urlscan.io logo urlscan.io
SecurityTrails logo

google4.gastosic.vn Open in urlscan Pro
13.250.192.238  Public Scan

Go To Rescan Add Verdict Report
URL: https://google4.gastosic.vn/
Submission Tags: @phishunt_io
Submission: On October 07 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 7 countries across 20 domains to perform 83 HTTP transactions. The main IP is 13.250.192.238, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is google4.gastosic.vn.
TLS certificate: Issued by R3 on October 5th 2021. Valid for: 3 months.
This is the only time google4.gastosic.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13.250.192.238 16509 (AMAZON-02)
2 142.250.74.202 15169 (GOOGLE)
7 104.18.13.68 13335 (CLOUDFLAR...)
2 2 18.138.119.12 16509 (AMAZON-02)
6 142.250.185.200 15169 (GOOGLE)
1 143.204.98.82 16509 (AMAZON-02)
2 111.65.249.130 45894 (FPTONLINE...)
9 142.250.186.99 15169 (GOOGLE)
4 185.60.216.19 32934 (FACEBOOK)
2 142.250.185.66 15169 (GOOGLE)
3 142.250.185.78 15169 (GOOGLE)
6 15 93.158.134.119 13238 (YANDEX)
1 172.67.214.132 13335 (CLOUDFLAR...)
1 143.204.98.45 16509 (AMAZON-02)
1 172.217.16.142 15169 (GOOGLE)
2 142.250.13.157 15169 (GOOGLE)
4 142.250.185.162 15169 (GOOGLE)
1 103.28.37.235 131353 (NHANHOA-A...)
4 13.229.25.46 16509 (AMAZON-02)
6 185.60.216.35 32934 (FACEBOOK)
5 142.250.184.196 15169 (GOOGLE)
1 143.204.98.32 16509 (AMAZON-02)
1 52.210.84.221 16509 (AMAZON-02)
2 8 143.204.98.129 16509 (AMAZON-02)
1 54.73.110.124 16509 (AMAZON-02)
1 180.148.141.243 ()
1 180.148.141.239 45894 (FPTONLINE...)
83 26
2    13.250.192.238 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-192-238.ap-southeast-1.compute.amazonaws.com
google4.gastosic.vn
www.gastosic.org
2    142.250.74.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f10.1e100.net
fonts.googleapis.com
7    104.18.13.68 (None, )

ASN13335 (CLOUDFLARENET, US)
w.ladicdn.com
2    18.138.119.12 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-119-12.ap-southeast-1.compute.amazonaws.com
static.ladipage.net
6    142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net
www.googletagmanager.com
1    143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net
static.hotjar.com
2    111.65.249.130 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
s.eclick.vn
9    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
4    185.60.216.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net
connect.facebook.net
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com
3    142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net
www.google-analytics.com
15    93.158.134.119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
1    172.67.214.132 (United States)

ASN13335 (CLOUDFLARENET, US)
static.mepuzz.com
1    143.204.98.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-45.fra50.r.cloudfront.net
script.hotjar.com
1    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net
analytics.google.com
2    142.250.13.157 (United States)

ASN15169 (GOOGLE, US)
PTR: we-in-f157.1e100.net
stats.g.doubleclick.net
4    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads.g.doubleclick.net
1    103.28.37.235 (Viet Nam)

ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN)
mepuzz.com
4    13.229.25.46 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-25-46.ap-southeast-1.compute.amazonaws.com
a.ladipage.com
6    185.60.216.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com
www.facebook.com
5    142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net
www.google.com
1    143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net
vars.hotjar.com
1    52.210.84.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-84-221.eu-west-1.compute.amazonaws.com
in.hotjar.com
8    143.204.98.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-129.fra50.r.cloudfront.net
s.adroll.com
1    54.73.110.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-110-124.eu-west-1.compute.amazonaws.com
d.adroll.com
1    180.148.141.243 (None, )

ASN- ()
r.eclick.vn
1    180.148.141.239 (Viet Nam)

ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN)
t.eclick.vn
Domain Requested by
13 mc.yandex.com 5 redirects google4.gastosic.vn
mc.yandex.ru
9 fonts.gstatic.com fonts.googleapis.com
8 s.adroll.com 2 redirects google4.gastosic.vn
s.adroll.com
7 w.ladicdn.com google4.gastosic.vn
www.gastosic.org
6 www.facebook.com google4.gastosic.vn
6 www.googletagmanager.com google4.gastosic.vn
www.googletagmanager.com
www.gastosic.org
5 www.google.com google4.gastosic.vn
www.gastosic.org
4 a.ladipage.com w.ladicdn.com
4 googleads.g.doubleclick.net www.googleadservices.com
4 connect.facebook.net google4.gastosic.vn
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 mc.yandex.ru 1 redirects google4.gastosic.vn
2 www.googleadservices.com www.googletagmanager.com
2 s.eclick.vn google4.gastosic.vn
s.eclick.vn
2 static.ladipage.net 2 redirects
2 fonts.googleapis.com google4.gastosic.vn
www.gastosic.org
1 t.eclick.vn s.eclick.vn
1 r.eclick.vn
1 d.adroll.com s.adroll.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 mepuzz.com static.mepuzz.com
1 analytics.google.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 www.gastosic.org www.googletagmanager.com
1 static.mepuzz.com google4.gastosic.vn
1 static.hotjar.com google4.gastosic.vn
1 google4.gastosic.vn
83 29

This site contains links to these domains. Also see Links.

Domain
gastosic.vn
Subject Issuer Validity Valid
google4.gastosic.vn
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
ladicdn.com
Cloudflare Inc ECC CA-3		 2021-06-12 -
2022-06-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.eclick.vn
GlobalSign GCC R3 DV TLS CA 2020		 2021-01-21 -
2022-02-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.mepuzz.com
R3		 2021-09-06 -
2021-12-05		 3 months crt.sh
www.gastosic.org
R3		 2021-09-24 -
2021-12-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
a.ladipage.com
Amazon		 2021-07-17 -
2022-08-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
s.adroll.com
Amazon		 2021-08-02 -
2022-08-31		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2021-09-09 -
2022-10-08		 a year crt.sh

This page contains 4 frames:

Primary Page: https://google4.gastosic.vn/
Frame ID: 19153B24511EF2BAC0D2AAABC32F4510
Requests: 55 HTTP requests in this frame

Frame: https://www.gastosic.org/
Frame ID: B8AFF2819D9002B72805C9F3B1778DCE
Requests: 23 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: E3BA467FA6A124D23FB5636C87D0B139
Requests: 1 HTTP requests in this frame

Frame: https://s.eclick.vn/delivery/lookup.html
Frame ID: 8327F06BA77E3C1BAAA893942B67D9F1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gastosic - Trào ngược dạ dày thực quản

