net/ScriptsApp/Views/Detail.js?v=20210415
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35e2588615d70b899da686cac9d388cd206779b5f4c36eda2ec484b3362b5c2f

Request headers

:path: /home/GetClassifiedsByUrl?url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123&time=1619546717921
pragma: no-cache
cookie: __cfduid=d3202422c3ea0291f88613824777e62261619546713; __gads=ID=5290af0490245d53-2225f63fb0a700f3:T=1619546717:RT=1619546717:S=ALNI_MbphXgMF8dqi2YC29l7dsX4cYO2EA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: muaban.net
referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:18 GMT
content-encoding: gzip
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 6469fa6b0d6d1f29-FRA
cf-request-id: 09b61ad6e600001f295c17c000000001

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: muaban.net
URL: https://muaban.net/ScriptsApp/Views/Detail.js?v=20210415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

250234a5eea2241a67b23fb2aae12312d8bf5614957699b58302c2cb7374b144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Dtey3K3zifu5aGsE3yV1uQ==
cross-origin-resource-policy: cross-origin
expires: Tue, 27 Apr 2021 18:06:22 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: fiUv+BHXUDXxeSxmO8lkhb/WRDwin5MDcWc6XEOxj9VvkP2MLXCNXnf2Ju7smSgSugJ3KopBU0+4d+vQxNiMfQ==
x-fb-trip-id: 686109401
x-fb-content-md5: d8fb61152da51273b8ab88e2bc62f067
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 27 Apr 2021 18:05:17 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "683e71f656a747bf4f78f8a5430b355e"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 sdk.js Show response
sp.zalo.me/plugins/ 100 KB
28 KB 903ms
218ms Script
text/javascript 49.213.114.132
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.zalo.me/plugins/sdk.js?v=20210415

Requested by

Host: muaban.net
URL: https://muaban.net/ScriptsApp/Views/Layout.js?v=20210415

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.132 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

78d3c588c63a796eaaca1c61308cc5587040f8084d8a67af0a3688c8a2ed5da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:18 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
server: za-ngx-srv
etag: 17a523cf790b069f5ab7112134768f8d--gzip
strict-transport-security: max-age=86400
content-type: text/javascript;charset=utf-8

GET
H3-29 200 sdk.js Show response
connect.facebook.net/vi_VN/ 219 KB
65 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=3c9a9be87ac9bd469d5b7f4faf7fe3db&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e1153075190159a713c7183c195d2c49d78c55dd921efc5f7cff08ec01ab0ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://muaban.net
Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: i3vulx0x96wOvBr3eq531Q==
cross-origin-resource-policy: cross-origin
expires: Wed, 27 Apr 2022 17:46:23 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 66060
x-fb-rlafr: 0
x-fb-debug: d5OI2hkbvTwBQHyfBOhqrsIMm0gOsgfmQdlbF7n5sj6hAewAkoRcjOTwmE/u4zsUEAb2s8q3WK/ifTHrYjUygA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: cead1482554b9b8e107cc63cf145a2e0
date: Tue, 27 Apr 2021 18:05:17 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "06dd87d3f9401ba7c823115b0646445b"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFP6KV

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1484
date: Tue, 27 Apr 2021 17:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 27 Apr 2021 19:40:33 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 43ms
19ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFP6KV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

3c3873b4b3cc35b18323781fa7884992e5e476fba8da153bb63d55adc572a583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13898
x-xss-protection: 0
server: cafe
etag: 2024374664263027787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 18:05:17 GMT

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
23 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: muaban.net
URL: https://muaban.net/lao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123/goi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23961
x-fb-rlafr: 0
pragma: public
x-fb-debug: L7HgapbWDhcDx0wZZyuip2f/hLBrjjzcTx5pxb1pO1Y2p+w+VxhHeHGaqJV4vHTGfjc8GbajLStroXjB29wFAw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Tue, 27 Apr 2021 18:05:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ins.js Show response
muaban.api.useinsider.com/ 382 KB
83 KB 95ms
47ms Script
application/javascript 2606:4700::6811:a772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://muaban.api.useinsider.com/ins.js?id=10002490
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFP6KV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9b089806691bb379126f31b663ab1e1ff34d0f05324ca429eded67c6a99a520

