urlscan.io logo urlscan.io
SecurityTrails logo

marketingfacebook.shud.online Open in urlscan Pro
13.251.251.159  Public Scan

Go To Rescan Add Verdict Report
URL: https://marketingfacebook.shud.online/
Submission Tags: @phishunt_io
Submission: On May 27 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 34 HTTP transactions. The main IP is 13.251.251.159, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is marketingfacebook.shud.online.
TLS certificate: Issued by R3 on May 26th 2021. Valid for: 3 months.
This is the only time marketingfacebook.shud.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    13.251.251.159 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
marketingfacebook.shud.online
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
15    2606:4700::6812:d44 (United States)

ASN13335 (CLOUDFLARENET, US)
w.ladicdn.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    54.251.63.245 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
static.ladipage.net
6    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.77.4.114 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
a.ladipage.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
spreadsheets.google.com
1    52.221.6.123 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
g.ladicdn.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
15 w.ladicdn.com marketingfacebook.shud.online
6 fonts.gstatic.com fonts.googleapis.com
2 www.google.com 1 redirects www.googleadservices.com
2 www.googleadservices.com 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 a.ladipage.com w.ladicdn.com
2 www.googletagmanager.com marketingfacebook.shud.online
1 www.google.de marketingfacebook.shud.online
1 googleads.g.doubleclick.net 1 redirects
1 g.ladicdn.com w.ladicdn.com
1 spreadsheets.google.com w.ladicdn.com
1 static.ladipage.net 1 redirects
1 fonts.googleapis.com marketingfacebook.shud.online
1 marketingfacebook.shud.online
34 14

This site contains links to these domains. Also see Links.

Domain
www.sugiayeuthuong.net
www.giaiphapmarketing.tech
goo.gl
zalo.me
www.facebook.com
Subject Issuer Validity Valid
marketingfacebook.shud.online
R3		 2021-05-26 -
2021-08-24		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
ladicdn.com
Cloudflare Inc ECC CA-3		 2020-07-13 -
2021-07-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
a.ladipage.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
g.ladicdn.com
R3		 2021-04-06 -
2021-07-05		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://marketingfacebook.shud.online/
Frame ID: A2CE35C50B3731672D6114045F21A728
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

34
Requests

100 %
HTTPS

64 %
IPv6

12
Domains

14
Subdomains

12
IPs

3
Countries

1313 kB
Transfer

1830 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://static.ladipage.net/source/notify.svg HTTP 301
  • https://w.ladicdn.com/source/notify.svg
Request Chain 30
  • https://www.googleadservices.com/pagead/conversion/682102413/?random=1622091034956&cv=9&fst=1622091034956&num=1&fmt=3&value=0&label=h__eCLrUwLgBEI2doMUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmarketingfacebook.shud.online%2F&tiba=Marketing%20Online%20Th%C6%B0%CC%A3c%20Chi%C3%AA%CC%81n%20-%20SHUD&capi=0&hn=www.googleadservices.com&bttype=purchase&async=1 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/682102413/?random=928350596&cv=9&fst=1622091034956&num=1&fmt=3&value=0&label=h__eCLrUwLgBEI2doMUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmarketingfacebook.shud.online%2F&tiba=Marketing%20Online%20Th%C6%B0%CC%A3c%20Chi%C3%AA%CC%81n%20-%20SHUD&capi=0&hn=www.googleadservices.com&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=GyWvYLYhvZb27w_3h6fADw&sscte=1&crd=&eitems=ChEI8OO3hQYQ3OjiqLT0hoPwARIdADbjTh1-uCxNziF9a6vfcOTsg17hx5rcivNlzvQ HTTP 302
  • https://www.google.com/pagead/1p-conversion/682102413/?random=928350596&cv=9&fst=1622091034956&num=1&fmt=3&value=0&label=h__eCLrUwLgBEI2doMUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmarketingfacebook.shud.online%2F&tiba=Marketing%20Online%20Th%C6%B0%CC%A3c%20Chi%C3%AA%CC%81n%20-%20SHUD&capi=0&hn=www.googleadservices.com&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=GyWvYLYhvZb27w_3h6fADw&eitems=ChEI8OO3hQYQ3OjiqLT0hoPwARIdADbjTh1QURQBUmJ3y2nWvW7Tq3yejM815qABYEc&random=3162811927&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/682102413/?random=928350596&cv=9&fst=1622091034956&num=1&fmt=3&value=0&label=h__eCLrUwLgBEI2doMUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmarketingfacebook.shud.online%2F&tiba=Marketing%20Online%20Th%C6%B0%CC%A3c%20Chi%C3%AA%CC%81n%20-%20SHUD&capi=0&hn=www.googleadservices.com&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=GyWvYLYhvZb27w_3h6fADw&eitems=ChEI8OO3hQYQ3OjiqLT0hoPwARIdADbjTh1QURQBUmJ3y2nWvW7Tq3yejM815qABYEc&random=3162811927&resp=GooglemKTybQhCsO&ipr=y

