xmarvel.clix9.com Open in urlscan Pro
13.250.255.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/Vien-Ngam-Sinh-Ly-X-Marvel
Effective URL:
https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Submission Tags: falconsandbox
Submission: On September 30 via api (September 30th 2021, 7:59:19 am UTC) from US — Scanned from DE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 27 HTTP transactions. The main IP is 13.250.255.10, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is xmarvel.clix9.com.
TLS certificate: Issued by R3 on September 7th 2021. Valid for: 3 months.

This is the only time xmarvel.clix9.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 2	13.251.179.142 13.251.179.142	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:d000:0:e30c:c340:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.250.255.10 13.250.255.10	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
13	2606:4700::68... 2606:4700::6812:c44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	54.169.198.168 54.169.198.168	() ()
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	52.76.58.45 52.76.58.45	() ()
27	10

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.251.179.142 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-179-142.ap-southeast-1.compute.amazonaws.com

ads000059571.go.scalef.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:d000:0:e30c:c340:93a1 (United States)

ASN16509 (AMAZON-02, US)

i1-cdn.scalef.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.250.255.10 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-255-10.ap-southeast-1.compute.amazonaws.com

xmarvel.clix9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:c44 (United States)

ASN13335 (CLOUDFLARENET, US)

w.ladicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.169.198.168 (None, )

ASN- ()

service-api.accesstrade.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.76.58.45 (None, )

ASN- ()

a.ladipage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	ladicdn.com w.ladicdn.com	4 MB
6	gstatic.com fonts.gstatic.com	148 KB
3	scalef.net 1 redirects ads000059571.go.scalef.net i1-cdn.scalef.net	87 KB
2	ladipage.com a.ladipage.com	560 B
1	youtube.com img.youtube.com	1 KB
1	accesstrade.vn service-api.accesstrade.vn	4 KB
1	googleapis.com fonts.googleapis.com	2 KB
1	clix9.com xmarvel.clix9.com	32 KB
1	bit.ly 1 redirects bit.ly	319 B
27	9

	Domain	Requested by
13	w.ladicdn.com	xmarvel.clix9.com
6	fonts.gstatic.com	fonts.googleapis.com
2	a.ladipage.com	w.ladicdn.com
2	ads000059571.go.scalef.net	1 redirects
1	img.youtube.com	xmarvel.clix9.com
1	service-api.accesstrade.vn	xmarvel.clix9.com
1	fonts.googleapis.com	xmarvel.clix9.com
1	xmarvel.clix9.com
1	i1-cdn.scalef.net	ads000059571.go.scalef.net
1	bit.ly	1 redirects
27	10

This site contains no links.

Subject Issuer	Validity	Valid
*.go.scalef.net Amazon	`2021-01-27` - `2022-02-25`	a year	crt.sh
*.scalef.net Amazon	`2021-09-28` - `2022-10-26`	a year	crt.sh
xmarvel.clix9.com R3	`2021-09-07` - `2021-12-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
ladicdn.com Cloudflare Inc ECC CA-3	`2021-06-12` - `2022-06-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.accesstrade.vn RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-04-12` - `2022-05-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
a.ladipage.com Amazon	`2021-07-17` - `2022-08-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Frame ID: 27BDAA03796D767E502288E6B84D8689
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

X-Marvel - Viên ngậm sinh lý đến từ Mỹ

Page URL History Show full URLs

https://bit.ly/Vien-Ngam-Sinh-Ly-X-Marvel HTTP 301
https://ads000059571.go.scalef.net/c/v3/CON000420349/?source=deeplink_generator&network_id=1&url=https://xmarve... Page URL
https://ads000059571.go.scalef.net/c/v2/CON000420349/?source=deeplink_generator&network_id=1&url=https://xmarve... HTTP 302
https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