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 6822
content-type: application/javascript; charset=UTF-8
x-amz-request-id: BBAB08YJ8B69ZW51
x-amz-id-2: 9ETPDvvCf8CZXeXncFrncz3X6Q0hYNmptXoyV6eL2wDvw4KHI5NSmqc3APi3nrRdCXlWz15esAM=
last-modified: Tue, 27 Apr 2021 16:11:09 GMT
server: cloudflare
etag: W/"d37711b8ada2bc77f0941c197397b120"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: paHeaw8e.yoD5m6YIGmo7ts05vr7J_dm
access-control-allow-origin: *
cache-control: public, max-age=300
cf-request-id: 09b61ad7480000d6cdb42e8000000001
cf-ray: 6469fa6bad7dd6cd-FRA
expires: Tue, 27 Apr 2021 18:10:18 GMT

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 17:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2508
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 2021 18:23:29 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 20ms
20ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1029988206&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&ul=en-us&de=UTF-8&dt=G%C3%B3i%20ch%E1%BA%A3%20gi%C3%B2%20%2Ch%C3%A1%20c%E1%BA%A3o%20kh%C3%B4ng%20c%E1%BA%A7n%20kinh%20nghi%E1%BB%87m&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=mbn-detail&ea=detail-view&el=62438450&_u=YAhAAAAjQAAAAC~&jid=111084684&gjid=1136687009&cid=953050923.1619546717&tid=UA-732298-1&_gid=354495624.1619546718&_r=1&gtm=2wg4e1KFP6KV&z=1404933785

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 18:05:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://muaban.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 89 KB
35 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-WZPZCK8&t=gtm4&cid=953050923.1619546717

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a246ecaf987217f2ee6e80c72c82a4aa879b69dce4df597fedf8d426101db892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35940
x-xss-protection: 0
expires: Tue, 27 Apr 2021 18:05:18 GMT

GET
H3-29 200 508542283305831 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 108ms
108ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/508542283305831?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

008c49e54bd2b2747518b1e681e5eead38133d818cde0f1a085f972404b31887

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: KaWluYVpw6AEOdgCtgF40E3ZDvSxXoxmGSFnE/tNzIP5aGlASLdTRcVM8Btr6G0/Nnv2X1+Uolu6oqjvaBq/fQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Tue, 27 Apr 2021 18:05:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
84 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-732298-1&cid=953050923.1619546717&jid=111084684&gjid=1136687009&_gid=354495624.1619546718&_u=YAhAAAAiQAAAAC~&z=244926359

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 27 Apr 2021 18:05:18 GMT
content-type: text/plain
access-control-allow-origin: https://muaban.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1047944096/ 2 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1047944096/?random=1619546718028&cv=9&fst=1619546718028&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4e1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&tiba=G%C3%B3i%20ch%E1%BA%A3%20gi%C3%B2%20%2Ch%C3%A1%20c%E1%BA%A3o%20kh%C3%B4ng%20c%E1%BA%A7n%20kinh%20nghi%E1%BB%87m&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f70d26ad8d0eff699cf2f3fd6d6b438ce6e2667c1737e63537b35079acdcd65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 18:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1120
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 30ms
30ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-732298-1&cid=953050923.1619546717&jid=111084684&_u=YAhAAAAiQAAAAC~&z=164864393

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 18:05:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-732298-1&cid=953050923.1619546717&jid=111084684&_u=YAhAAAAiQAAAAC~&z=164864393

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 18:05:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 30ms
14ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-732298-1&cid=953050923.1619546717&jid=701170997&gjid=750102314&_gid=354495624.1619546718&_u=aCjAgEAjQAAAAG~&z=679262042

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 27 Apr 2021 18:05:18 GMT
content-type: text/plain
access-control-allow-origin: https://muaban.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1029988206&t=pageview&_s=1&dl=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&ul=en-us&de=UTF-8&dt=G%C3%B3i%20ch%E1%BA%A3%20gi%C3%B2%20%2Ch%C3%A1%20c%E1%BA%A3o%20kh%C3%B4ng%20c%E1%BA%A7n%20kinh%20nghi%E1%BB%87m&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjAgEAjQAAAAC~&jid=701170997&gjid=750102314&cid=953050923.1619546717&tid=UA-732298-1&_gid=354495624.1619546718&gtm=2wg4e1KFP6KV&z=2001771063