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
marketingfacebook.shud.online/ 		84 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://marketingfacebook.shud.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.251.159 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
4855b971cbd0c8957d4bfbb482e6cba0fcdea7b12163284a555d3e7a1c241e7e

Request headers

:method
GET
:authority
marketingfacebook.shud.online
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Thu, 27 May 2021 04:50:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
set-cookie
LADI_CLIENT_ID=def54e3a-5006-4a18-5d41-a67e33dabfc5; Expires=Sun, 25 May 2031 04:50:34 GMT LADI_PAGE_VIEW=0; Expires=Sun, 25 May 2031 04:50:34 GMT LADI_FORM_SUBMIT=0; Expires=Sun, 25 May 2031 04:50:34 GMT LADI_PAGE_VIEW=1; Expires=Sun, 25 May 2031 04:50:34 GMT LADI_CAMP_ID=; Max-Age=0 LADI_CAMP_NAME=; Max-Age=0 LADI_CAMP_TYPE=; Max-Age=0 LADI_CAMP_ORIGIN_URL=; Max-Age=0 LADI_CAMP_TARGET_URL=; Max-Age=0 LADI_CAMP_PAGE_VIEW=; Max-Age=0 LADI_CAMP_FORM_SUBMIT=; Max-Age=0 LADI_CAMP_BEHAVIOR_PAGE_VIEW=; Max-Age=0 LADI_CAMP_BEHAVIOR_FORMSUBMIT=; Max-Age=0 LADI_CAMP_CONFIG=; Max-Age=0 LADI_CAMP_END_DATE=; Max-Age=0 LADI_FUNNEL_NEXT_URL=; Max-Age=0 LADI_FUNNEL_PREV_URL=; Max-Age=0
statuscode
200
content-encoding
gzip
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Tinos:bold,regular|Play:bold,regular|Barlow%20Condensed:bold,regular&display=swap
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d8db2a760965dcdfd862bea4f9302b9d3f2d6cd55f1e5308d3fb42908fa3736d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 May 2021 04:50:34 GMT
server
ESF
date
Thu, 27 May 2021 04:50:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 May 2021 04:50:34 GMT
ladipage.vi.min.js
w.ladicdn.com/v2/source/ 		221 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1622001442599
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbaeac1a4dd65b0fa31f63887bfb08ed7c551fe491e4ee0b0305fe34af9c29fd

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:34 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
89086
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a4dc2075c00002bb9f10e8000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
655c9f856e032bb9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 May 2022 04:50:34 GMT
js
www.googletagmanager.com/gtag/ 		76 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=8695519835
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef3838dedf1af03a9724f65102ea31f8b426f1bf6947e23e25edf80b018a510a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31113
x-xss-protection
0
last-modified
Thu, 27 May 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 May 2021 04:50:34 GMT
notify.svg
w.ladicdn.com/source/
Redirect Chain
  • https://static.ladipage.net/source/notify.svg
  • https://w.ladicdn.com/source/notify.svg
2 KB
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/source/notify.svg
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:35 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3322744
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a4dc20a2200004e9ef1990000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
655c9f89c9174e9e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 May 2022 04:50:35 GMT

Redirect headers

location
https://w.ladicdn.com:443/source/notify.svg
date
Thu, 27 May 2021 04:50:35 GMT
server
awselb/2.0
content-length
134
content-type
text/html
ladipage.min.css
w.ladicdn.com/v2/source/ 		65 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.css?v=1622001442599
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bba875302b129847c1b0c14a5abbd40840358939392ae25ee8acd66c1c74045