27
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

4122 kB
Transfer

4500 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/Vien-Ngam-Sinh-Ly-X-Marvel HTTP 301
https://ads000059571.go.scalef.net/c/v3/CON000420349/?source=deeplink_generator&network_id=1&url=https://xmarvel.clix9.com Page URL
https://ads000059571.go.scalef.net/c/v2/CON000420349/?source=deeplink_generator&network_id=1&url=https://xmarvel.clix9.com HTTP 302
https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/Vien-Ngam-Sinh-Ly-X-Marvel HTTP 301
https://ads000059571.go.scalef.net/c/v3/CON000420349/?source=deeplink_generator&network_id=1&url=https://xmarvel.clix9.com

27 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
ads000059571.go.scalef.net/c/v3/CON000420349/
Redirect Chain

https://bit.ly/Vien-Ngam-Sinh-Ly-X-Marvel
https://ads000059571.go.scalef.net/c/v3/CON000420349/?source=deeplink_generator&network_id=1&url=https://xmarvel.clix9.com

3 KB
3 KB

586ms
181ms

Document
text/html

13.251.179.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads000059571.go.scalef.net/c/v3/CON000420349/?source=deeplink_generator&network_id=1&url=https://xmarvel.clix9.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.179.142 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-179-142.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 8b4b4061f4c7a71d9c748bf7ad615ee5dbf59dc70642d1f92070d0b0ecdd0a81

Request headers

:method: GET
:authority: ads000059571.go.scalef.net
:scheme: https
:path: /c/v3/CON000420349/?source=deeplink_generator&network_id=1&url=https://xmarvel.clix9.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 30 Sep 2021 07:59:13 GMT
content-type: text/html;charset=UTF-8
content-language: de-DE

Redirect headers

server: nginx
date: Thu, 30 Sep 2021 07:59:13 GMT
content-type: text/html; charset=utf-8
content-length: 217
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://ads000059571.go.scalef.net/c/v3/CON000420349/?source=deeplink_generator&network_id=1&url=https://xmarvel.clix9.com
referrer-policy: unsafe-url
set-cookie: _bit=l8u7Xd-51e20e93cdc593f268-00m; Domain=bit.ly; Expires=Tue, 29 Mar 2022 07:59:13 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 1597128589_xmarvelpng
i1-cdn.scalef.net/images/campaigns/logo/ 83 KB
83 KB 823ms
721ms Image
image/png 2600:9000:2182:d000:0:e30c:c340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1-cdn.scalef.net/images/campaigns/logo/1597128589_xmarvelpng
Requested by: Host: ads000059571.go.scalef.net
URL: https://ads000059571.go.scalef.net/c/v3/CON000420349/?source=deeplink_generator&network_id=1&url=https://xmarvel.clix9.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:d000:0:e30c:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34d9f019c36d6ab595944b3dab60531e4bf3bd6a18d2824742e7f8f3d5e09120

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads000059571.go.scalef.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:59:15 GMT
via: 1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
last-modified: Tue, 11 Aug 2020 06:49:50 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
etag: "704ef6876c9bf0934334e88f87f80f1f"
x-cache: Miss from cloudfront
content-type: text/plain
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 84811
x-amz-cf-id: 8SQ2wkg1cL8S7yg51Ji7NqtClC7cT-VYYBWrkDjwK1uLEBv68PNfdg==

GET
H2

200

Primary Request / Show response
xmarvel.clix9.com/
Redirect Chain

https://ads000059571.go.scalef.net/c/v2/CON000420349/?source=deeplink_generator&network_id=1&url=https://xmarvel.clix9.com
https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF

185 KB
32 KB

1934ms
176ms

Document
text/html

13.250.255.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.250.255.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-255-10.ap-southeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 102d05f583f7773d4ef1ee1e0f0b3d8799c9e85539e35b3c22727a5a0056df8b

Request headers

:method: GET
:authority: xmarvel.clix9.com
:scheme: https
:path: /?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://ads000059571.go.scalef.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads000059571.go.scalef.net/c/v3/CON000420349/?source=deeplink_generator&network_id=1&url=https://xmarvel.clix9.com