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

83
Requests

100 %
HTTPS

0 %
IPv6

20
Domains

29
Subdomains

26
IPs

7
Countries

1581 kB
Transfer

4639 kB
Size

30
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://static.ladipage.net/5bd91795f9f4421606015c6f/shopping-cart-1561954044.png HTTP 301
  • https://w.ladicdn.com/5bd91795f9f4421606015c6f/shopping-cart-1561954044.png
Request Chain 3
  • https://static.ladipage.net/5bd91795f9f4421606015c6f/map-icon-1563239914.png HTTP 301
  • https://w.ladicdn.com/5bd91795f9f4421606015c6f/map-icon-1563239914.png
Request Chain 31
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9419.4jfexlo1AOjuHWePZMqJyUV7jJps0Fd27fmtILnp3W4OD4PPtodFrKhDqofq6s9f.0SoMaGzVUca5pmE3hxSBN_iR0E0%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9419.RzAoNpnP-1q6I44h1hAnu0Gn-ivSF76co2sDRNiC1B2gDFF3pf7WCBipamPn-FIaIMGfmaf3zgn_asEZ_lRiJw%2C%2C.OpqXll9uzV7OxesRnE_N0BKkgOI%2C
Request Chain 39
  • https://mc.yandex.com/watch/67575184?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A0%3Als%3A688293613086%3Ahid%3A736475231%3Az%3A0%3Ai%3A2021010071134010%3Aet%3A1633606450%3Ac%3A1%3Arn%3A826037475%3Arqn%3A1%3Au%3A1633606450342128646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633606449012%3Ads%3A47%2C354%2C177%2C173%2C1%2C0%2C%2C297%2C2%2C%2C%2C%2C879%3Adsn%3A48%2C354%2C176%2C174%2C0%2C0%2C%2C126%2C2%2C%2C%2C%2C879%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633606450%3At%3AGastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n HTTP 302
  • https://mc.yandex.com/watch/67575184/1?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A0%3Als%3A688293613086%3Ahid%3A736475231%3Az%3A0%3Ai%3A2021010071134010%3Aet%3A1633606450%3Ac%3A1%3Arn%3A826037475%3Arqn%3A1%3Au%3A1633606450342128646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633606449012%3Ads%3A47%2C354%2C177%2C173%2C1%2C0%2C%2C297%2C2%2C%2C%2C%2C879%3Adsn%3A48%2C354%2C176%2C174%2C0%2C0%2C%2C126%2C2%2C%2C%2C%2C879%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633606450%3At%3AGastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n
Request Chain 40
  • https://mc.yandex.com/watch/66105448?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A3%3Adp%3A0%3Als%3A1246948800321%3Ahid%3A736475231%3Az%3A0%3Ai%3A2021010071134010%3Aet%3A1633606450%3Ac%3A1%3Arn%3A348509993%3Arqn%3A1%3Au%3A1633606450342128646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633606449012%3Ads%3A47%2C354%2C177%2C173%2C1%2C0%2C%2C297%2C2%2C%2C%2C%2C879%3Adsn%3A48%2C354%2C176%2C174%2C0%2C0%2C%2C126%2C2%2C%2C%2C%2C879%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633606450%3At%3AGastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n HTTP 302
  • https://mc.yandex.com/watch/66105448/1?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A3%3Adp%3A0%3Als%3A1246948800321%3Ahid%3A736475231%3Az%3A0%3Ai%3A2021010071134010%3Aet%3A1633606450%3Ac%3A1%3Arn%3A348509993%3Arqn%3A1%3Au%3A1633606450342128646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633606449012%3Ads%3A47%2C354%2C177%2C173%2C1%2C0%2C%2C297%2C2%2C%2C%2C%2C879%3Adsn%3A48%2C354%2C176%2C174%2C0%2C0%2C%2C126%2C2%2C%2C%2C%2C879%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633606450%3At%3AGastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n
Request Chain 41
  • https://mc.yandex.com/watch/71440525?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A4%3Adp%3A0%3Als%3A1115543709948%3Ahid%3A736475231%3Az%3A0%3Ai%3A2021010071134010%3Aet%3A1633606450%3Ac%3A1%3Arn%3A685269796%3Arqn%3A1%3Au%3A1633606450342128646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633606449012%3Ads%3A47%2C354%2C177%2C173%2C1%2C0%2C%2C297%2C2%2C%2C%2C%2C879%3Adsn%3A48%2C354%2C176%2C174%2C0%2C0%2C%2C126%2C2%2C%2C%2C%2C879%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633606450%3At%3AGastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n HTTP 302
  • https://mc.yandex.com/watch/71440525/1?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A4%3Adp%3A0%3Als%3A1115543709948%3Ahid%3A736475231%3Az%3A0%3Ai%3A2021010071134010%3Aet%3A1633606450%3Ac%3A1%3Arn%3A685269796%3Arqn%3A1%3Au%3A1633606450342128646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633606449012%3Ads%3A47%2C354%2C177%2C173%2C1%2C0%2C%2C297%2C2%2C%2C%2C%2C879%3Adsn%3A48%2C354%2C176%2C174%2C0%2C0%2C%2C126%2C2%2C%2C%2C%2C879%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633606450%3At%3AGastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n
Request Chain 42
  • https://mc.yandex.com/watch/56221081?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A127434085365%3Ahid%3A736475231%3Az%3A0%3Ai%3A202101007113409%3Aet%3A1633606450%3Ac%3A1%3Arn%3A1026259236%3Arqn%3A1%3Au%3A1633606450342128646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633606449012%3Ads%3A47%2C354%2C177%2C173%2C1%2C0%2C%2C297%2C2%2C%2C%2C%2C879%3Adsn%3A48%2C354%2C176%2C174%2C0%2C0%2C%2C126%2C2%2C%2C%2C%2C879%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633606450%3At%3AGastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n HTTP 302
  • https://mc.yandex.com/watch/56221081/1?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A127434085365%3Ahid%3A736475231%3Az%3A0%3Ai%3A202101007113409%3Aet%3A1633606450%3Ac%3A1%3Arn%3A1026259236%3Arqn%3A1%3Au%3A1633606450342128646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633606449012%3Ads%3A47%2C354%2C177%2C173%2C1%2C0%2C%2C297%2C2%2C%2C%2C%2C879%3Adsn%3A48%2C354%2C176%2C174%2C0%2C0%2C%2C126%2C2%2C%2C%2C%2C879%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633606450%3At%3AGastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n
Request Chain 72
  • https://s.adroll.com/j/exp/FB3XEQVCXNG2HE7QASGNEK/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 73
  • https://s.adroll.com/j/pre/FB3XEQVCXNG2HE7QASGNEK/WLLCOSAJXVDBLHXIO3TM3U/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
google4.gastosic.vn/ 		38 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.192.238 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-238.ap-southeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
459b6b9c6f729f3ade059e8cd436e10a7521552869fece60b52f60904d9a2010

Request headers

:method
GET
:authority
google4.gastosic.vn
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
openresty
date
Thu, 07 Oct 2021 11:34:09 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
set-cookie
LADI_CLIENT_ID=73a13cac-eab0-49b8-4783-f1d52032f90e; Expires=Sun, 05 Oct 2031 11:34:09 GMT LADI_PAGE_VIEW=0; Expires=Sun, 05 Oct 2031 11:34:09 GMT LADI_FORM_SUBMIT=0; Expires=Sun, 05 Oct 2031 11:34:09 GMT LADI_PAGE_VIEW=1; Expires=Sun, 05 Oct 2031 11:34:09 GMT LADI_CAMP_ID=; Max-Age=0 LADI_CAMP_NAME=; Max-Age=0 LADI_CAMP_TYPE=; Max-Age=0 LADI_CAMP_ORIGIN_URL=; Max-Age=0 LADI_CAMP_TARGET_URL=; Max-Age=0 LADI_CAMP_PAGE_VIEW=; Max-Age=0 LADI_CAMP_FORM_SUBMIT=; Max-Age=0 LADI_CAMP_BEHAVIOR_PAGE_VIEW=; Max-Age=0 LADI_CAMP_BEHAVIOR_FORMSUBMIT=; Max-Age=0 LADI_CAMP_CONFIG=; Max-Age=0 LADI_CAMP_END_DATE=; Max-Age=0 LADI_FUNNEL_NEXT_URL=; Max-Age=0 LADI_FUNNEL_PREV_URL=; Max-Age=0
statuscode
200
content-encoding
gzip
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f10.1e100.net
Software
ESF /
Resource Hash
24d38ffafe555e5e99d87f14a1af8b17f927ae22a16cc632a3efe457fe52d749
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 11:34:09 GMT
server
ESF
date
Thu, 07 Oct 2021 11:34:09 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 07 Oct 2021 11:34:09 GMT
ladipage.min.js
w.ladicdn.com/v2/source/ 		290 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.js?v=1571977901832
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c73245c4aa09dca7f7520db3a44e9f8c7fc530e30d8c21f618d4db2a0276ae5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
373908
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
69a6d1965aec42e1-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 07 Oct 2022 11:34:09 GMT
shopping-cart-1561954044.png
w.ladicdn.com/5bd91795f9f4421606015c6f/
Redirect Chain
  • https://static.ladipage.net/5bd91795f9f4421606015c6f/shopping-cart-1561954044.png
  • https://w.ladicdn.com/5bd91795f9f4421606015c6f/shopping-cart-1561954044.png
268 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/5bd91795f9f4421606015c6f/shopping-cart-1561954044.png
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.13.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1bd39fcbd000c5fcbf145e50fc2657b43041731cfefda6d48f58bafc1939fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:10 GMT
vary
Accept
cf-cache-status
HIT
age
296940
cf-polished
origFmt=png, origSize=15787
content-disposition
inline; filename="shopping-cart-1561954044.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
69a6d19968356977-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 07 Oct 2022 11:34:10 GMT

Redirect headers

location
https://w.ladicdn.com:443/5bd91795f9f4421606015c6f/shopping-cart-1561954044.png
date
Thu, 07 Oct 2021 11:34:10 GMT
server
awselb/2.0
content-length
134
content-type
text/html
map-icon-1563239914.png
w.ladicdn.com/5bd91795f9f4421606015c6f/
Redirect Chain
  • https://static.ladipage.net/5bd91795f9f4421606015c6f/map-icon-1563239914.png
  • https://w.ladicdn.com/5bd91795f9f4421606015c6f/map-icon-1563239914.png
288 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/5bd91795f9f4421606015c6f/map-icon-1563239914.png
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.13.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1593ae0e0728bdbd4d54f671d331c82826e8679779e1736faddc9887bafb73a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:10 GMT
vary
Accept
cf-cache-status
HIT
age
296940
cf-polished
origFmt=png, origSize=15844
content-disposition
inline; filename="map-icon-1563239914.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
69a6d199683b6977-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 07 Oct 2022 11:34:10 GMT