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:34 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
89086
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a4dc207e000004e9e8e229000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
655c9f863af54e9e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 May 2022 04:50:34 GMT
gtm.js
www.googletagmanager.com/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W3KL9KQ
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a00ef62c2f830d68b3c4e7a733a4fea9e921a3940cbb42ea5275ecb394a6ce60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33568
x-xss-protection
0
last-modified
Thu, 27 May 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 27 May 2021 04:50:34 GMT
ladi-icons.svg
w.ladicdn.com/v2/source/ 		800 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/v2/source/ladi-icons.svg
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63d23bf57dcc0b8d2750509399b02799bfc7a35dc962e2e93f818a07de271fe4

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:34 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5625094
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a4dc207e000004e9edc191000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
655c9f863af44e9e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 May 2022 04:50:34 GMT
buE1poGnedXvwj1AW3Fu0C8.woff2
fonts.gstatic.com/s/tinos/v16/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tinos/v16/buE1poGnedXvwj1AW3Fu0C8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tinos:bold,regular|Play:bold,regular|Barlow%20Condensed:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdec62f63f2203528660eb235b0c148e971797b67562656d61f42a055716e7cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://marketingfacebook.shud.online
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 May 2021 04:35:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:41:03 GMT
server
sffe
age
346503
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25108
x-xss-protection
0
expires
Mon, 23 May 2022 04:35:31 GMT
buE4poGnedXvwjX7fmQ.woff2
fonts.gstatic.com/s/tinos/v16/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tinos/v16/buE4poGnedXvwjX7fmQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tinos:bold,regular|Play:bold,regular|Barlow%20Condensed:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dce184d6e1425792919861c01c7f51b3b303c02557893c57730ef77b3577dd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://marketingfacebook.shud.online
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:04:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:40:55 GMT
server
sffe
age
9944
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28000
x-xss-protection
0
expires
Fri, 27 May 2022 02:04:50 GMT
buE1poGnedXvwj1AW3Fg0C8H-Q.woff2
fonts.gstatic.com/s/tinos/v16/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tinos/v16/buE1poGnedXvwj1AW3Fg0C8H-Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tinos:bold,regular|Play:bold,regular|Barlow%20Condensed:bold,regular&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8c3a487d13001b2f12d12eff8e6ee09de890cfa97e3d54abd1c741e045c2866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://marketingfacebook.shud.online
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 23:23:18 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:41:05 GMT
server
sffe
age
106036
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47520
x-xss-protection
0
expires
Wed, 25 May 2022 23:23:18 GMT
buE4poGnedXvwjX1fmRR8Q.woff2
fonts.gstatic.com/s/tinos/v16/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tinos/v16/buE4poGnedXvwjX1fmRR8Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tinos:bold,regular|Play:bold,regular|Barlow%20Condensed:bold,regular&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
109cebde5cd09fcbc37a890c867eb7506c844ddbbc2735825921c35b9abff564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://marketingfacebook.shud.online
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 01:17:03 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:40:58 GMT
server
sffe
age
185611
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48376
x-xss-protection
0
expires
Wed, 25 May 2022 01:17:03 GMT
kenhsinhviennet-bgabc-20200106145627.png
w.ladicdn.com/s500x400/5dfe3ec9eb3ac32fba9f4dca/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s500x400/5dfe3ec9eb3ac32fba9f4dca/kenhsinhviennet-bgabc-20200106145627.png
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da29d490e7c0752d42cfc57f36840353ca365e8b19374842082258c80f6db14a

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:34 GMT
vary
Accept
cf-cache-status
HIT
age
1411787
cf-polished
origFmt=png, origSize=115435
content-disposition
inline; filename="kenhsinhviennet-bgabc-20200106145627.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a4dc2082c00004e9ee62b2000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
655c9f86abae4e9e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 May 2022 04:50:34 GMT
tai-xuong-20210525053814.png
w.ladicdn.com/s400x400/60404e2825a65800129962fe/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s400x400/60404e2825a65800129962fe/tai-xuong-20210525053814.png
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abd53c87ca748d5bd8b6cb390ad057bfd758120e5901527d5f9a51cc9812c5b8

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:34 GMT
vary
Accept
cf-cache-status
HIT
age
2555
cf-polished
origFmt=png, origSize=6129
content-disposition
inline; filename="tai-xuong-20210525053814.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a4dc2082c00004e9eb98a7000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
655c9f86abaf4e9e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 May 2022 04:50:34 GMT
fff-20210525052921.png
w.ladicdn.com/s700x500/60404e2825a65800129962fe/ 		220 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s700x500/60404e2825a65800129962fe/fff-20210525052921.png
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dc02d32a143d636ba367805fc0ec6f28cee357fb158368bdffc8700686365af