Response headers

server: openresty
date: Thu, 30 Sep 2021 07:59:16 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
set-cookie: LADI_CLIENT_ID=d5713ce1-3c7a-4fb8-4e6d-9e4647d40c85; Expires=Sun, 28 Sep 2031 07:59:16 GMT LADI_PAGE_VIEW=0; Expires=Sun, 28 Sep 2031 07:59:16 GMT LADI_FORM_SUBMIT=0; Expires=Sun, 28 Sep 2031 07:59:16 GMT LADI_PAGE_VIEW=1; Expires=Sun, 28 Sep 2031 07:59:16 GMT LADI_CAMP_ID=; Max-Age=0 LADI_CAMP_NAME=; Max-Age=0 LADI_CAMP_TYPE=; Max-Age=0 LADI_CAMP_ORIGIN_URL=; Max-Age=0 LADI_CAMP_TARGET_URL=; Max-Age=0 LADI_CAMP_PAGE_VIEW=; Max-Age=0 LADI_CAMP_FORM_SUBMIT=; Max-Age=0 LADI_CAMP_BEHAVIOR_PAGE_VIEW=; Max-Age=0 LADI_CAMP_BEHAVIOR_FORMSUBMIT=; Max-Age=0 LADI_CAMP_CONFIG=; Max-Age=0 LADI_CAMP_END_DATE=; Max-Age=0 LADI_FUNNEL_NEXT_URL=; Max-Age=0 LADI_FUNNEL_PREV_URL=; Max-Age=0
statuscode: 200
content-encoding: gzip

Redirect headers

date: Thu, 30 Sep 2021 07:59:14 GMT
content-length: 0
location: https://xmarvel.clix9.com?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
set-cookie: at_finger_print=70e550b064d35911f95aaa49ab0c9723; Max-Age=63072000; Expires=Sat, 30-Sep-2023 07:59:14 GMT; Path=/
content-language: de-DE

GET
H2 200 css
fonts.googleapis.com/ 10 KB
2 KB 71ms
28ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto%20Slab:bold,regular&display=swap

Requested by

Host: xmarvel.clix9.com
URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b40225349f27e3e5a19ce6d8d39820a981f6690447a33d8b0b8a9680f84c034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xmarvel.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 07:59:17 GMT
server: ESF
date: Thu, 30 Sep 2021 07:59:17 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 30 Sep 2021 07:59:17 GMT

GET
H2 200 ladipage.min.js Show response
w.ladicdn.com/v2/source/ 204 KB
50 KB 137ms
51ms Script
text/javascript 2606:4700::6812:c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.min.js?v=1596788733763
Requested by: Host: xmarvel.clix9.com
URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ea0a4b20f1d4e11d41b0423c24a59a3f11188b7283e1efee4d2edc749c77706

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xmarvel.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:59:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 13824005
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 696be93419885b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Fri, 30 Sep 2022 07:59:17 GMT

GET
H2 200 ladi-icons.svg
w.ladicdn.com/v2/source/ 800 B
462 B 27ms
26ms Image
image/svg+xml 2606:4700::6812:c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/v2/source/ladi-icons.svg
Requested by: Host: xmarvel.clix9.com
URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63d23bf57dcc0b8d2750509399b02799bfc7a35dc962e2e93f818a07de271fe4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xmarvel.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:59:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16522817
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 696be9347a3e5b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Fri, 30 Sep 2022 07:59:17 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v26/ 31 KB
31 KB 58ms
17ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto%20Slab:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf34c41118af0e84df8a1d8536a15825937068ffc4290c4a2087c0b848caa36f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xmarvel.clix9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 20:22:10 GMT
x-content-type-options: nosniff
age: 41827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31404
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 20:22:10 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 87ms
45ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto%20Slab:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xmarvel.clix9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 17:04:31 GMT
x-content-type-options: nosniff
age: 572086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 23 Sep 2022 17:04:31 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v16/ 32 KB
32 KB 94ms
53ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto%20Slab:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xmarvel.clix9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 18:41:13 GMT
x-content-type-options: nosniff
age: 566284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32876
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:04 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 23 Sep 2022 18:41:13 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2
fonts.gstatic.com/s/robotoslab/v16/ 19 KB
19 KB 55ms
37ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto%20Slab:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21cda92988f0d5d1528552e91f81f6e825572fe78f8294a79c4d1f67a57fe605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xmarvel.clix9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 15:21:40 GMT
x-content-type-options: nosniff
age: 578257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19008
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:20:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 23 Sep 2022 15:21:40 GMT