Redirect headers

location
https://w.ladicdn.com:443/5bd91795f9f4421606015c6f/map-icon-1563239914.png
date
Thu, 07 Oct 2021 11:34:10 GMT
server
awselb/2.0
content-length
134
content-type
text/html
gtm.js
www.googletagmanager.com/ 		166 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WLWLDKP
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ab920ef71c89c20ebd0a5b07a4e50b85ea64b8c21ee3fe0f1c0be6485a6097ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56704
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 Oct 2021 11:34:09 GMT
hotjar-1495146.js
static.hotjar.com/c/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1495146.js?sv=6
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
/
Resource Hash
e2fade725582d4a23fe9249cfbe9b3d173debe172404cfa14c30fd84ef861557
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-edge-origin-shield-skipped
0
etag
W/af4190ee113eefa16491bc6d7c09fb33
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
NdrU6KgoOoPimvLsZu4YkmtZsMO5cpUMflVOnIqGkbxPvY6iNpCwNg==
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
retargeting.js
s.eclick.vn/delivery/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eclick.vn/delivery/retargeting.js
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-static_eclick_141_36 /
Resource Hash
e118798f9ada5898662edba96878ac240467a570a162ca41f27f6916436a0ed3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:10 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2016 09:42:51 GMT
server
FPT-static_eclick_141_36
etag
W/"5809e31b-11ab"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
expires
Fri, 08 Oct 2021 11:34:10 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://google4.gastosic.vn
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 17:03:52 GMT
x-content-type-options
nosniff
age
585017
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Sep 2022 17:03:52 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v26/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
cf34c41118af0e84df8a1d8536a15825937068ffc4290c4a2087c0b848caa36f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://google4.gastosic.vn
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 03:57:43 GMT
x-content-type-options
nosniff
age
113786
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31404
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Oct 2022 03:57:43 GMT
js
www.googletagmanager.com/gtag/ 		162 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BE5WC97200&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLWLDKP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3503aa63f0fce792f5876c4fe3d57eecfb7115b7bc2f9f7fc50fc400ca85f5fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:09 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61407
x-xss-protection
0
expires
Thu, 07 Oct 2021 11:34:09 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25967
x-xss-protection
0
pragma
public
x-fb-debug
vWaWWeIunaZjBk/JhHhkW5dtKWMS5cZpKueL4T1fldjxpWNgRUNPPxprzZXx8Vhm2oqvtQ62kCVBbxklXvcHUw==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 07 Oct 2021 11:34:09 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLWLDKP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
03b8f9e258f69727a11fc81ce93fbc8d0d5ca96489a1e84463af819efedf0782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14399
x-xss-protection
0
server
cafe
etag
3154747477907843336
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Oct 2021 11:34:09 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLWLDKP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2832
date
Thu, 07 Oct 2021 10:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 07 Oct 2021 12:46:57 GMT
tag.js
mc.yandex.ru/metrika/ 		191 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:09 GMT
content-encoding
br
last-modified
Wed, 06 Oct 2021 08:41:01 GMT
etag
"615d36ed-1031a"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66330
expires
Thu, 07 Oct 2021 12:34:09 GMT
MePuzzSDK.min.js
static.mepuzz.com/sdk/v2/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mepuzz.com/sdk/v2/MePuzzSDK.min.js
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.214.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f02198662778288db6c8d73623fd7ecf1d43dfcc4a47463a5444839b36060a96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8889
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 25 Sep 2021 07:50:12 GMT
server
cloudflare
etag
W/"614ed4b4-7015"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpxWfAxNma5HAupWFIr9Sjk3JVtQRmRoYC3HNnl%2BXloqrXHyy6uvIB0aZKyi7bHezF4TSXEE7Uom6BGPgmFMqIx6Gl4jN0G9odKI2uGv13x5fC8%2B9YcWDZT1WHzqAaTjWSxpfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
cf-ray
69a6d1972c31f9ce-PRG
expires
Thu, 07 Oct 2021 21:05:59 GMT
/
www.gastosic.org/ Frame B8AF 		158 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gastosic.org/
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLWLDKP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.192.238 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-192-238.ap-southeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
b4d18d52d6bfb11689a4b4300851a3f9e46137b73dd6fae96387b95613f93a18

Request headers

:method
GET
:authority
www.gastosic.org
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://google4.gastosic.vn/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/

Response headers

server
openresty
date
Thu, 07 Oct 2021 11:34:10 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
set-cookie
LADI_CLIENT_ID=0e47d4c3-4adc-4503-5de6-dda8e1547780; Expires=Sun, 05 Oct 2031 11:34:10 GMT LADI_PAGE_VIEW=0; Expires=Sun, 05 Oct 2031 11:34:10 GMT LADI_FORM_SUBMIT=0; Expires=Sun, 05 Oct 2031 11:34:10 GMT LADI_PAGE_VIEW=1; Expires=Sun, 05 Oct 2031 11:34:10 GMT LADI_CAMP_ID=; Max-Age=0 LADI_CAMP_NAME=; Max-Age=0 LADI_CAMP_TYPE=; Max-Age=0 LADI_CAMP_ORIGIN_URL=; Max-Age=0 LADI_CAMP_TARGET_URL=; Max-Age=0 LADI_CAMP_PAGE_VIEW=; Max-Age=0 LADI_CAMP_FORM_SUBMIT=; Max-Age=0 LADI_CAMP_BEHAVIOR_PAGE_VIEW=; Max-Age=0 LADI_CAMP_BEHAVIOR_FORMSUBMIT=; Max-Age=0 LADI_CAMP_CONFIG=; Max-Age=0 LADI_CAMP_END_DATE=; Max-Age=0 LADI_FUNNEL_NEXT_URL=; Max-Age=0 LADI_FUNNEL_PREV_URL=; Max-Age=0
statuscode
200
content-encoding
gzip
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v26/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
73991718fdbe348bf3c5aef1641878ac819f6217e026a66cfe87cd6b9777e974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://google4.gastosic.vn
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 10:13:32 GMT
x-content-type-options
nosniff
age
177637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14016
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:12 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Oct 2022 10:13:32 GMT
modules.e95f6e2deb67f1b24d8e.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1495146.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-45.fra50.r.cloudfront.net
Software
/
Resource Hash
3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 08:27:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
788824
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
59787
access-control-allow-origin
*
last-modified
Tue, 28 Sep 2021 08:26:22 GMT
etag
"4c2c45df8457d0c2a07b3285a23cd7a4"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
Zss5i2iBbpOSo9Sdk0UTdWEH7hHmi73XSR3ADMkkoYsu7zNQOFc-Eg==
751370412416245
connect.facebook.net/signals/config/ 		489 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/751370412416245?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
4ce048b9043893d82cbab677d7fd3a170e7b622984693fc01b581a7ef04731bd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
6FmZ/PD6462Flku4RkWPuB0fSoGoZOAXasYFdnjJsI1fISNd8ZDeTzPGm3vi2+N+Zt0i7PsmT80PZhx+E9HJIg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 07 Oct 2021 11:34:09 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ladipage.min.css
w.ladicdn.com/v2/source/ 		65 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.css?v=1571977901832
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.13.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556bd4284a74e9582386fdcde56f404e9d15700809f0364dedc45a4ec2b79d0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
589678
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
69a6d1972a796977-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 07 Oct 2022 11:34:09 GMT
74443925_924783944561219_1147605937117200384_n-20191021090147.png
w.ladicdn.com/s500x400/5bd91795f9f4421606015c6f/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s500x400/5bd91795f9f4421606015c6f/74443925_924783944561219_1147605937117200384_n-20191021090147.png
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.13.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3536af195e7b636c52bedf7cbf2eb65af0d81791d745c1494059032a70f6b0e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:09 GMT
vary
Accept
cf-cache-status
HIT
age
296939
cf-polished
origFmt=png, origSize=199215
content-disposition
inline; filename="74443925_924783944561219_1147605937117200384_n-20191021090147.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
69a6d1972a776977-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 07 Oct 2022 11:34:09 GMT
collect
analytics.google.com/g/ 		0
361 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-BE5WC97200&gtm=2oea40&_p=2062635308&sr=1600x1200&_gaz=1&ul=en-us&cid=415887638.1633606450&_s=1&dl=https%3A%2F%2Fgoogle4.gastosic.vn%2F&dt=Gastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n&sid=1633606449&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BE5WC97200&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://google4.gastosic.vn/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://google4.gastosic.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
370 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BE5WC97200&cid=415887638.1633606450&gtm=2oea40&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BE5WC97200&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.13.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://google4.gastosic.vn/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://google4.gastosic.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/846302446/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/846302446/?random=1633606449818&cv=9&fst=1633606449818&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga60&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&tiba=Gastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
dff19a3bc9cfcfd764b0957ae230b14620db659309074342cbf549bd777e7560
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1024
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2062635308&t=pageview&_s=1&dl=https%3A%2F%2Fgoogle4.gastosic.vn%2F&ul=en-us&de=UTF-8&dt=Gastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACAABBAAAAC~&jid=1872695762&gjid=1643255986&cid=415887638.1633606450&tid=UA-84484615-1&_gid=1509823455.1633606450&_r=1&gtm=2wga60WLWLDKP&z=1416952028
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://google4.gastosic.vn/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://google4.gastosic.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
mepuzz.com/api/wvr1pJQeq5/ 		666 B
614 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mepuzz.com/api/wvr1pJQeq5/config?mepuzzId=null
Requested by
Host: static.mepuzz.com
URL: https://static.mepuzz.com/sdk/v2/MePuzzSDK.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.28.37.235 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
Software
nginx /
Resource Hash
c488653ad9f0705b22a672c8b9f75aad6ab7388b54115fceacabdd8430b5ab64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://google4.gastosic.vn
date
Thu, 07 Oct 2021 11:34:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
event
a.ladipage.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Protocol
H2
Server
13.229.25.46 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-25-46.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Origin
https://google4.gastosic.vn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 07 Oct 2021 11:34:10 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
x-xss-protection
0
x-content-type-options
nosniff
x-download-options
noopen
access-control-allow-origin
*
access-control-allow-methods
POST, OPTIONS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age
2592000
vary
Accept-Encoding
content-encoding
gzip
event
a.ladipage.com/ 		34 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.min.js?v=1571977901832
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.25.46 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-25-46.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