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 10:07:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28687
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1047944096/ 42 B
64 B 24ms
23ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1047944096/?random=1619546718028&cv=9&fst=1619546400000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4e1&sendb=1&frm=0&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&tiba=G%C3%B3i%20ch%E1%BA%A3%20gi%C3%B2%20%2Ch%C3%A1%20c%E1%BA%A3o%20kh%C3%B4ng%20c%E1%BA%A7n%20kinh%20nghi%E1%BB%87m&async=1&fmt=3&is_vtc=1&random=825213509&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 18:05:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1047944096/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1047944096/?random=1619546718028&cv=9&fst=1619546400000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4e1&sendb=1&frm=0&url=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&tiba=G%C3%B3i%20ch%E1%BA%A3%20gi%C3%B2%20%2Ch%C3%A1%20c%E1%BA%A3o%20kh%C3%B4ng%20c%E1%BA%A7n%20kinh%20nghi%E1%BB%87m&async=1&fmt=3&is_vtc=1&random=825213509&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 18:05:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 30ms
30ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-732298-1&cid=953050923.1619546717&jid=701170997&_u=aCjAgEAjQAAAAG~&z=1772185306

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 18:05:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 42ms
39ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-732298-1&cid=953050923.1619546717&jid=701170997&_u=aCjAgEAjQAAAAG~&z=1772185306

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 18:05:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 worker-new.html Show response
muaban.api.useinsider.com/ Frame F7D5 8 KB
3 KB 25ms
23ms Document
text/html 2606:4700::6811:a772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://muaban.api.useinsider.com/worker-new.html
Requested by: Host: muaban.api.useinsider.com
URL: https://muaban.api.useinsider.com/ins.js?id=10002490
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db

Request headers

:method: GET
:authority: muaban.api.useinsider.com
:scheme: https
:path: /worker-new.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://muaban.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://muaban.net/

Response headers

date: Tue, 27 Apr 2021 18:05:18 GMT
content-type: text/html
set-cookie: __cfduid=dc6384b9bf3a624f9ef7624d96da6414d1619546718; expires=Thu, 27-May-21 18:05:18 GMT; path=/; domain=.useinsider.com; HttpOnly; SameSite=Lax
access-control-allow-origin: *
last-modified: Tue, 27 Apr 2021 13:50:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6822
expires: Thu, 13 May 2021 18:05:18 GMT
cache-control: public, max-age=1382400
cf-request-id: 09b61ad7a00000d6cda4335000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6469fa6c3e8ed6cd-FRA
content-encoding: br

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=508542283305831&ev=PageView&dl=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&rl=&if=false&ts=1619546718158&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1619546718156.1967523095&it=1619546718022&coo=false&exp=l0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 27 Apr 2021 18:05:18 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 14ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarybYSWaJMfgft4WlDo

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 27 Apr 2021 18:05:18 GMT
content-type: text/plain
access-control-allow-origin: https://muaban.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1798 42 B
108 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8EukU4kmg-cQO4FarTqZCPRee_L16EnVsNmvSoNodYbkHudG2_ki52M2CAIfp6IbjCfDHnX73kUn0AzJ74w1t0WWyVlke7-jKNy-nKpyz2DhAI4idmksd8jvRsQ&sai=AMfl-YRYSSwp9vPyc64vQFdb3rvrc3ymyeFIsmNPFz6RLuNAT-ubs4F0fFyyl0op8MzcmZn3fyDOJBuVUH11&sig=Cg0ArKJSzIYJRVyUm4CBEAE&id=lidar2&mcvt=1000&p=349,996,949,1296&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210423&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3232104161&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619546717000&dlt=497&rpt=32&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 18:05:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 share Show response
sp.zalo.me/plugins/ Frame 7396 10 KB
2 KB 213ms
212ms Document
text/html 49.213.114.132
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.zalo.me/plugins/share?dev=null&color=blue&oaid=579745863508352884&href=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&layout=1&customize=true&callback=null&id=41a67768-7b25-4ef5-be14-d4ae41ffcef5&domain=muaban.net&android=false&ios=false