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:34 GMT
vary
Accept
cf-cache-status
HIT
age
2555
cf-polished
origFmt=png, origSize=443854
content-disposition
inline; filename="fff-20210525052921.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a4dc2083000004e9eb23ca000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
655c9f86bbb54e9e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 May 2022 04:50:34 GMT
tong-hop-cac-kenh-marketing-online-va-offline-1024x576-20210525093958.jpg
w.ladicdn.com/s700x500/60404e2825a65800129962fe/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s700x500/60404e2825a65800129962fe/tong-hop-cac-kenh-marketing-online-va-offline-1024x576-20210525093958.jpg
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33447fe4932f9ca835b9f0437e9cfba8836ed4ad51e83e6ff15f995a1bbb4ea3

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
2555
cf-polished
origSize=39451, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a4dc2083000004e9ea3329000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
655c9f86bbb64e9e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 May 2022 04:50:34 GMT
ege-20210525115448.png
w.ladicdn.com/s700x500/60404e2825a65800129962fe/ 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s700x500/60404e2825a65800129962fe/ege-20210525115448.png
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18bae4b0f6b8199240f4d12cbb91014157de6aac944a288ddfa36d77b33c331a

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:34 GMT
vary
Accept
cf-cache-status
HIT
age
131963
cf-polished
origFmt=png, origSize=281301
content-disposition
inline; filename="ege-20210525115448.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a4dc2083000004e9ec7888000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
655c9f86bbb74e9e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 May 2022 04:50:34 GMT
sss-20210525102411.png
w.ladicdn.com/s700x550/60404e2825a65800129962fe/ 		207 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s700x550/60404e2825a65800129962fe/sss-20210525102411.png
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e6753520e63b4d8c68d06a3ab48681abd84ced7e70116f2fec64c128e9fa14

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:34 GMT
vary
Accept
cf-cache-status
HIT
age
131963
cf-polished
origFmt=png, origSize=350991
content-disposition
inline; filename="sss-20210525102411.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a4dc2083000004e9ed7308000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
655c9f86bbb84e9e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 May 2022 04:50:34 GMT
phone-icon-20200114075357.gif
w.ladicdn.com/5dfe3ec9eb3ac32fba9f4dca/ 		168 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/5dfe3ec9eb3ac32fba9f4dca/phone-icon-20200114075357.gif
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fe5a5fb0bb97fc9377755578c5f4318ba26d9131c5fedd794395f9ffd0d2219

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:34 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
2060724
cf-polished
status=not_needed
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a4dc2083000004e9eff800000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
655c9f86bbb94e9e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 May 2022 04:50:34 GMT
zalo-video-call-chia-2-man-hinh-200-20200211084932.png
w.ladicdn.com/s350x350/5dfe3ec9eb3ac32fba9f4dca/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s350x350/5dfe3ec9eb3ac32fba9f4dca/zalo-video-call-chia-2-man-hinh-200-20200211084932.png
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f89d824fd40c086e4ff0e03afcc84db965081205cc6432d8bb335412ed8c155

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:34 GMT
vary
Accept
cf-cache-status
HIT
age
2060724
cf-polished
origFmt=png, origSize=9571
content-disposition
inline; filename="zalo-video-call-chia-2-man-hinh-200-20200211084932.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a4dc2083000004e9ef39db000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
655c9f86bbbb4e9e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 May 2022 04:50:34 GMT
me-20210311073720.png
w.ladicdn.com/s350x350/60404e2825a65800129962fe/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s350x350/60404e2825a65800129962fe/me-20210311073720.png
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af05fcf9e7dea14c00e3c4026ce60b95fa96efda4ac593268e78a673cbf330b