LADI_CLIENT_ID
73a13cac-eab0-49b8-4783-f1d52032f90e
LADI_CAMP_ORIGIN_URL
LADI_CAMP_ID
Accept-Language
de-DE,de;q=0.9
LADI_CAMP_FORM_SUBMIT
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
LADI_FORM_SUBMIT
0
LADI_CAMP_NAME
Content-Type
application/json
Referer
https://google4.gastosic.vn/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW
0
LADI_PAGE_VIEW
1
LADI_CAMP_TYPE

Response headers

date
Thu, 07 Oct 2021 11:34:10 GMT
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-max-age
2592000
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-84484615-1&cid=415887638.1633606450&jid=1872695762&gjid=1643255986&_gid=1509823455.1633606450&_u=YCDACAAABAAAAC~&z=902620791
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.13.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://google4.gastosic.vn/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 07 Oct 2021 11:34:09 GMT
content-type
text/plain
access-control-allow-origin
https://google4.gastosic.vn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
439133060717033
connect.facebook.net/signals/config/ 		490 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/439133060717033?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
3d359f65fd15c436c287f7331b65260583a93ed77c067d386b8edcd39aeab95b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
B5AlYYlgxpwmF/qP9OxMRFQa3lLb9NNAAm8vE4bRhX7d88VRY2IoFlIO4FXyxRJ6Lnci46+/3TxsgwmjAf18vQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 07 Oct 2021 11:34:10 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=751370412416245&ev=PageView&dl=https%3A%2F%2Fgoogle4.gastosic.vn%2F&rl=&if=false&ts=1633606449946&sw=1600&sh=1200&v=2.9.47&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1633606449944.438220750&it=1633606449770&coo=false&exp=p0&rqm=GET
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 07 Oct 2021 11:34:09 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9419.4jfexlo1AOjuHWePZMqJyUV7jJps0Fd27fmtILnp3W4OD4PPtodFrKhDqofq6s9f.0SoMaGzVUca5pmE3hxSBN_iR0E0%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9419.RzAoNpnP-1q6I44h1hAnu0Gn-ivSF76co2sDRNiC1B2gDFF3pf7WCBipamPn-FIaIMGfmaf3zgn_asEZ_lRiJw%2C%2C.OpqXll9uzV7OxesRnE_N0BKkgOI%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9419.RzAoNpnP-1q6I44h1hAnu0Gn-ivSF76co2sDRNiC1B2gDFF3pf7WCBipamPn-FIaIMGfmaf3zgn_asEZ_lRiJw%2C%2C.OpqXll9uzV7OxesRnE_N0BKkgOI%2C
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:10 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9419.RzAoNpnP-1q6I44h1hAnu0Gn-ivSF76co2sDRNiC1B2gDFF3pf7WCBipamPn-FIaIMGfmaf3zgn_asEZ_lRiJw%2C%2C.OpqXll9uzV7OxesRnE_N0BKkgOI%2C
date
Thu, 07 Oct 2021 11:34:10 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
/
www.google.com/pagead/1p-user-list/846302446/ 		42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/846302446/?random=1633606449818&cv=9&fst=1633604400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga60&sendb=1&frm=0&url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&tiba=Gastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n&async=1&fmt=3&is_vtc=1&random=4143951760&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-84484615-1&cid=415887638.1633606450&jid=1872695762&_u=YCDACAAABAAAAC~&z=1543939600
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-dfc01efbdc94bb0936d9a35a502b0b64.html
vars.hotjar.com/ Frame E3BA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1495146.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-32.fra50.r.cloudfront.net
Software
/
Resource Hash
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://google4.gastosic.vn/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/

Response headers

content-type
text/html
content-length
1044
date
Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"10714b84569172431728622d7c8098e4"
last-modified
Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
PJUDKsCTyWrLghUrHqL8yQSDfLS9zqr7hpmFVg8GsiUH2buWHLF8XA==
age
6820145
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:10 GMT
last-modified
Wed, 06 Oct 2021 08:41:01 GMT
etag
"615d36ed-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 07 Oct 2021 12:34:10 GMT
1099739797187188
connect.facebook.net/signals/config/ 		494 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1099739797187188?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
7c94e4f34e458191cc338edfe393a867d7089c32a37a237aaef6bdc4ede91497
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
K3JVGBUIHHGI7AMs3oNRgODVFVcD+lqvIStt0aYl/yh4nwsZvNYpV9qvJRr9TerBuf6Q/ZiQzx/I4Mdcre/xOQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 07 Oct 2021 11:34:10 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=439133060717033&ev=PageView&dl=https%3A%2F%2Fgoogle4.gastosic.vn%2F&rl=&if=false&ts=1633606450112&sw=1600&sh=1200&v=2.9.47&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1633606449944.438220750&it=1633606449770&coo=false&exp=p0&rqm=GET
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 07 Oct 2021 11:34:10 GMT
visit-data
in.hotjar.com/api/v2/client/sites/1495146/ 		146 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1495146/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.84.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-84-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36