Requested by

Host: sp.zalo.me
URL: https://sp.zalo.me/plugins/sdk.js?v=20210415

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.132 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

d369834aa5062b063fbee0d1feaccbd6b0fd38cca20f62c717e1d81a37512e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:method: GET
:authority: sp.zalo.me
:scheme: https
:path: /plugins/share?dev=null&color=blue&oaid=579745863508352884&href=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&layout=1&customize=true&callback=null&id=41a67768-7b25-4ef5-be14-d4ae41ffcef5&domain=muaban.net&android=false&ios=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://muaban.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://muaban.net/

Response headers

date: Tue, 27 Apr 2021 18:05:19 GMT
content-type: text/html;charset=utf-8
content-length: 1679
vary: Accept-Encoding, User-Agent
content-encoding: gzip
server: za-ngx-srv
strict-transport-security: max-age=86400

GET
H2 200 za.js Show response
stc.za.zaloapp.com/v3/ 40 KB
14 KB 2355ms
424ms Script
application/javascript 120.138.69.5
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://stc.za.zaloapp.com/v3/za.js?18744

Requested by

Host: sp.zalo.me
URL: https://sp.zalo.me/plugins/sdk.js?v=20210415

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

120.138.69.5 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

ptr.vng.vn

Software

nginx /

Resource Hash

277c5203248d7b0588421e17dcf709d4e7112b7d240f012ca94a59c6733dc3af

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:21 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 02:53:51 GMT
server: nginx
age: 12479
etag: W/"5f5ae6bf-a00c"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
content-length: 14116
expires: Tue, 27 Apr 2021 18:10:21 GMT

GET
H2 200 sdk-server-1.0.0.js Show response
stc.sp.zdn.vn/ Frame 7396 3 KB
3 KB 920ms
219ms Script
application/javascript 120.138.69.12
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://stc.sp.zdn.vn/sdk-server-1.0.0.js
Requested by: Host: sp.zalo.me
URL: https://sp.zalo.me/plugins/share?dev=null&color=blue&oaid=579745863508352884&href=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&layout=1&customize=true&callback=null&id=41a67768-7b25-4ef5-be14-d4ae41ffcef5&domain=muaban.net&android=false&ios=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 120.138.69.12 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS: ptr.vng.vn
Software: ZDN /
Resource Hash: d7e675024981a396c864a91cd38aa73f01375a10b78740f1eba6ddad76362dd6

Request headers

Referer: https://sp.zalo.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:20 GMT
last-modified: Tue, 13 Oct 2020 04:39:12 GMT
server: ZDN
age: 3484172
etag: "5f852f70-b49"
x-cache-status: HIT
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2889

GET
H2 200 logo_white_s.png
stc.sp.zdn.vn/share/ Frame 7396 1 KB
1 KB 215ms
215ms Image
image/png 120.138.69.12
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stc.sp.zdn.vn/share/logo_white_s.png
Requested by: Host: sp.zalo.me
URL: https://sp.zalo.me/plugins/share?dev=null&color=blue&oaid=579745863508352884&href=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&layout=1&customize=true&callback=null&id=41a67768-7b25-4ef5-be14-d4ae41ffcef5&domain=muaban.net&android=false&ios=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 120.138.69.12 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS: ptr.vng.vn
Software: ZDN /
Resource Hash: 4a4b977b0663caf3e0cb13ce1ededf3cdb681809e8ea76a1e51985846615d548

Request headers

Referer: https://sp.zalo.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 18:05:20 GMT
last-modified: Tue, 11 Apr 2017 02:24:59 GMT
server: ZDN
age: 4554041
etag: "58ec3e7b-505"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1285

POST
H2 200 _zaf.gif Show response
za.zalo.me/v3/w/ 152 B
722 B 859ms
218ms XHR
application/json 49.213.114.149
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL

https://za.zalo.me/v3/w/_zaf.gif

Requested by

Host: stc.za.zaloapp.com
URL: https://stc.za.zaloapp.com/v3/za.js?18744

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.213.114.149 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),

Reverse DNS

Software

za-ngx-srv /

Resource Hash

0c660cb4073d792d5947a3fe9e0b42148f563e25db0c8bf88a3208d1401037b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubdomains;