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:34 GMT
vary
Accept
cf-cache-status
HIT
age
2060724
cf-polished
origFmt=png, origSize=17442
content-disposition
inline; filename="me-20210311073720.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a4dc2083000004e9efb3bc000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
655c9f86bbbd4e9e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 May 2022 04:50:34 GMT
buE1poGnedXvwj1AW3Fh0C8H-Q.woff2
fonts.gstatic.com/s/tinos/v16/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tinos/v16/buE1poGnedXvwj1AW3Fh0C8H-Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tinos:bold,regular|Play:bold,regular|Barlow%20Condensed:bold,regular&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17aadb4b924c3e492edc84eba31979ea8194e3b0f03e6394891b44a77a997d45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://marketingfacebook.shud.online
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:31:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:41:11 GMT
server
sffe
age
112732
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9200
x-xss-protection
0
expires
Wed, 25 May 2022 21:31:42 GMT
buE4poGnedXvwjX0fmRR8Q.woff2
fonts.gstatic.com/s/tinos/v16/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tinos/v16/buE4poGnedXvwjX0fmRR8Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tinos:bold,regular|Play:bold,regular|Barlow%20Condensed:bold,regular&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c02016f58eaa059ebc0919daf0cce093b3e56aa738575754ba8088b711df1f61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://marketingfacebook.shud.online
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:58:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:40:54 GMT
server
sffe
age
111106
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10280
x-xss-protection
0
expires
Wed, 25 May 2022 21:58:48 GMT
event
a.ladipage.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Protocol
H2
Server
52.77.4.114 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,ladi_camp_form_submit,ladi_camp_form_submit_daily,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_page_view_daily,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_form_submit_daily,ladi_page_view,ladi_page_view_daily
Origin
https://marketingfacebook.shud.online
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 27 May 2021 04:50:35 GMT
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
x-xss-protection
0
x-content-type-options
nosniff
x-download-options
noopen
access-control-allow-origin
*
access-control-allow-methods
POST, OPTIONS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age
2592000
vary
Accept-Encoding
content-encoding
gzip
values
spreadsheets.google.com/feeds/list/1BA85ub31aEQ_Df-Zz6WWM5_S0pwY9iH_gJmuEB56BR4/1/public/ 		72 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://spreadsheets.google.com/feeds/list/1BA85ub31aEQ_Df-Zz6WWM5_S0pwY9iH_gJmuEB56BR4/1/public/values?alt=json
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1622001442599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b02aab6b2f183fbaf7cd64da57e1a590b56234a5fc0754230855c26108aeb8ee
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-9RwM4zAVX8jt8N57dmRv9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
last-modified
Thu, 27 May 2021 04:50:35 GMT
server
GSE
x-frame-options
SAMEORIGIN
vary
Accept, X-GData-Authorization, GData-Version
gdata-version
1.0
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://marketingfacebook.shud.online
access-control-expose-headers
Cache-Control,Content-Encoding,Content-Length,Content-Type,Date,Expires,Last-Modified,Server,Transfer-Encoding,Vary
cache-control
private, max-age=0, must-revalidate, no-transform
content-security-policy
base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-9RwM4zAVX8jt8N57dmRv9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
x-robots-tag
noindex, nofollow, nosnippet
expires
Thu, 27 May 2021 04:50:35 GMT
event
a.ladipage.com/ 		34 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1622001442599
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.4.114 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

LADI_CLIENT_ID
def54e3a-5006-4a18-5d41-a67e33dabfc5
LADI_PAGE_VIEW_DAILY
0
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT_DAILY
0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT
0
LADI_CAMP_TYPE
LADI_CAMP_FORM_SUBMIT_DAILY
0
LADI_CAMP_PAGE_VIEW_DAILY
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
LADI_FORM_SUBMIT
0
LADI_CAMP_NAME
Content-Type
application/json
Referer
https://marketingfacebook.shud.online/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW
0
LADI_PAGE_VIEW
1