GET
H2 200 ladipage.min.css
w.ladicdn.com/v2/source/ 65 KB
7 KB 28ms
28ms Stylesheet
text/css 2606:4700::6812:c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.min.css?v=1596788733763
Requested by: Host: xmarvel.clix9.com
URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bba875302b129847c1b0c14a5abbd40840358939392ae25ee8acd66c1c74045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xmarvel.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:59:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 13824003
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 696be934aa8a5b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Fri, 30 Sep 2022 07:59:17 GMT

GET
H2 200 d2c.js Show response
service-api.accesstrade.vn/js/v2/ 15 KB
4 KB 578ms
175ms Script
application/x-javascript 54.169.198.168

General

Check archive.org

Show headers Download Go to

Full URL: https://service-api.accesstrade.vn/js/v2/d2c.js
Requested by: Host: xmarvel.clix9.com
URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.198.168 -, , ASN (),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 64617037040aa2a42e350b01e3b753ac94f13ed34bab0693510f0a109b13c9d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xmarvel.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:59:17 GMT
content-encoding: gzip
last-modified: Sat, 28 Aug 2021 15:32:19 GMT
server: LiteSpeed
etag: "3ba4-612a5703-45bfc;gz"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3671
expires: Thu, 07 Oct 2021 07:59:17 GMT

GET
H2 200 b5.png
w.ladicdn.com/v2/source/masks/ 2 KB
3 KB 239ms
205ms Image
image/webp 2606:4700::6812:c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/v2/source/masks/b5.png
Requested by: Host: xmarvel.clix9.com
URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b16ec76c8127246b0c64a8a6acf688667609e93c257f202b1b8e0bf840e16c32

Request headers

Referer: https://xmarvel.clix9.com/
Origin: https://xmarvel.clix9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:59:17 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=5594
content-disposition: inline; filename="b5.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 696be934ede64dd0-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Fri, 30 Sep 2022 07:59:17 GMT

GET
H2 200 sec-1-back3-20200330193317.jpg
w.ladicdn.com/s1440x743/5d6352737a8c014966c91488/ 35 KB
35 KB 46ms
45ms Image
image/jpeg 2606:4700::6812:c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s1440x743/5d6352737a8c014966c91488/sec-1-back3-20200330193317.jpg
Requested by: Host: xmarvel.clix9.com
URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b0842a42e4cba38a978ff09d29986d56e8ebad6739075355d706e84e65e1f1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xmarvel.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:59:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 128383
cf-polished: origSize=37843, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 696be9351b415b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Fri, 30 Sep 2022 07:59:17 GMT

GET
H2 200 sec-2-20200326140037.png
w.ladicdn.com/s900x600/58d260c64e9b40c75627eaa8/ 444 KB
445 KB 45ms
44ms Image
image/webp 2606:4700::6812:c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s900x600/58d260c64e9b40c75627eaa8/sec-2-20200326140037.png
Requested by: Host: xmarvel.clix9.com
URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55d95b7ef83894ed270964adb839ff4e9d5e4e4642cae0d694d8565d80f1995c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xmarvel.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:59:17 GMT
vary: Accept
cf-cache-status: HIT
age: 128382
cf-polished: origFmt=png, origSize=913433
content-disposition: inline; filename="sec-2-20200326140037.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 696be9351b435b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Fri, 30 Sep 2022 07:59:17 GMT

GET
H2 200 source-20200326141802.gif
w.ladicdn.com/58d260c64e9b40c75627eaa8/ 2 MB
2 MB 226ms
226ms Image
image/webp 2606:4700::6812:c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/58d260c64e9b40c75627eaa8/source-20200326141802.gif
Requested by: Host: xmarvel.clix9.com
URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02b80fa5362b0615930403ffa3334148056f7dcc12a112ae013be795d4a57d0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xmarvel.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:59:17 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: origFmt=gif, origSize=2076897
content-disposition: inline; filename="source-20200326141802.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 696be9351b455b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Fri, 30 Sep 2022 07:59:17 GMT