Request headers

Referer
https://google4.gastosic.vn/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 07 Oct 2021 11:34:10 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
1
mc.yandex.com/watch/67575184/
Redirect Chain
  • https://mc.yandex.com/watch/67575184?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3...
  • https://mc.yandex.com/watch/67575184/1?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8...
366 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/67575184/1?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A0%3Als%3A688293613086%3Ahid%3A736475231%3Az%3A0%3Ai%3A2021010071134010%3Aet%3A1633606450%3Ac%3A1%3Arn%3A826037475%3Arqn%3A1%3Au%3A1633606450342128646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633606449012%3Ads%3A47%2C354%2C177%2C173%2C1%2C0%2C%2C297%2C2%2C%2C%2C%2C879%3Adsn%3A48%2C354%2C176%2C174%2C0%2C0%2C%2C126%2C2%2C%2C%2C%2C879%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633606450%3At%3AGastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
e40decf64289ea7e28b665940cb7af60129b0b6ce2ca34a7b2b95039dc221c34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 07-Oct-2021 11:34:10 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://google4.gastosic.vn
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
366
x-xss-protection
1; mode=block
expires
Thu, 07-Oct-2021 11:34:10 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:10 GMT
last-modified
Thu, 07-Oct-2021 11:34:10 GMT
location
/watch/67575184/1?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A0%3Als%3A688293613086%3Ahid%3A736475231%3Az%3A0%3Ai%3A2021010071134010%3Aet%3A1633606450%3Ac%3A1%3Arn%3A826037475%3Arqn%3A1%3Au%3A1633606450342128646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633606449012%3Ads%3A47%2C354%2C177%2C173%2C1%2C0%2C%2C297%2C2%2C%2C%2C%2C879%3Adsn%3A48%2C354%2C176%2C174%2C0%2C0%2C%2C126%2C2%2C%2C%2C%2C879%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633606450%3At%3AGastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n
strict-transport-security
max-age=31536000
access-control-allow-origin
https://google4.gastosic.vn
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 07-Oct-2021 11:34:10 GMT
1
mc.yandex.com/watch/66105448/
Redirect Chain
  • https://mc.yandex.com/watch/66105448?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3...
  • https://mc.yandex.com/watch/66105448/1?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8...
331 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/66105448/1?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A3%3Adp%3A0%3Als%3A1246948800321%3Ahid%3A736475231%3Az%3A0%3Ai%3A2021010071134010%3Aet%3A1633606450%3Ac%3A1%3Arn%3A348509993%3Arqn%3A1%3Au%3A1633606450342128646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633606449012%3Ads%3A47%2C354%2C177%2C173%2C1%2C0%2C%2C297%2C2%2C%2C%2C%2C879%3Adsn%3A48%2C354%2C176%2C174%2C0%2C0%2C%2C126%2C2%2C%2C%2C%2C879%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633606450%3At%3AGastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
ba997997d4eb36f1fd39e954da19136080d8f173624d21486647354d8f2eeae4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 07-Oct-2021 11:34:10 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://google4.gastosic.vn
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Thu, 07-Oct-2021 11:34:10 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:10 GMT
last-modified
Thu, 07-Oct-2021 11:34:10 GMT
location
/watch/66105448/1?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A3%3Adp%3A0%3Als%3A1246948800321%3Ahid%3A736475231%3Az%3A0%3Ai%3A2021010071134010%3Aet%3A1633606450%3Ac%3A1%3Arn%3A348509993%3Arqn%3A1%3Au%3A1633606450342128646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633606449012%3Ads%3A47%2C354%2C177%2C173%2C1%2C0%2C%2C297%2C2%2C%2C%2C%2C879%3Adsn%3A48%2C354%2C176%2C174%2C0%2C0%2C%2C126%2C2%2C%2C%2C%2C879%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633606450%3At%3AGastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n
strict-transport-security
max-age=31536000
access-control-allow-origin
https://google4.gastosic.vn
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 07-Oct-2021 11:34:10 GMT
1
mc.yandex.com/watch/71440525/
Redirect Chain
  • https://mc.yandex.com/watch/71440525?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3...
  • https://mc.yandex.com/watch/71440525/1?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8...
331 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/71440525/1?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A4%3Adp%3A0%3Als%3A1115543709948%3Ahid%3A736475231%3Az%3A0%3Ai%3A2021010071134010%3Aet%3A1633606450%3Ac%3A1%3Arn%3A685269796%3Arqn%3A1%3Au%3A1633606450342128646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633606449012%3Ads%3A47%2C354%2C177%2C173%2C1%2C0%2C%2C297%2C2%2C%2C%2C%2C879%3Adsn%3A48%2C354%2C176%2C174%2C0%2C0%2C%2C126%2C2%2C%2C%2C%2C879%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633606450%3At%3AGastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
466ca45bfdb372e4f4df6d305d67eec8630a35b5445c30ece4d02bc1ed482038
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 07-Oct-2021 11:34:10 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://google4.gastosic.vn
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Thu, 07-Oct-2021 11:34:10 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:10 GMT
last-modified
Thu, 07-Oct-2021 11:34:10 GMT
location
/watch/71440525/1?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A4%3Adp%3A0%3Als%3A1115543709948%3Ahid%3A736475231%3Az%3A0%3Ai%3A2021010071134010%3Aet%3A1633606450%3Ac%3A1%3Arn%3A685269796%3Arqn%3A1%3Au%3A1633606450342128646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633606449012%3Ads%3A47%2C354%2C177%2C173%2C1%2C0%2C%2C297%2C2%2C%2C%2C%2C879%3Adsn%3A48%2C354%2C176%2C174%2C0%2C0%2C%2C126%2C2%2C%2C%2C%2C879%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633606450%3At%3AGastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n
strict-transport-security
max-age=31536000
access-control-allow-origin
https://google4.gastosic.vn
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 07-Oct-2021 11:34:10 GMT
1
mc.yandex.com/watch/56221081/
Redirect Chain
  • https://mc.yandex.com/watch/56221081?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3...
  • https://mc.yandex.com/watch/56221081/1?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8...
385 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/56221081/1?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A127434085365%3Ahid%3A736475231%3Az%3A0%3Ai%3A202101007113409%3Aet%3A1633606450%3Ac%3A1%3Arn%3A1026259236%3Arqn%3A1%3Au%3A1633606450342128646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633606449012%3Ads%3A47%2C354%2C177%2C173%2C1%2C0%2C%2C297%2C2%2C%2C%2C%2C879%3Adsn%3A48%2C354%2C176%2C174%2C0%2C0%2C%2C126%2C2%2C%2C%2C%2C879%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633606450%3At%3AGastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
87e4b9970d2a4d0c85c7ec596534b4a5b6358983413261d58fba55d7a44a0300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 07-Oct-2021 11:34:10 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://google4.gastosic.vn
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
385
x-xss-protection
1; mode=block
expires
Thu, 07-Oct-2021 11:34:10 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:10 GMT
last-modified
Thu, 07-Oct-2021 11:34:10 GMT
location
/watch/56221081/1?wmode=7&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A127434085365%3Ahid%3A736475231%3Az%3A0%3Ai%3A202101007113409%3Aet%3A1633606450%3Ac%3A1%3Arn%3A1026259236%3Arqn%3A1%3Au%3A1633606450342128646%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633606449012%3Ads%3A47%2C354%2C177%2C173%2C1%2C0%2C%2C297%2C2%2C%2C%2C%2C879%3Adsn%3A48%2C354%2C176%2C174%2C0%2C0%2C%2C126%2C2%2C%2C%2C%2C879%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633606450%3At%3AGastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n
strict-transport-security
max-age=31536000
access-control-allow-origin
https://google4.gastosic.vn
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 07-Oct-2021 11:34:10 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1099739797187188&ev=PageView&dl=https%3A%2F%2Fgoogle4.gastosic.vn%2F&rl=&if=false&ts=1633606450235&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633606449944.438220750&it=1633606449770&coo=false&exp=p0&rqm=GET
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 07 Oct 2021 11:34:10 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=751370412416245&ev=Microdata&dl=https%3A%2F%2Fgoogle4.gastosic.vn%2F&rl=&if=false&ts=1633606450453&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22Gastosic%20-%20google4%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fgoogle4.gastosic.vn%22%2C%22og%3Atitle%22%3A%22Gastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.ladipage.net%2F5bd91795f9f4421606015c6f%2F11111-1561949450.jpg%22%2C%22og%3Adescription%22%3A%22Gastosic%20-%20google4%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1633606449944.438220750&it=1633606449770&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 07 Oct 2021 11:34:10 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=439133060717033&ev=Microdata&dl=https%3A%2F%2Fgoogle4.gastosic.vn%2F&rl=&if=false&ts=1633606450615&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22Gastosic%20-%20google4%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fgoogle4.gastosic.vn%22%2C%22og%3Atitle%22%3A%22Gastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.ladipage.net%2F5bd91795f9f4421606015c6f%2F11111-1561949450.jpg%22%2C%22og%3Adescription%22%3A%22Gastosic%20-%20google4%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1633606449944.438220750&it=1633606449770&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 07 Oct 2021 11:34:10 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1099739797187188&ev=Microdata&dl=https%3A%2F%2Fgoogle4.gastosic.vn%2F&rl=&if=false&ts=1633606450739&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22Gastosic%20-%20google4%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fgoogle4.gastosic.vn%22%2C%22og%3Atitle%22%3A%22Gastosic%20-%20Tr%C3%A0o%20ng%C6%B0%E1%BB%A3c%20d%E1%BA%A1%20d%C3%A0y%20th%E1%BB%B1c%20qu%E1%BA%A3n%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.ladipage.net%2F5bd91795f9f4421606015c6f%2F11111-1561949450.jpg%22%2C%22og%3Adescription%22%3A%22Gastosic%20-%20google4%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1633606449944.438220750&it=1633606449770&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 07 Oct 2021 11:34:10 GMT
css
fonts.googleapis.com/ Frame B8AF 		7 KB
752 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular&display=swap
Requested by
Host: www.gastosic.org
URL: https://www.gastosic.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f10.1e100.net
Software
ESF /
Resource Hash
f239b09090e011d8f7566f39fca11b92d88eb8e05302f33148bcf27e523ada1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gastosic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 11:34:11 GMT
server
ESF
date
Thu, 07 Oct 2021 11:34:11 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 07 Oct 2021 11:34:11 GMT
ladipage.vi.min.js
w.ladicdn.com/v2/source/ Frame B8AF 		190 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1609813577926
Requested by
Host: www.gastosic.org
URL: https://www.gastosic.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.13.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f8b525a5ac7aff876d339521572cc352c66aef82a6d39f23f8237b56ca1ee4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gastosic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
15547539
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
69a6d19f2ef36977-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 07 Oct 2022 11:34:11 GMT
js
www.googletagmanager.com/gtag/ Frame B8AF 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-188334455-1
Requested by
Host: www.gastosic.org
URL: https://www.gastosic.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e966e9be3a04052ebe725cb2cd4451034fee38c95d4cd6115a4dd82cbd9f2844
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gastosic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:11 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40077
x-xss-protection
0
expires
Thu, 07 Oct 2021 11:34:11 GMT
ladipage.min.css
w.ladicdn.com/v2/source/ Frame B8AF 		65 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.css?v=1609813577926
Requested by
Host: www.gastosic.org
URL: https://www.gastosic.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.13.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dd542f56448c468d96d554d8015420ef092debb0eae9ac5adca061cb129887e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gastosic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
15129469
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
69a6d1a00a4b6977-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 07 Oct 2022 11:34:11 GMT
gtm.js
www.googletagmanager.com/ Frame B8AF 		109 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PNGTJ7K
Requested by
Host: www.gastosic.org
URL: https://www.gastosic.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
14b76965246c4e2cdd0cde54dfcffaf20324c539bca5aea71520de67d6ffae8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gastosic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43031
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 Oct 2021 11:34:11 GMT
neILzCirqoswsqX9zoKmMw.woff2
fonts.gstatic.com/s/lobster/v23/ Frame B8AF 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lobster/v23/neILzCirqoswsqX9zoKmMw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
c5f64eafdc8767d3c827776ba86c7a5b934ff74abced803c7196cca9d45a0204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gastosic.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 18:00:02 GMT
x-content-type-options
nosniff
age
236049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33428
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:07:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 04 Oct 2022 18:00:02 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ Frame B8AF 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gastosic.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 17:03:52 GMT
x-content-type-options
nosniff
age
585019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Sep 2022 17:03:52 GMT
neILzCirqoswsqX9zoymM5Ez.woff2
fonts.gstatic.com/s/lobster/v23/ Frame B8AF 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lobster/v23/neILzCirqoswsqX9zoymM5Ez.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
93b6be93155108a375512d5c0651ca3d0929a61d38dfc7e6b2d129ef8b424aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gastosic.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 07:32:53 GMT
x-content-type-options
nosniff
age
273678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27084
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:09:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Oct 2022 07:32:53 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v26/ Frame B8AF 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
cf34c41118af0e84df8a1d8536a15825937068ffc4290c4a2087c0b848caa36f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gastosic.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 03:57:43 GMT
x-content-type-options
nosniff
age
113788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31404
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Oct 2022 03:57:43 GMT
neILzCirqoswsqX9zo2mM5Ez.woff2
fonts.gstatic.com/s/lobster/v23/ Frame B8AF 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lobster/v23/neILzCirqoswsqX9zo2mM5Ez.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
d503c5cdad825201613d53fa59858a9d5084fa4d7ad2045cfd6dd986aa5bb095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gastosic.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 07:47:56 GMT
x-content-type-options
nosniff
age
272775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13520
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:06:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Oct 2022 07:47:56 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v26/ Frame B8AF 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Lobster:bold,regular&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
73991718fdbe348bf3c5aef1641878ac819f6217e026a66cfe87cd6b9777e974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.gastosic.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 10:13:32 GMT
x-content-type-options
nosniff
age
177639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14016
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:12 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Oct 2022 10:13:32 GMT
event
a.ladipage.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Protocol
H2
Server
13.229.25.46 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-25-46.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,ladi_camp_form_submit,ladi_camp_form_submit_daily,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_page_view_daily,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_form_submit_daily,ladi_page_view,ladi_page_view_daily
Origin
https://www.gastosic.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 07 Oct 2021 11:34:11 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
x-xss-protection
0
x-content-type-options
nosniff
x-download-options
noopen
access-control-allow-origin
*
access-control-allow-methods
POST, OPTIONS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age
2592000
vary
Accept-Encoding
content-encoding
gzip
event
a.ladipage.com/ Frame B8AF 		34 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1609813577926
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.25.46 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-25-46.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