Response headers

date
Thu, 27 May 2021 04:50:35 GMT
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-max-age
2592000
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection
0
60404e2825a65800129962fe-5e0433162edcb03bd44dada5.js
g.ladicdn.com/tracking/ 		1 B
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ladicdn.com/tracking/60404e2825a65800129962fe-5e0433162edcb03bd44dada5.js?v=1622091034790
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1622001442599
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.6.123 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 27 May 2021 04:50:35 GMT
server
openresty
content-length
1
content-type
text/plain
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3KL9KQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
1422
date
Thu, 27 May 2021 04:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 27 May 2021 06:26:52 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3KL9KQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
bb88444ba47283a55e6299fb840a0fbdd9bc36289015e414bfe51d517b113ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14053
x-xss-protection
0
server
cafe
etag
4209742185836358702
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 27 May 2021 04:50:34 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1643516318&t=pageview&_s=1&dl=https%3A%2F%2Fmarketingfacebook.shud.online%2F&ul=en-us&de=UTF-8&dt=Marketing%20Online%20Th%C6%B0%CC%A3c%20Chi%C3%AA%CC%81n%20-%20SHUD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1069157777&gjid=1995543377&cid=807441183.1622091035&tid=UA-155035812-1&_gid=518004397.1622091035&_r=1&gtm=2wg5j0W3KL9KQ&z=1612640412
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 27 May 2021 04:50:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://marketingfacebook.shud.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/privacysandbox/conversion/682102413/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/pagead/privacysandbox/conversion/682102413/?random=1622091034956&cv=9&fst=1622091034956&num=1&value=0&label=h__eCLrUwLgBEI2doMUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmarketingfacebook.shud.online%2F&tiba=Marketing%20Online%20Th%C6%B0%CC%A3c%20Chi%C3%AA%CC%81n%20-%20SHUD&capi=0&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
www.google.de/pagead/1p-conversion/682102413/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/682102413/?random=1622091034956&cv=9&fst=1622091034956&num=1&fmt=3&value=0&label=h__eCLrUwLgBEI2doMUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650...
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/682102413/?random=928350596&cv=9&fst=1622091034956&num=1&fmt=3&value=0&label=h__eCLrUwLgBEI2doMUC&guid=ON&resp=GooglemKTybQhCsO&eid=...
  • https://www.google.com/pagead/1p-conversion/682102413/?random=928350596&cv=9&fst=1622091034956&num=1&fmt=3&value=0&label=h__eCLrUwLgBEI2doMUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u...
  • https://www.google.de/pagead/1p-conversion/682102413/?random=928350596&cv=9&fst=1622091034956&num=1&fmt=3&value=0&label=h__eCLrUwLgBEI2doMUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_...
42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/682102413/?random=928350596&cv=9&fst=1622091034956&num=1&fmt=3&value=0&label=h__eCLrUwLgBEI2doMUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmarketingfacebook.shud.online%2F&tiba=Marketing%20Online%20Th%C6%B0%CC%A3c%20Chi%C3%AA%CC%81n%20-%20SHUD&capi=0&hn=www.googleadservices.com&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=GyWvYLYhvZb27w_3h6fADw&eitems=ChEI8OO3hQYQ3OjiqLT0hoPwARIdADbjTh1QURQBUmJ3y2nWvW7Tq3yejM815qABYEc&random=3162811927&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 May 2021 04:50:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 May 2021 04:50:35 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/682102413/?random=928350596&cv=9&fst=1622091034956&num=1&fmt=3&value=0&label=h__eCLrUwLgBEI2doMUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmarketingfacebook.shud.online%2F&tiba=Marketing%20Online%20Th%C6%B0%CC%A3c%20Chi%C3%AA%CC%81n%20-%20SHUD&capi=0&hn=www.googleadservices.com&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=GyWvYLYhvZb27w_3h6fADw&eitems=ChEI8OO3hQYQ3OjiqLT0hoPwARIdADbjTh1QURQBUmJ3y2nWvW7Tq3yejM815qABYEc&random=3162811927&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cac-kenh-marketing-social-media-channel-2-1024x576-20210525070549.jpg
w.ladicdn.com/s700x500/60404e2825a65800129962fe/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s700x500/60404e2825a65800129962fe/cac-kenh-marketing-social-media-channel-2-1024x576-20210525070549.jpg
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fd37d69d444d24ca3036002a5827680975ccba034bea15dc7a570225d57f28e

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:38 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
2555
cf-polished
origSize=40997, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a4dc2184500004e9ebd840000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
655c9fa06e374e9e-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 May 2022 04:50:38 GMT
cac-kenh-marketing-internet-marketing-1024x576-20210525070549.jpg
w.ladicdn.com/s700x500/60404e2825a65800129962fe/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s700x500/60404e2825a65800129962fe/cac-kenh-marketing-internet-marketing-1024x576-20210525070549.jpg
Requested by
Host: marketingfacebook.shud.online
URL: https://marketingfacebook.shud.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44bf3f6eebe0902bce11aacfbaf00c79a68f3ec9551f954326ec54eafe2dc009