GET
H2 200 f9msjfwj20200326143802.jpg
w.ladicdn.com/s1000x800/58d260c64e9b40c75627eaa8/ 46 KB
46 KB 27ms
27ms Image
image/jpeg 2606:4700::6812:c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s1000x800/58d260c64e9b40c75627eaa8/f9msjfwj20200326143802.jpg
Requested by: Host: xmarvel.clix9.com
URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a32ee1b078678a73706a1531f4d1e5ad91a34a592cb5a59581e23b1ef16ac112

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xmarvel.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:59:17 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 128383
cf-polished: origSize=50109, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 696be9351b475b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Fri, 30 Sep 2022 07:59:17 GMT

GET
H2 200 than-duoc-td-cho-phai-manh-text-20200330100437-20200708081649.png
w.ladicdn.com/s850x400/5984502d80f158a109332cc6/ 6 KB
6 KB 26ms
25ms Image
image/webp 2606:4700::6812:c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s850x400/5984502d80f158a109332cc6/than-duoc-td-cho-phai-manh-text-20200330100437-20200708081649.png
Requested by: Host: xmarvel.clix9.com
URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f04dbcc15af90e9318ef35263ee5b2dd87c9181a8d35e3609cfe26efaba1bd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xmarvel.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:59:17 GMT
vary: Accept
cf-cache-status: HIT
age: 128383
cf-polished: origFmt=png, origSize=5937
content-disposition: inline; filename="than-duoc-td-cho-phai-manh-text-20200330100437-20200708081649.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 696be9351b485b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Fri, 30 Sep 2022 07:59:17 GMT

GET
DATA 200
OK truncated
/ 296 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45ea87904d9c949abbae15b7176b850424d2e19531ef4ad6b914e8b2121c6838

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 xm-hop-20200330185010.png
w.ladicdn.com/s850x700/5d6352737a8c014966c91488/ 508 KB
508 KB 227ms
227ms Image
image/webp 2606:4700::6812:c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s850x700/5d6352737a8c014966c91488/xm-hop-20200330185010.png
Requested by: Host: xmarvel.clix9.com
URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da0dbbac526dbfe63a125b327036f9836158f2de3d21374cbe122e2153fe82c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xmarvel.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:59:17 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=993268
content-disposition: inline; filename="xm-hop-20200330185010.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 696be9351b4a5b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Fri, 30 Sep 2022 07:59:17 GMT

GET
H2 200 untitled-1-20200325195923.png
w.ladicdn.com/s450x450/58d260c64e9b40c75627eaa8/ 57 KB
57 KB 100ms
100ms Image
image/webp 2606:4700::6812:c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s450x450/58d260c64e9b40c75627eaa8/untitled-1-20200325195923.png
Requested by: Host: xmarvel.clix9.com
URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5bf625b1f5a8dd5156a6ab7f8a951937f621835a73016e7b28726b4c75323fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xmarvel.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:59:17 GMT
vary: Accept
cf-cache-status: HIT
age: 128383
cf-polished: origFmt=png, origSize=84463
content-disposition: inline; filename="untitled-1-20200325195923.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 696be9351b4e5b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Fri, 30 Sep 2022 07:59:17 GMT

GET
H2 200 104015455_256973725594439_1581358987456383570_n-20200611033613.png
w.ladicdn.com/s1250x950/5dca5fa4668cf57be5d63563/ 424 KB
425 KB 231ms
230ms Image
image/webp 2606:4700::6812:c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s1250x950/5dca5fa4668cf57be5d63563/104015455_256973725594439_1581358987456383570_n-20200611033613.png
Requested by: Host: xmarvel.clix9.com
URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6cdc82130d6d7e8c2ec1435a9ddfe9a7032615e2fd4b8decb4bf21e063c1ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xmarvel.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:59:17 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=822515
content-disposition: inline; filename="104015455_256973725594439_1581358987456383570_n-20200611033613.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 696be9351b4f5b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Fri, 30 Sep 2022 07:59:17 GMT