LADI_CLIENT_ID
LADI_PAGE_VIEW_DAILY
0
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT_DAILY
0
LADI_CAMP_ID
Accept-Language
de-DE,de;q=0.9
LADI_CAMP_FORM_SUBMIT
0
LADI_CAMP_TYPE
LADI_CAMP_FORM_SUBMIT_DAILY
0
LADI_CAMP_PAGE_VIEW_DAILY
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
LADI_FORM_SUBMIT
0
LADI_CAMP_NAME
Content-Type
application/json
Referer
https://www.gastosic.org/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW
0
LADI_PAGE_VIEW
0

Response headers

date
Thu, 07 Oct 2021 11:34:11 GMT
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-max-age
2592000
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection
0
analytics.js
www.google-analytics.com/ Frame B8AF 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNGTJ7K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gastosic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2834
date
Thu, 07 Oct 2021 10:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 07 Oct 2021 12:46:57 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame B8AF 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNGTJ7K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
03b8f9e258f69727a11fc81ce93fbc8d0d5ca96489a1e84463af819efedf0782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gastosic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14399
x-xss-protection
0
server
cafe
etag
3154747477907843336
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Oct 2021 11:34:11 GMT
js
www.googletagmanager.com/gtag/ Frame B8AF 		162 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3W1654VZPJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-188334455-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5a14983d2d41ec944c1430b7cf28c731067916dbfae3dcd862f4fa63f88894f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gastosic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:11 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61105
x-xss-protection
0
expires
Thu, 07 Oct 2021 11:34:11 GMT
js
www.googletagmanager.com/gtag/ Frame B8AF 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-945416747&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-188334455-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b6fd4c55c4808e9de36d0e570460f0b1089f353f36a21986ac2926cd2b93b962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gastosic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39421
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 Oct 2021 11:34:11 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/436429972/ Frame B8AF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/436429972/?random=1633606451448&cv=9&fst=1633606451448&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga40&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.gastosic.org%2F&ref=https%3A%2F%2Fgoogle4.gastosic.vn%2F&tiba=%C4%90%E1%BA%B7t%20ti%C3%AAu%20%C4%91%E1%BB%81%20trang&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
4f85cd7d64689e4def9835a5d74e4835139cc88eda4f681118c6855ec5c7fe64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gastosic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1016
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/945416747/ Frame B8AF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945416747/?random=1633606451450&cv=9&fst=1633606451450&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga40&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.gastosic.org%2F&ref=https%3A%2F%2Fgoogle4.gastosic.vn%2F&tiba=%C4%90%E1%BA%B7t%20ti%C3%AAu%20%C4%91%E1%BB%81%20trang&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
90a571dcc9e2e7d502e91410dfe0268a7bfcab045e11807c75d48f5093d8c52e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gastosic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1015
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/945416747/ Frame B8AF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945416747/?random=1633606451451&cv=9&fst=1633606451451&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa40&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.gastosic.org%2F&ref=https%3A%2F%2Fgoogle4.gastosic.vn%2F&tiba=%C4%90%E1%BA%B7t%20ti%C3%AAu%20%C4%91%E1%BB%81%20trang&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
2fd36c4efa6b9c29cc4590a88ca57a9f2b4e28ad3132c68d940530ff8b28bafa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gastosic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1039
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/945416747/ Frame B8AF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/945416747/?random=1633606451450&cv=9&fst=1633604400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga40&sendb=1&frm=2&url=https%3A%2F%2Fwww.gastosic.org%2F&ref=https%3A%2F%2Fgoogle4.gastosic.vn%2F&tiba=%C4%90%E1%BA%B7t%20ti%C3%AAu%20%C4%91%E1%BB%81%20trang&async=1&fmt=3&is_vtc=1&random=1902130805&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.gastosic.org
URL: https://www.gastosic.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gastosic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/945416747/ Frame B8AF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/945416747/?random=1633606451451&cv=9&fst=1633604400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa40&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.gastosic.org%2F&ref=https%3A%2F%2Fgoogle4.gastosic.vn%2F&tiba=%C4%90%E1%BA%B7t%20ti%C3%AAu%20%C4%91%E1%BB%81%20trang&async=1&fmt=3&is_vtc=1&random=2609106264&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.gastosic.org
URL: https://www.gastosic.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gastosic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/436429972/ Frame B8AF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/436429972/?random=1633606451448&cv=9&fst=1633604400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga40&sendb=1&frm=2&url=https%3A%2F%2Fwww.gastosic.org%2F&ref=https%3A%2F%2Fgoogle4.gastosic.vn%2F&tiba=%C4%90%E1%BA%B7t%20ti%C3%AAu%20%C4%91%E1%BB%81%20trang&async=1&fmt=3&is_vtc=1&random=384628926&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.gastosic.org
URL: https://www.gastosic.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gastosic.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lookup.html
s.eclick.vn/delivery/ Frame 8327 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.eclick.vn/delivery/lookup.html
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/retargeting.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.65.249.130 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
FPT-static_eclick_141_36 /
Resource Hash
81fed3939d6f3e40349fe33e3c7fc59b4bdb4c984d8b5f4b2eca38205958a955