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 27 Apr 2021 18:05:22 GMT
server: za-ngx-srv
strict-transport-security: max-age=86400; includeSubdomains;
content-type: application/json; charset=utf-8
access-control-allow-origin: https://muaban.net
access-control-allow-credentials: true
content-length: 152
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
83 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1029988206&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmuaban.net%2Flao-dong-pho-thong-khac-quan-tan-phu-l5923-c1123%2Fgoi-cha-gio-ha-cao-khong-can-kinh-nghiem-id62438450&ul=en-us&de=UTF-8&dt=G%C3%B3i%20ch%E1%BA%A3%20gi%C3%B2%20%2Ch%C3%A1%20c%E1%BA%A3o%20kh%C3%B4ng%20c%E1%BA%A7n%20kinh%20nghi%E1%BB%87m&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Tien%20Ich&ea=Theo%20Doi%20Thoi%20Gian%20Luot&el=10%20Giay&ev=10000&_u=aCjAAEAjQAAAAG~&jid=27207369&gjid=2016816619&cid=953050923.1619546717&tid=UA-732298-1&_gid=61016928.1619546728&_r=1&gtm=2wg4e1KFP6KV&z=1550061860

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 18:05:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://muaban.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-732298-1&cid=953050923.1619546717&jid=27207369&gjid=2016816619&_gid=61016928.1619546728&_u=aCjAAEAjQAAAAG~&z=2092914185

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 27 Apr 2021 18:05:27 GMT
content-type: text/plain
access-control-allow-origin: https://muaban.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
119 B 30ms
29ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-732298-1&cid=953050923.1619546717&jid=27207369&_u=aCjAAEAjQAAAAG~&z=115934725

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 18:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-732298-1&cid=953050923.1619546717&jid=27207369&_u=aCjAAEAjQAAAAG~&z=115934725

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://muaban.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 18:05:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.muaban.net/	1970-01-19 18:35:38	Name: __cfduid Value: d3202422c3ea0291f88613824777e62261619546713

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://sp.zalo.me/plugins/sdk.js?v=20210415(Line 2) Message: Zalo Social Plugin is loaded successfully