Request headers

Referer
https://marketingfacebook.shud.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 04:50:43 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
2556
cf-polished
origSize=39928, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a4dc22bc300002bb9f7130000000001
cf-bgj
imgq:100,h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
655c9fbf9c022bb9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 27 May 2022 04:50:43 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| ladi_viewport boolean| ladi_is_desktop function| gtag object| dataLayer function| gtm object| google_tag_manager function| LadiPageScriptV2 object| Base64 object| LadiPageScript object| LadiFormApi function| parseFloatLadiPage function| decodeURIComponentLadiPage function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| LadiPageLibraryV2 function| LadiPageAppV2 function| ladi object| LadiPageApp object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

7 Cookies

Domain/Path Name / Value
marketingfacebook.shud.online/ Name: _timenow
Value: 1622091034724
marketingfacebook.shud.online/ Name: LADI_PAGE_VIEW
Value: 1
.marketingfacebook.shud.online/ Name: _gat_UA-155035812-1
Value: 1
marketingfacebook.shud.online/ Name: LADI_FORM_SUBMIT
Value: 0
.marketingfacebook.shud.online/ Name: _ga
Value: GA1.3.807441183.1622091035
.marketingfacebook.shud.online/ Name: _gid
Value: GA1.3.518004397.1622091035
marketingfacebook.shud.online/ Name: LADI_CLIENT_ID
Value: def54e3a-5006-4a18-5d41-a67e33dabfc5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
fonts.googleapis.com
fonts.gstatic.com
g.ladicdn.com
googleads.g.doubleclick.net
marketingfacebook.shud.online
spreadsheets.google.com
static.ladipage.net
w.ladicdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.251.251.159
142.250.186.34
2606:4700::6812:d44
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
52.221.6.123
52.77.4.114
54.251.63.245
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
109cebde5cd09fcbc37a890c867eb7506c844ddbbc2735825921c35b9abff564
17aadb4b924c3e492edc84eba31979ea8194e3b0f03e6394891b44a77a997d45
18bae4b0f6b8199240f4d12cbb91014157de6aac944a288ddfa36d77b33c331a
287605fd293c9635d7edce4f9fd1b96e6977ec05607aad46a891daa82d2c6e23
2bba875302b129847c1b0c14a5abbd40840358939392ae25ee8acd66c1c74045
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f89d824fd40c086e4ff0e03afcc84db965081205cc6432d8bb335412ed8c155
33447fe4932f9ca835b9f0437e9cfba8836ed4ad51e83e6ff15f995a1bbb4ea3
3fe5a5fb0bb97fc9377755578c5f4318ba26d9131c5fedd794395f9ffd0d2219
44bf3f6eebe0902bce11aacfbaf00c79a68f3ec9551f954326ec54eafe2dc009
4855b971cbd0c8957d4bfbb482e6cba0fcdea7b12163284a555d3e7a1c241e7e
4dc02d32a143d636ba367805fc0ec6f28cee357fb158368bdffc8700686365af
5af05fcf9e7dea14c00e3c4026ce60b95fa96efda4ac593268e78a673cbf330b
63d23bf57dcc0b8d2750509399b02799bfc7a35dc962e2e93f818a07de271fe4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fd37d69d444d24ca3036002a5827680975ccba034bea15dc7a570225d57f28e
83e6753520e63b4d8c68d06a3ab48681abd84ced7e70116f2fec64c128e9fa14
a00ef62c2f830d68b3c4e7a733a4fea9e921a3940cbb42ea5275ecb394a6ce60
abd53c87ca748d5bd8b6cb390ad057bfd758120e5901527d5f9a51cc9812c5b8
b02aab6b2f183fbaf7cd64da57e1a590b56234a5fc0754230855c26108aeb8ee
bb88444ba47283a55e6299fb840a0fbdd9bc36289015e414bfe51d517b113ac9
c02016f58eaa059ebc0919daf0cce093b3e56aa738575754ba8088b711df1f61
c8c3a487d13001b2f12d12eff8e6ee09de890cfa97e3d54abd1c741e045c2866
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12
d8db2a760965dcdfd862bea4f9302b9d3f2d6cd55f1e5308d3fb42908fa3736d
da29d490e7c0752d42cfc57f36840353ca365e8b19374842082258c80f6db14a
dbaeac1a4dd65b0fa31f63887bfb08ed7c551fe491e4ee0b0305fe34af9c29fd
dce184d6e1425792919861c01c7f51b3b303c02557893c57730ef77b3577dd11
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3838dedf1af03a9724f65102ea31f8b426f1bf6947e23e25edf80b018a510a
fdec62f63f2203528660eb235b0c148e971797b67562656d61f42a055716e7cd