Request headers

:method
GET
:authority
s.eclick.vn
:scheme
https
:path
/delivery/lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://google4.gastosic.vn/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/

Response headers

date
Thu, 07 Oct 2021 11:34:11 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Thu, 31 Mar 2016 08:27:23 GMT
etag
W/"56fcdf6b-1846"
expires
Fri, 08 Oct 2021 11:34:11 GMT
cache-control
max-age=86400
server
FPT-static_eclick_141_36
content-encoding
gzip
roundtrip.js
s.adroll.com/j/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: google4.gastosic.vn
URL: https://google4.gastosic.vn/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00a838051c95fd70f609e56b14160f3b11f9cc925ebf863b6b6d05aa05f18410

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
9NNHadHlPAJi_ZEEDzqWdczclsfujfUk
Content-Encoding
gzip
Etag
W/"42b7053581646365ea5fe1cf37686183"
X-Edge-Origin-Shield-Skipped
0
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Thu, 30 Sep 2021 23:17:42 GMT
Server
AmazonS3
Date
Thu, 07 Oct 2021 11:19:04 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
_IvAcOKHcuxb5zkMtX-PDEfBqbng4CRJl1bqRGU6bi8eF2Kmppiwfw==
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/FB3XEQVCXNG2HE7QASGNEK/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
negMAsSEs.M1Zq1srV8VMS7DU8lxhds7
Via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
Etag
"5816cced8568d223aa09d889f300692b"
X-Edge-Origin-Shield-Skipped
0
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Mon, 19 Jul 2021 22:23:14 GMT
Server
AmazonS3
Date
Wed, 06 Oct 2021 19:30:40 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
lS7p_hH_DvsdDnCRES3IOUi9qNOPPs_YCec81IUej69ZotcOXd5aKw==

Redirect headers

Date
Wed, 06 Oct 2021 23:16:06 GMT
Via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
X-Edge-Origin-Shield-Skipped
0
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Access-Control-Allow-Origin
*
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
1YF4yF2QY36Bs4xMaQ-_leOuMQrVFM57MpD3IgNqegFJ0rIn2qrzqQ==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/FB3XEQVCXNG2HE7QASGNEK/WLLCOSAJXVDBLHXIO3TM3U/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
Etag
"d41d8cd98f00b204e9800998ecf8427e"
X-Edge-Origin-Shield-Skipped
0
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Date
Thu, 07 Oct 2021 04:39:37 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
q6EEOXR8uQ8E--K6WVvJPNKmniWjiQJN-6WsdZ2TZsQh9f2Cxoo9eg==

Redirect headers

Date
Wed, 06 Oct 2021 22:28:03 GMT
Via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
X-Edge-Origin-Shield-Skipped
0
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Access-Control-Allow-Origin
*
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
yG_bmLxain-DtqMHYk4Itwa7ALdUJNZqvBVvvEI1TjKNDZDjvBUYww==
index.js
s.adroll.com/j/pre/FB3XEQVCXNG2HE7QASGNEK/WLLCOSAJXVDBLHXIO3TM3U/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/FB3XEQVCXNG2HE7QASGNEK/WLLCOSAJXVDBLHXIO3TM3U/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
bopeZtdJe8TmWIwZaHi7nE44QRzXMIT2
Content-Encoding
gzip
Etag
W/"33ed216ef4569e95a97e55fb39d91d38"
X-Edge-Origin-Shield-Skipped
0
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Thu, 07 Oct 2021 03:49:15 GMT
Server
AmazonS3
Date
Thu, 07 Oct 2021 11:29:34 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
Ybn5OeGGxaG_FK2Ql80ZcsntP1kv6iiy4P-WlPlVXP6BorbIpB5ERg==
FB3XEQVCXNG2HE7QASGNEK
d.adroll.com/consent/check/ 		386 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/FB3XEQVCXNG2HE7QASGNEK?arrfrr=https%3A%2F%2Fgoogle4.gastosic.vn%2F&_s=bf4ee28263ff7fc611898274a0faa5d7&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.110.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-110-124.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
42433412a9c8a6623dd3ce4b44ad3a74ec55b84222c466c9fb516e0af597b8f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 11:34:12 GMT
server
nginx/1.20.0
content-length
386
content-type
application/javascript
track
r.eclick.vn/ 		35 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.eclick.vn/track?fosp_aid=&uid=16862&ev=PixelInitialized&dl=https%3A%2F%2Fgoogle4.gastosic.vn%2F&rl=&if=false&ts=1633606452028
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
180.148.141.243 -, , ASN (),
Reverse DNS
Software
Fengine, web_141.144 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 07 Oct 2021 11:34:14 GMT
Last-Modified
Mon, 24 Aug 2015 06:58:29 GMT
Server
Fengine, web_141.144
Keep-Alive
timeout=60
Transfer-Encoding
chunked
Content-Type
image/gif
getid
t.eclick.vn/ Frame 8327 		298 B
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.eclick.vn/getid?nid=fosp_aid&callback=json1
Requested by
Host: s.eclick.vn
URL: https://s.eclick.vn/delivery/lookup.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
180.148.141.239 , Viet Nam, ASN45894 (FPTONLINE-AS-VN FPT Online JSC, VN),
Reverse DNS
Software
/
Resource Hash
826c9aca6a78c871175a23b3b79234f20e310545eafbc2a2663442479b3e9a2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.eclick.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
298
Content-Type
text/javascript; charset=UTF-8
consent_tcfv2.js
s.adroll.com/j/ 		397 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fff426e1f2e0f6df1fdf4fd50790a29de380123e633dde9eb76290852785221c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
FE38nrrp1HWTDadu3Uyr7nm1dYat8XV0
Content-Encoding
gzip
Etag
W/"d0e7c263fcf5865882cfb13022c3f4b4"
X-Edge-Origin-Shield-Skipped
0
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Thu, 29 Jul 2021 18:15:16 GMT
Server
AmazonS3
Date
Thu, 07 Oct 2021 11:29:35 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
a4P12kg3HtzWo-SeW6AX8sYXFl89Kx7mrRDAOet6rlfJ1RQqALfyPw==
nextroll-32x32.png
s.adroll.com/i/favicon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adroll.com/i/favicon/nextroll-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-129.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google4.gastosic.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
Etag
"403a0a7dcf2d617e7ea852bfb9d11945"
X-Edge-Origin-Shield-Skipped
0
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1615
Last-Modified
Mon, 28 Jun 2021 18:19:21 GMT
Server
AmazonS3
Date
Thu, 07 Oct 2021 00:09:22 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
qiyHfc-yGpOWCRfN-Am1iAKnSv6IMrToAd3gMze--l_GOdCIH6VwmQ==
71440525
mc.yandex.com/webvisor/ 		43 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/71440525?wmode=0&wv-part=1&wv-hit=736475231&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&rn=692717446&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1633606452%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A202101007113412%3Au%3A1633606450342128646%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1633606452
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://google4.gastosic.vn/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:12 GMT
last-modified
Thu, 07-Oct-2021 11:34:12 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://google4.gastosic.vn
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 07-Oct-2021 11:34:12 GMT
71440525
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/71440525?wmode=0&wv-part=1&wv-hit=736475231&page-url=https%3A%2F%2Fgoogle4.gastosic.vn%2F&rn=357184847&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1633606453%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A202101007113412%3Au%3A1633606450342128646%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1633606453
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://google4.gastosic.vn/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Oct 2021 11:34:13 GMT
last-modified
Thu, 07-Oct-2021 11:34:13 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://google4.gastosic.vn
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 07-Oct-2021 11:34:13 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster boolean| ladi_is_desktop function| gtm object| dataLayer function| hj object| _hjSettings object| _eclickq object| google_tag_manager object| google_tag_data function| fbq function| _fbq string| GoogleAnalyticsObject function| ga string| adroll_adv_id string| adroll_pix_id function| ym string| MePuzzAnalyticsObject function| mePuzz function| setCookie function| getCookie string| cookieName string| cookieValue number| expirationTime string| date number| dateTimeNow boolean| stb_exitintent object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaGlobal function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaData function| db function| LadiPageScriptV2 object| Base64 object| LadiPageScript object| LadiFormApi function| parseFloatLadiPage function| decodeURIComponentLadiPage function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| LadiPageLibraryV2 function| LadiPageAppV2 function| ladi function| ladi_fbq object| LadiPageApp function| onYouTubeIframeAPIReady object| regeneratorRuntime object| JSON3 object| Ya object| yaCounter56221081 object| yaCounter67575184 object| yaCounter66105448 object| yaCounter71440525 number| f boolean| __adroll_loaded string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| adroll_exp_list function| __cmp function| __tcfapi object| __adroll_consent_data function| adFreCb1 object| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner boolean| __adroll_consent_prev_lastchild