GET
H2 404 hqdefault.jpg
img.youtube.com/vi/-wiv88mdazk/ 1 KB
1 KB 208ms
102ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/-wiv88mdazk/hqdefault.jpg

Requested by

Host: xmarvel.clix9.com
URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xmarvel.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:59:17 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1097
x-xss-protection: 0
expires: Thu, 30 Sep 2021 07:59:47 GMT

GET
H2 200 screenshot-at-jun-04-9-15-24-am-20200604021553.png
w.ladicdn.com/s800x650/5dca5fa4668cf57be5d63563/ 599 KB
600 KB 86ms
86ms Image
image/webp 2606:4700::6812:c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s800x650/5dca5fa4668cf57be5d63563/screenshot-at-jun-04-9-15-24-am-20200604021553.png
Requested by: Host: xmarvel.clix9.com
URL: https://xmarvel.clix9.com/?click_id=f10b519436d44fbc9047a3f77c8a4838&aff_network=SF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e23959cc2890bd34ce33c5417df11142de4f5f7006f740a66e5ca31862e3fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xmarvel.clix9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:59:17 GMT
vary: Accept
cf-cache-status: HIT
age: 128382
cf-polished: origFmt=png, origSize=1410499
content-disposition: inline; filename="screenshot-at-jun-04-9-15-24-am-20200604021553.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: imgq:100,h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 696be9351b515b86-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires: Fri, 30 Sep 2022 07:59:17 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v26/ 14 KB
14 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto%20Slab:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73991718fdbe348bf3c5aef1641878ac819f6217e026a66cfe87cd6b9777e974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xmarvel.clix9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:25:52 GMT
x-content-type-options: nosniff
age: 117205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14016
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:12 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Sep 2022 23:25:52 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2
fonts.gstatic.com/s/robotoslab/v16/ 8 KB
9 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Roboto%20Slab:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee0ca24f92143f2939ea29c6943244a6fd5a5eb9c7b0a0b31d79e425cfdeb206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xmarvel.clix9.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 22:02:21 GMT
x-content-type-options: nosniff
age: 554216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8612
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:15:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 23 Sep 2022 22:02:21 GMT

OPTIONS
H2 200 event
a.ladipage.com/ 0
0 777ms
175ms Preflight
application/json 52.76.58.45

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Protocol

Server

52.76.58.45 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_form_submit_daily,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_page_view_daily,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_form_submit_daily,ladi_page_view,ladi_page_view_daily
Origin: https://xmarvel.clix9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 30 Sep 2021 07:59:18 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age: 2592000
vary: Accept-Encoding
content-encoding: gzip

POST
H2 200 event Show response
a.ladipage.com/ 34 B
560 B 207ms
207ms XHR
text/plain 52.76.58.45

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.min.js?v=1596788733763

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.76.58.45 -, , ASN (),

Reverse DNS

Software

Resource Hash

287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

LADI_CLIENT_ID: d5713ce1-3c7a-4fb8-4e6d-9e4647d40c85
LADI_PAGE_VIEW_DAILY: 0
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT_DAILY: 0
LADI_CAMP_ID
Accept-Language: de-DE,de;q=0.9
LADI_CAMP_FORM_SUBMIT: 0
LADI_CAMP_TYPE
LADI_CAMP_FORM_SUBMIT_DAILY: 0
LADI_CAMP_PAGE_VIEW_DAILY: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
LADI_FORM_SUBMIT: 0
LADI_CAMP_NAME
Content-Type: application/json
Referer: https://xmarvel.clix9.com/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW: 0
LADI_PAGE_VIEW: 1

