www.5giay.vn Open in urlscan Pro
210.211.109.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Submission: On June 20 via manual (June 20th 2021, 1:29:26 pm UTC) from VN

Summary HTTP 150 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 38 IPs in 8 countries across 27 domains to perform 150 HTTP transactions. The main IP is 210.211.109.164, located in Viet Nam and belongs to VTDC-AS-VN Vietel - CHT Compamy Ltd, VN. The main domain is www.5giay.vn.
TLS certificate: Issued by R3 on May 22nd 2021. Valid for: 3 months.

This is the only time www.5giay.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	210.211.109.164 210.211.109.164	38731 (VTDC-AS-V...) (VTDC-AS-VN Vietel - CHT Compamy Ltd)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:19f0:700... 2001:19f0:7001:44f5:5400:1ff:fe84:87ce	20473 (AS-CHOOPA) (AS-CHOOPA)
1	2.16.186.113 2.16.186.113	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
10	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	47.74.174.177 47.74.174.177	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
15	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	210.211.109.167 210.211.109.167	38731 (VTDC-AS-V...) (VTDC-AS-VN Vietel - CHT Compamy Ltd)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
2	139.99.121.205 139.99.121.205	16276 (OVH) (OVH)
3	185.29.133.58 185.29.133.58	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
2	35.241.31.249 35.241.31.249	15169 (GOOGLE) (GOOGLE)
4 5	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	85.239.105.10 85.239.105.10	16097 (HLKOMM 04...) (HLKOMM 04107 Leipzig)
5	2606:4700::68... 2606:4700::6813:b979	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:8860	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:9cf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	108.128.183.11 108.128.183.11	16509 (AMAZON-02) (AMAZON-02)
150	38

45 210.211.109.164 (Viet Nam)

ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN)

www.5giay.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
banner.5giay.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:19f0:7001:44f5:5400:1ff:fe84:87ce (Japan)

ASN20473 (AS-CHOOPA, US)

www.bandatnendongnai.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.113 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-113.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.74.174.177 (Singapore, Singapore)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

adnetwork.adasiaholdings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.211.109.167 (Viet Nam)

ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN)

qc.5giay.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.99.121.205 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: as04.adlooxtracking.com

as.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.58 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.64.38 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 78.46.111.106 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal900027.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.31.249 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 249.31.241.35.bc.googleusercontent.com

data00.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.239.217 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.239.105.10 (Delitzsch, Germany) 1 redirects

ASN16097 (HLKOMM 04107 Leipzig, DE)

trf.greatviews.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:b979 (United States)

ASN13335 (CLOUDFLARENET, US)

www.parship.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:8860 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:9cf3 (United States)

ASN13335 (CLOUDFLARENET, US)

eum.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.183.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-183-11.eu-west-1.compute.amazonaws.com

eum-eu-west-1.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	5giay.vn www.5giay.vn banner.5giay.vn qc.5giay.vn	774 KB
15	fbcdn.net static.xx.fbcdn.net scontent-frt3-1.xx.fbcdn.net scontent-frx5-1.xx.fbcdn.net	429 KB
13	googlesyndication.com 5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	43 KB
11	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	130 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net hal900027.redintelligence.net	42 KB
6	facebook.com www.facebook.com	44 KB
6	twitter.com platform.twitter.com syndication.twitter.com	148 KB
5	parship.ch www.parship.ch	14 KB
5	googletagservices.com www.googletagservices.com	161 KB
4	awin1.com 3 redirects www.awin1.com	2 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	adlooxtracking.com as.adlooxtracking.com data00.adlooxtracking.com	83 KB
4	google.com www.google.com adservice.google.com	1 KB
3	instana.io eum.instana.io eum-eu-west-1.instana.io	10 KB
3	google.de www.google.de adservice.google.de	1 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	pubmatic.com ads.pubmatic.com image6.pubmatic.com	14 KB
2	conrad.ch www.conrad.ch	3 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	googleapis.com fonts.googleapis.com	744 B
1	greatviews.de 1 redirects trf.greatviews.de	1 KB
1	zenaps.com 1 redirects www.zenaps.com	693 B
1	facebook.net connect.facebook.net	77 KB
1	adasiaholdings.com adnetwork.adasiaholdings.com	1 KB
1	sascdn.com ced.sascdn.com	13 KB
1	bandatnendongnai.vn www.bandatnendongnai.vn	95 KB
150	27