30 Cookies

Domain/Path Name / Value
google4.gastosic.vn/ Name: LADI_CLIENT_ID
Value: 73a13cac-eab0-49b8-4783-f1d52032f90e
google4.gastosic.vn/ Name: LADI_FORM_SUBMIT
Value: 0
google4.gastosic.vn/ Name: LADI_PAGE_VIEW
Value: 1
.gastosic.vn/ Name: _gcl_au
Value: 1.1.917784285.1633606450
.gastosic.vn/ Name: __utmzz
Value: utmcsr=(direct)|utmcmd=(none)|utmccn=(not set)
.gastosic.vn/ Name: __utmzzses
Value: 1
.google4.gastosic.vn/ Name: pageviewCount
Value: 1
.google4.gastosic.vn/ Name: Visitor_Returning
Value: true
.gastosic.vn/ Name: _ga
Value: GA1.1.415887638.1633606450
.google4.gastosic.vn/ Name: _ga
Value: GA1.3.415887638.1633606450
.google4.gastosic.vn/ Name: _gid
Value: GA1.3.1509823455.1633606450
.google4.gastosic.vn/ Name: _gat_UA-84484615-1
Value: 1
.gastosic.vn/ Name: _hjid
Value: 2b00f631-e19a-4895-a374-83974edea320
.gastosic.vn/ Name: _hjFirstSeen
Value: 1
.gastosic.vn/ Name: _fbp
Value: fb.1.1633606449944.438220750
.gastosic.vn/ Name: _ym_uid
Value: 1633606450342128646
.gastosic.vn/ Name: _ym_d
Value: 1633606450
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1390598384fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 191211553fake
.gastosic.vn/ Name: _ym_isad
Value: 2
google4.gastosic.vn/ Name: _hjIncludedInPageviewSample
Value: 1
.gastosic.vn/ Name: _hjAbsoluteSessionInProgress
Value: 0
.yandex.com/ Name: ymex
Value: 1665142450.yrts.1633606450#1665142450.yrtsi.1633606450
.yandex.com/ Name: yandexuid
Value: 5900288141633606450
.yandex.com/ Name: yuidss
Value: 5900288141633606450
mc.yandex.com/ Name: yabs-sid
Value: 1050433541633606450
.yandex.com/ Name: i
Value: XvCRPKHYD99zXn87vU/lonDms/odKiDFETKAt4O/Ams+Vok4HZfii80P4eP3enybXm27pe4Zg0lWP05YIb4ofbzzjjc=
.gastosic.vn/ Name: _ym_visorc
Value: w
.doubleclick.net/ Name: IDE
Value: AHWqTUnryn2ic8NMmdg_yxona13YNU7HOK-KguRSAmamcE58ID2JmGFdU0tE4_9K
.gastosic.vn/ Name: _ga_BE5WC97200
Value: GS1.1.1633606449.1.0.1633606451.58

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9419.RzAoNpnP-1q6I44h1hAnu0Gn-ivSF76co2sDRNiC1B2gDFF3pf7WCBipamPn-FIaIMGfmaf3zgn_asEZ_lRiJw%2C%2C.OpqXll9uzV7OxesRnE_N0BKkgOI%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
analytics.google.com
connect.facebook.net
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
google4.gastosic.vn
googleads.g.doubleclick.net
in.hotjar.com
mc.yandex.com
mc.yandex.ru
mepuzz.com
r.eclick.vn
s.adroll.com
s.eclick.vn
script.hotjar.com
static.hotjar.com
static.ladipage.net
static.mepuzz.com
stats.g.doubleclick.net
t.eclick.vn
vars.hotjar.com
w.ladicdn.com
www.facebook.com
www.gastosic.org
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
103.28.37.235
104.18.13.68
111.65.249.130
13.229.25.46
13.250.192.238
142.250.13.157
142.250.184.196
142.250.185.162
142.250.185.200
142.250.185.66
142.250.185.78
142.250.186.99
142.250.74.202
143.204.98.129
143.204.98.32
143.204.98.45
143.204.98.82
172.217.16.142
172.67.214.132
18.138.119.12
180.148.141.239
180.148.141.243
185.60.216.19
185.60.216.35
52.210.84.221
54.73.110.124
93.158.134.119
00a838051c95fd70f609e56b14160f3b11f9cc925ebf863b6b6d05aa05f18410
03b8f9e258f69727a11fc81ce93fbc8d0d5ca96489a1e84463af819efedf0782
0dd542f56448c468d96d554d8015420ef092debb0eae9ac5adca061cb129887e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14b76965246c4e2cdd0cde54dfcffaf20324c539bca5aea71520de67d6ffae8a
1593ae0e0728bdbd4d54f671d331c82826e8679779e1736faddc9887bafb73a3
24d38ffafe555e5e99d87f14a1af8b17f927ae22a16cc632a3efe457fe52d749
287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
2f8b525a5ac7aff876d339521572cc352c66aef82a6d39f23f8237b56ca1ee4f
2fd36c4efa6b9c29cc4590a88ca57a9f2b4e28ad3132c68d940530ff8b28bafa
3503aa63f0fce792f5876c4fe3d57eecfb7115b7bc2f9f7fc50fc400ca85f5fe
3536af195e7b636c52bedf7cbf2eb65af0d81791d745c1494059032a70f6b0e7
3d359f65fd15c436c287f7331b65260583a93ed77c067d386b8edcd39aeab95b
3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
42433412a9c8a6623dd3ce4b44ad3a74ec55b84222c466c9fb516e0af597b8f3
459b6b9c6f729f3ade059e8cd436e10a7521552869fece60b52f60904d9a2010
466ca45bfdb372e4f4df6d305d67eec8630a35b5445c30ece4d02bc1ed482038
4ce048b9043893d82cbab677d7fd3a170e7b622984693fc01b581a7ef04731bd
4f85cd7d64689e4def9835a5d74e4835139cc88eda4f681118c6855ec5c7fe64
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556bd4284a74e9582386fdcde56f404e9d15700809f0364dedc45a4ec2b79d0b
5a14983d2d41ec944c1430b7cf28c731067916dbfae3dcd862f4fa63f88894f8
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
73991718fdbe348bf3c5aef1641878ac819f6217e026a66cfe87cd6b9777e974
7c73245c4aa09dca7f7520db3a44e9f8c7fc530e30d8c21f618d4db2a0276ae5
7c94e4f34e458191cc338edfe393a867d7089c32a37a237aaef6bdc4ede91497
81fed3939d6f3e40349fe33e3c7fc59b4bdb4c984d8b5f4b2eca38205958a955
826c9aca6a78c871175a23b3b79234f20e310545eafbc2a2663442479b3e9a2d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
87e4b9970d2a4d0c85c7ec596534b4a5b6358983413261d58fba55d7a44a0300
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
90a571dcc9e2e7d502e91410dfe0268a7bfcab045e11807c75d48f5093d8c52e
93b6be93155108a375512d5c0651ca3d0929a61d38dfc7e6b2d129ef8b424aa9
ab920ef71c89c20ebd0a5b07a4e50b85ea64b8c21ee3fe0f1c0be6485a6097ae
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36
b1bd39fcbd000c5fcbf145e50fc2657b43041731cfefda6d48f58bafc1939fe7
b4d18d52d6bfb11689a4b4300851a3f9e46137b73dd6fae96387b95613f93a18
b6fd4c55c4808e9de36d0e570460f0b1089f353f36a21986ac2926cd2b93b962
ba997997d4eb36f1fd39e954da19136080d8f173624d21486647354d8f2eeae4
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c488653ad9f0705b22a672c8b9f75aad6ab7388b54115fceacabdd8430b5ab64
c5f64eafdc8767d3c827776ba86c7a5b934ff74abced803c7196cca9d45a0204
cf34c41118af0e84df8a1d8536a15825937068ffc4290c4a2087c0b848caa36f
d503c5cdad825201613d53fa59858a9d5084fa4d7ad2045cfd6dd986aa5bb095
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dff19a3bc9cfcfd764b0957ae230b14620db659309074342cbf549bd777e7560
e118798f9ada5898662edba96878ac240467a570a162ca41f27f6916436a0ed3
e2fade725582d4a23fe9249cfbe9b3d173debe172404cfa14c30fd84ef861557
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40decf64289ea7e28b665940cb7af60129b0b6ce2ca34a7b2b95039dc221c34
e966e9be3a04052ebe725cb2cd4451034fee38c95d4cd6115a4dd82cbd9f2844
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02198662778288db6c8d73623fd7ecf1d43dfcc4a47463a5444839b36060a96
f239b09090e011d8f7566f39fca11b92d88eb8e05302f33148bcf27e523ada1d
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fff426e1f2e0f6df1fdf4fd50790a29de380123e633dde9eb76290852785221c