Response headers

date: Thu, 30 Sep 2021 07:59:18 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 01:55:40	Name: _bit Value: l8u7Xd-51e20e93cdc593f268-00m
ads000059571.go.scalef.net/	1970-01-20 15:07:40	Name: at_finger_print Value: 70e550b064d35911f95aaa49ab0c9723
xmarvel.clix9.com/	1970-01-23 13:12:28	Name: LADI_CLIENT_ID Value: d5713ce1-3c7a-4fb8-4e6d-9e4647d40c85
xmarvel.clix9.com/	1970-01-23 13:12:28	Name: LADI_FORM_SUBMIT Value: 0
xmarvel.clix9.com/	1970-01-23 13:12:28	Name: LADI_PAGE_VIEW Value: 1
xmarvel.clix9.com/	1969-12-31 23:59:59	Name: _timenow Value: 1632988757357

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://img.youtube.com/vi/-wiv88mdazk/hqdefault.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
ads000059571.go.scalef.net
bit.ly
fonts.googleapis.com
fonts.gstatic.com
i1-cdn.scalef.net
img.youtube.com
service-api.accesstrade.vn
w.ladicdn.com
xmarvel.clix9.com
13.250.255.10
13.251.179.142
2600:9000:2182:d000:0:e30c:c340:93a1
2606:4700::6812:c44
2a00:1450:4001:800::2003
2a00:1450:4001:803::200e
2a00:1450:4001:811::200a
52.76.58.45
54.169.198.168
67.199.248.10
02b80fa5362b0615930403ffa3334148056f7dcc12a112ae013be795d4a57d0b
0ea0a4b20f1d4e11d41b0423c24a59a3f11188b7283e1efee4d2edc749c77706
102d05f583f7773d4ef1ee1e0f0b3d8799c9e85539e35b3c22727a5a0056df8b
1b40225349f27e3e5a19ce6d8d39820a981f6690447a33d8b0b8a9680f84c034
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
21cda92988f0d5d1528552e91f81f6e825572fe78f8294a79c4d1f67a57fe605
287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23
2bba875302b129847c1b0c14a5abbd40840358939392ae25ee8acd66c1c74045
2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46
34d9f019c36d6ab595944b3dab60531e4bf3bd6a18d2824742e7f8f3d5e09120
45ea87904d9c949abbae15b7176b850424d2e19531ef4ad6b914e8b2121c6838
46e23959cc2890bd34ce33c5417df11142de4f5f7006f740a66e5ca31862e3fe
4e6cdc82130d6d7e8c2ec1435a9ddfe9a7032615e2fd4b8decb4bf21e063c1ad
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
55d95b7ef83894ed270964adb839ff4e9d5e4e4642cae0d694d8565d80f1995c
63d23bf57dcc0b8d2750509399b02799bfc7a35dc962e2e93f818a07de271fe4
64617037040aa2a42e350b01e3b753ac94f13ed34bab0693510f0a109b13c9d6
73991718fdbe348bf3c5aef1641878ac819f6217e026a66cfe87cd6b9777e974
8b0842a42e4cba38a978ff09d29986d56e8ebad6739075355d706e84e65e1f1f
8b4b4061f4c7a71d9c748bf7ad615ee5dbf59dc70642d1f92070d0b0ecdd0a81
8f04dbcc15af90e9318ef35263ee5b2dd87c9181a8d35e3609cfe26efaba1bd4
a32ee1b078678a73706a1531f4d1e5ad91a34a592cb5a59581e23b1ef16ac112
b16ec76c8127246b0c64a8a6acf688667609e93c257f202b1b8e0bf840e16c32
b5bf625b1f5a8dd5156a6ab7f8a951937f621835a73016e7b28726b4c75323fb
cf34c41118af0e84df8a1d8536a15825937068ffc4290c4a2087c0b848caa36f
da0dbbac526dbfe63a125b327036f9836158f2de3d21374cbe122e2153fe82c9
ee0ca24f92143f2939ea29c6943244a6fd5a5eb9c7b0a0b31d79e425cfdeb206

xmarvel.clix9.com Open in urlscan Pro 13.250.255.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

50 %IPv6

9 Domains

10 Subdomains

10 IPs

3 Countries

4122 kBTransfer

4500 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xmarvel.clix9.com Open in urlscan Pro
13.250.255.10 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

4122 kB
Transfer

4500 kB
Size

6
Cookies

27 HTTP transactions
1 data transactions