	Domain	Requested by
39	www.5giay.vn	www.5giay.vn
13	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.5giay.vn
6	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	www.facebook.com	www.5giay.vn connect.facebook.net
6	banner.5giay.vn	www.5giay.vn
5	www.parship.ch	hal900027.redintelligence.net www.parship.ch eum.instana.io
5	hal900027.redintelligence.net	1 redirects 5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com hal900027.redintelligence.net
5	tpc.googlesyndication.com	5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	www.5giay.vn securepubads.g.doubleclick.net 5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com
4	www.awin1.com	3 redirects hal900027.redintelligence.net
4	platform.twitter.com	www.5giay.vn platform.twitter.com
3	hal9000.redintelligence.net	www.5giay.vn hal900027.redintelligence.net
3	tags.mathtag.com	5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com tags.mathtag.com
2	eum-eu-west-1.instana.io	eum.instana.io
2	fonts.gstatic.com	fonts.googleapis.com
2	www.conrad.ch	hal900027.redintelligence.net
2	data00.adlooxtracking.com	as.adlooxtracking.com
2	as.adlooxtracking.com	securepubads.g.doubleclick.net
2	syndication.twitter.com	platform.twitter.com www.5giay.vn
2	qc.5giay.vn	www.5giay.vn
2	5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.google.com	www.5giay.vn tpc.googlesyndication.com
2	www.google-analytics.com	www.5giay.vn www.google-analytics.com
1	scontent-frx5-1.xx.fbcdn.net	www.facebook.com
1	scontent-frt3-1.xx.fbcdn.net	www.facebook.com
1	eum.instana.io	www.parship.ch
1	static.cloudflareinsights.com	www.parship.ch
1	fonts.googleapis.com	hal900027.redintelligence.net
1	image6.pubmatic.com	ads.pubmatic.com
1	ads.pubmatic.com	5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com
1	trf.greatviews.de	1 redirects
1	www.zenaps.com	1 redirects
1	pixel.mathtag.com	tags.mathtag.com
1	connect.facebook.net	www.5giay.vn
1	adnetwork.adasiaholdings.com	ced.sascdn.com
1	www.google.de	www.5giay.vn
1	stats.g.doubleclick.net	www.google-analytics.com
1	ced.sascdn.com	www.5giay.vn
1	www.bandatnendongnai.vn	www.5giay.vn
150	42

This site contains links to these domains. Also see Links.

Domain
thucphamansinh.com
zalo.me
maps.google.com
lumar.vn
sohot.vn
online.gov.vn
www.webtretho.com
www.tinhte.vn
www.haravan.com
www.sohot.vn
xe360.com
xenforo.com