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
cdn.onesignal.com
cloud.muaban.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
muaban.api.useinsider.com
muaban.net
pagead2.googlesyndication.com
partner.googleadservices.com
sp.zalo.me
stats.g.doubleclick.net
stc.sp.zdn.vn
stc.za.zaloapp.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
za.zalo.me
120.138.69.12
120.138.69.5
142.250.185.134
142.250.185.98
216.58.212.162
2606:4700:10::6816:1382
2606:4700:10::ac43:f4e
2606:4700::6811:a772
2606:4700::6812:e234
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:803::2001
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:400c:c00::9c
2a00:1450:400c:c0a::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
49.213.114.132
49.213.114.149
008c49e54bd2b2747518b1e681e5eead38133d818cde0f1a085f972404b31887
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
0b716b185297254c2898e71edcc8986481f8a4d71721f00f4b0c26c9364654a0
0c660cb4073d792d5947a3fe9e0b42148f563e25db0c8bf88a3208d1401037b4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
24fd25e112d3e772e9fd6025392f043b7d8ead61d9ab87e10f62dea7b131d69c
250234a5eea2241a67b23fb2aae12312d8bf5614957699b58302c2cb7374b144
264b6c933f181b4a2f907d105d872ae19bd0da391c1cef8532388c5f86b93413
277c5203248d7b0588421e17dcf709d4e7112b7d240f012ca94a59c6733dc3af
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ef6932c99bd03d97119937b64466fe4ad67f811e0a78945543dacfd11220fb8
351eba3d97591361dd65cd3f3d7acf6f47367c33c52acb7deb60f1f999890554
35e2588615d70b899da686cac9d388cd206779b5f4c36eda2ec484b3362b5c2f
36ca18d3980fc92f4f4306526e9d71b52603e49ea9859d19e6ae3e3ef1747d11
38915c5dc1e45b8236888c33371c08cb547c7bfa9d3edfbf54e2a6c7042a2127
3c3873b4b3cc35b18323781fa7884992e5e476fba8da153bb63d55adc572a583
3eb1d22ee777fbb68261ae5849edcabb1c41d52af0116ba859ed2f87c2d8755f
4036282c6005583d0b35279943fffe5b45b3e08ae49ccb1483e40dcc037d722b
41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
47a5068f5c7ebfc8634d949ce1f83fbd6b789bef1c79bfe9667eed4e1bc73a0f
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a4b977b0663caf3e0cb13ce1ededf3cdb681809e8ea76a1e51985846615d548
4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27
4ebfa996e00b5996c405b134e1efe921ef064d8185810e5ad6a7b71155dcde56
515c9387d795aa4d00777297ec8b2626b6974781fe4004c95abba1cae32dc598
53d498637d3729f9082115b547255e3741d328021543c3cc38814a1112a26901
543fb8dee3e8c98880956dbc1a30d18cd827ec07e86e8772a6868e3aaafe1b05
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58f547f347c4f3c8feed01bf528952a1f05e993f6a492576b4e4ffe968476dfd
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
599df00fec0f1deb0cf0a541c0f00a8f4ecc89f21ad47c98b5e828d1e567381d
5f70d26ad8d0eff699cf2f3fd6d6b438ce6e2667c1737e63537b35079acdcd65
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6ddc0c4a5e5e4bf7fd9f4f06b4f60248b628358aa852635fc71adaee18c08b85
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
78d3c588c63a796eaaca1c61308cc5587040f8084d8a67af0a3688c8a2ed5da7
79dd3703fe742a95c8fe621e74a5dd5596d99dc3e5fdefcb1f8c2f12e4e22a06
7c4e4e0b02318697c2eb4a16c05126c5113eea9f0a4a9a6cb40c8261bbd17ec1
7d4b15c20926ee0d2197fd411f6d77c8e5ae286e1b08efb7ba8ab3ca0e0902a3
7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8516fdd9140b30ce114cbe6d7d8b92ea81c99fca498cca52f862ddac1b63a823
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98e9c0016216aa436a564a8a0a73903edfa3916abbcdf32c241d11bd32126ea0
9cb0dcf2f6ec0615a804858f8a0bc47cd3a68977ace2eb937f1848c0dec69b1a
9ef3dcb6b8d75ab0d9a82d83b7398d70ae07e02295934ddbe67fecf6dafb153c
9f0a00a6dede9a19d80f4b830a6178aee60f648b5d4b58ac72ffff39a00e36bc
a246ecaf987217f2ee6e80c72c82a4aa879b69dce4df597fedf8d426101db892
a2c3c88a789def78c3f6caf29cc9089a3269dcab372d1daf85f072dc69bd4e74
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
afbc2179595836cb069ce7a28ecb5e591e9128c1a41c37b74235e88024910c90
b2cb6eea5e458f9920467e536edae265d5b38114ed4c1013442f5854f6cde650
b3273182bd422a89d6800c0f09ddca2b73128f57172e929f6d0d720903275234
b49b514d1205276e6748e4d00a867a63b02d2d3f112559e76657fc405ac06bd1
b6d09da0c3245664a4a6b03f0e4d6b132db88ce994750d8324640403f93814d6
c2b70af99c3ce932305e43d8ee1874d5ca18f185d431de495880dcb84dd2482f
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
d190b33e3768d3d52e4ace23765ec377bbb939773376813d72cc22c298a59f3c
d369834aa5062b063fbee0d1feaccbd6b0fd38cca20f62c717e1d81a37512e41
d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7e675024981a396c864a91cd38aa73f01375a10b78740f1eba6ddad76362dd6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1153075190159a713c7183c195d2c49d78c55dd921efc5f7cff08ec01ab0ac1
e260862291123471876481d6cac0cb31c1e91102dc105fa8d78dd7749230f703
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b089806691bb379126f31b663ab1e1ff34d0f05324ca429eded67c6a99a520
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

muaban.net Open in urlscan Pro 2606:4700:10::ac43:f4e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

103 Requests

99 %HTTPS

81 %IPv6

18 Domains

27 Subdomains

37 IPs

4 Countries

1099 kBTransfer

3157 kBSize

1 Cookies

21 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

muaban.net Open in urlscan Pro
2606:4700:10::ac43:f4e Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

99 %
HTTPS

81 %
IPv6

18
Domains

27
Subdomains

37
IPs

4
Countries

1099 kB
Transfer

3157 kB
Size

1
Cookies

103 HTTP transactions
2 data transactions