Subject Issuer	Validity	Valid
5giay.vn R3	`2021-05-22` - `2021-08-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
banner.5giay.vn R3	`2021-05-08` - `2021-08-06`	3 months	crt.sh
bandatnendongnai.vn Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-08-14`	2 years	crt.sh
*.sascdn.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.adasiaholdings.com Go Daddy Secure Certificate Authority - G2	`2021-05-13` - `2022-06-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
qc.5giay.vn R3	`2021-05-30` - `2021-08-28`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.adlooxtracking.com R3	`2021-04-23` - `2021-07-22`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
www.parship.ch Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
www.conrad.ch Cloudflare Inc ECC CA-3	`2021-05-17` - `2022-05-16`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.instana.io DigiCert TLS RSA SHA256 2020 CA1	`2020-11-24` - `2021-12-25`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Frame ID: E505DCADB7E220538140277E2B0420F6
Requests: 75 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.5giay.vn
Frame ID: 05BD36F54F903788205A9B4874B1A888
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDN7J43x5cGqc10I2gQm5me8bDhrerIneSf5bRqyDrXyCHPdk5LOA_afT-6qS5GBvogsk4x8oi-AuPpCRVXbAWb_Kgc1BR4FuVknlkaJ5F-sxdiWel7Ak5slNJikqlFfTFYoOpB_A4gP64SaflqWrAhzdY6yng5kohYAibgS-saMU2vcbyyHQi6h18_JrtU0ItKwrVc5o9drIjQ8OaoGYuWXKcqxovbm-_M2EXLvTjST9lMWDLfqELOGAcePcAq_9qYcQNAPSzCb_9ZcfUsOWhetryC-v5F3jaQu_csgLUPpsydrGaExO7FKgg5fmAv2L8PYGCToJs6XRGiooIGKqPb_kT4LFB0AAE0GXABhGyKfA84dfJ&sai=AMfl-YQBBbiaghJfSp7Cyna2ZVRZu9eK_OIelqpXacrpGixhM4iZT2-cBb-vZ62dg3AnGhA1eb21NzqFLHB-p_LgIzWzL2Og5sWQvR4V0R3j7-rtDyFaeYwoQgwMq7jc8hyA&sig=Cg0ArKJSzCb3qoxM22M2EAE&urlfix=1&adurl=
Frame ID: E4E5EBA2889ECC71DDC41CD4B7B58653
Requests: 7 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.vi.html
Frame ID: CC7F255ED3F891AA5D3DB7CA8D4DA782
Requests: 2 HTTP requests in this frame

Frame: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CBBFDDDC039E629023BE6CD1925C8190
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssA0aRNQlrTGJ9uK9LGDupXuzgGzgu1d8c4xGYoAvrrrm_Zc6azNxl9fMuCMhE46HVS1UJERkmmllUkgLhq5P5p3RitYWX4MenmVu-X4u71uygcXleqp1VTTlg1QDSkcXV8zWbK0ENr_atjOaGnZBYZA_Foz1h04gPwcDUavjIHFPfSzv86JS1lpjqqwjMT4k2DP3pyqECQp4dLZFLRINbEppV6MxDFE-xNABuKS8OSSnz7NayUq3UIpzq4hTjbLCEzGXaX3oUNOdFGInEQaVViEuD67tEX7voBEmxWauUNnjzy7tW_SwYIO9agpvGdJcWkRZM8DWY5CsDxRNvkS73CyjNYtQ&sai=AMfl-YSrMYdKfA6EygcA70tn_BaFdY9m6NSvBW6p_Q4YDDBio01Uh8OJMaFj6hVf_hO2Riy3SRwZDPBMDfDc9r-dBmSnLNvM5yaNoP7xdJWz5gY6-CPC59rCt56vcAwMhxFy&sig=Cg0ArKJSzK02olvjrcIrEAE&urlfix=1&adurl=
Frame ID: F6FAF4D67DFE730D1B31342C7FABDAD6
Requests: 7 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2854460&v=14114&q=410438&r=414915&pref1=80190100077030901060216011631027&pv=1
Frame ID: 4CDFD0F0159143489E9EEFCF5D68D3DC
Requests: 1 HTTP requests in this frame

Frame: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID
Frame ID: 8C9D90551578EF4B6484DED7F80E3BE8
Requests: 9 HTTP requests in this frame

Frame: https://www.conrad.ch/ztpv.php?insert=AW
Frame ID: 4946476AAA109AEE363004D1D3E76E49
Requests: 1 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=80190100077030901060216011631027&a=d3f056bb
Frame ID: 838112FBD8ED87F8FD8334A9BB1C6F8B
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 48A275AC454B9A46C20DBAC70CA00FF9
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26320fe353a878%26domain%3Dwww.5giay.vn%26origin%3Dhttps%253A%252F%252Fwww.5giay.vn%252Ff17fa06332b423c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&layout=button_count&locale=en_US&sdk=joey
Frame ID: 720458A00BD2DDD901A859336505A1A9
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=recommend&app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df315aec47a9901c%26domain%3Dwww.5giay.vn%26origin%3Dhttps%253A%252F%252Fwww.5giay.vn%252Ff17fa06332b423c%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&layout=standard&locale=en_US&sdk=joey&show_faces=true&width=400
Frame ID: 0D4ABE1887534999A69328D6B32AE250
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like_box.php?app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5c4afaf01fe1c%26domain%3Dwww.5giay.vn%26origin%3Dhttps%253A%252F%252Fwww.5giay.vn%252Ff17fa06332b423c%26relation%3Dparent.parent&container_width=205&header=false&height=251&href=https%3A%2F%2Fwww.facebook.com%2F5GiayVietNam&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=205
Frame ID: 66702F4D703433ED3DD59D489F5025AE
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: D8954E766CF32CF614E1FF4D7B42195B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 559147945FCDCA9A80E4C7E27F603A15
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

150
Requests

99 %
HTTPS

55 %
IPv6

27
Domains

42
Subdomains

38
IPs

8
Countries

2141 kB
Transfer

5061 kB
Size

17
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://thucphamansinh.com/bao-gia
Title:

Search URL Search Domain Scan URL

URL: https://zalo.me/0967732911

Search URL Search Domain Scan URL

URL: https://maps.google.com/?q=KCN%20Nh%C6%A1n%20Tr%E1%BA%A1ch%202,%20Huy%E1%BB%87n%20Nh%C6%A1n%20Tr%E1%BA%A1ch,%20%C4%90%E1%BB%93ng%20Nai
Title: (Bản đồ)

Search URL Search Domain Scan URL

URL: https://lumar.vn/

Search URL Search Domain Scan URL

URL: https://sohot.vn/auctions/
Title: SOHOT

Search URL Search Domain Scan URL

URL: http://online.gov.vn/HomePage/WebsiteDisplay.aspx?DocId=218
Title:

Search URL Search Domain Scan URL

URL: http://www.webtretho.com/
Title: Webtretho

Search URL Search Domain Scan URL

URL: http://www.tinhte.vn/
Title: Tinh tế

Search URL Search Domain Scan URL

URL: https://www.haravan.com/
Title: Haravan

Search URL Search Domain Scan URL

URL: http://www.sohot.vn/
Title: Sohot

Search URL Search Domain Scan URL

URL: https://xe360.com/
Title: Xe 360

Search URL Search Domain Scan URL

URL: https://xenforo.com/
Title: Forum software by XenForo™ ©2010-2015 XenForo Ltd.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://hal900027.redintelligence.net/request.php?zone=v0ze6hqos4es&nw=20&renderingType=javascript&namespace=0ccc50a25b&subid=&uid=c767a646a65f102c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8471842244110741643%26mt_id%3D6881361%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D12a960cf-42a3-4a01-8dd3-b7b70f564957%26mt_cid%3D12a960cf-42a3-4a01-8dd3-b7b70f564957%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NzI2NyZzaXRlSWQ9NTUwODA1JmFkSWQ9MTk1MDY2OSZrYWRzaXplaWQ9MTAmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNDQzMjMxNjc3OTA1MDM2NTkwMiZhZFNlcnZlcklkPTI0MyZpbXBpZD1BQTczNDY2Mi03Qjg0LTQyMkUtODVDQS01NUMwNkI2NjE1REMmcGFzc2JhY2s9MA%253D%253D_url%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&ancestorOrigins=https%3A%2F%2Fwww.5giay.vn&random=3802517088951&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900027.redintelligence.net/request.php?zone=v0ze6hqos4es&nw=20&renderingType=javascript&namespace=0ccc50a25b&subid=&uid=c767a646a65f102c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8471842244110741643%26mt_id%3D6881361%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D12a960cf-42a3-4a01-8dd3-b7b70f564957%26mt_cid%3D12a960cf-42a3-4a01-8dd3-b7b70f564957%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NzI2NyZzaXRlSWQ9NTUwODA1JmFkSWQ9MTk1MDY2OSZrYWRzaXplaWQ9MTAmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNDQzMjMxNjc3OTA1MDM2NTkwMiZhZFNlcnZlcklkPTI0MyZpbXBpZD1BQTczNDY2Mi03Qjg0LTQyMkUtODVDQS01NUMwNkI2NjE1REMmcGFzc2JhY2s9MA%253D%253D_url%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&ancestorOrigins=https%3A%2F%2Fwww.5giay.vn&random=3802517088951&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 97

https://www.awin1.com/cshow.php?s=2524213&v=11690&q=377451&r=414915&pref1=80190100077030901060216011631027&pv=1 HTTP 302
https://www.zenaps.com/cshow.php?pvr=7da89aa0-d1cb-11eb-baa4-692d0214a5e5&v=11690&r=414915&q=377451&s=2524213&viewref=80190100077030901060216011631027&pv=1 HTTP 302
https://trf.greatviews.de/cl?m315=c&q=bcFmSNwtSyFj8cl6fn8v8CX8&pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV00ID HTTP 302
https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID

Request Chain 98

https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=80190100077030901060216011631027&pv=1 HTTP 302
https://www.conrad.ch/ztpv.php?insert=AW

Request Chain 109

https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=80190100077030901060216011631027&pv=0 HTTP 302
https://www.conrad.ch/affiliate/banner/logos_b2c/Conrad_Logo_120x60.jpg

150 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/ 100 KB
27 KB 920ms
485ms Document
text/html 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL

https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),

Reverse DNS

Software

Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / nhatnguyet

Resource Hash

911b52291cf482680811e4da43ff6e00788c3dd3b4b84fcf4183f6224688a886

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

:method: GET
:authority: www.5giay.vn
:scheme: https
:path: /threads/viec-lam-kcn-nhon-trach-2.9614031/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding,User-Agent
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, max-age=0
set-cookie: 5s_session=93a264e3f4054240665be70b7d3cf977; path=/; domain=www.5giay.vn; secure; httponly
x-frame-options: SAMEORIGIN
last-modified: Sun, 20 Jun 2021 13:29:05 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-xss-protection: 1
x-powered-by: nhatnguyet
strict-transport-security: max-age=86400
content-encoding: gzip

GET
H2 200 css.php
www.5giay.vn/ 122 KB
24 KB 516ms
511ms Stylesheet
text/css 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL

https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873

Requested by

Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),

Reverse DNS

Software

Nhat Nguyet Websphere 12.3 build 3.456.234.2600 /

Resource Hash

2221aaf2e39930a9097ec771af514c48bfc2f16af906e6ffd712785e2161e5f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:05 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 06:07:53 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
vary: Accept-Encoding Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
cache-control: public
strict-transport-security: max-age=86400
expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H2 200 custom-node-icons
www.5giay.vn/misc/ 10 KB
902 B 516ms
511ms Stylesheet
text/css 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL

https://www.5giay.vn/misc/custom-node-icons?d=1590029201

Requested by

Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),

Reverse DNS

Software

Nhat Nguyet Websphere 12.3 build 3.456.234.2600 /

Resource Hash

6430e607318020a047d21598ef9b639402b42226d60200b749af9c9fc02d63f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /misc/custom-node-icons?d=1590029201
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:05 GMT
content-encoding: gzip
last-modified: Thu, 21 May 2020 02:46:41 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
vary: Accept-Encoding Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
cache-control: public
strict-transport-security: max-age=86400
expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H2 200 css.php
www.5giay.vn/ 56 KB
11 KB 515ms
508ms Stylesheet
text/css 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL

https://www.5giay.vn/css.php?css=bb_code,custom_login_bar_form,discussion_list,facebook,igo_home_page_css,jquery.qtip.min,kwm,login_bar,message,message_user_info,rightlistPrefixes,share_page,thread_view,tinhte_xentag,wf_default&style=11&dir=LTR&d=1623218873

Requested by

Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),

Reverse DNS

Software

Nhat Nguyet Websphere 12.3 build 3.456.234.2600 /

Resource Hash

95fcd8743c078a55e9c221483971d598295b18e094a8d8e9d7ba06d1cdd67710

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:path: /css.php?css=bb_code,custom_login_bar_form,discussion_list,facebook,igo_home_page_css,jquery.qtip.min,kwm,login_bar,message,message_user_info,rightlistPrefixes,share_page,thread_view,tinhte_xentag,wf_default&style=11&dir=LTR&d=1623218873
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:05 GMT
content-encoding: gzip
last-modified: Wed, 09 Jun 2021 06:07:53 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
vary: Accept-Encoding Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
cache-control: public
strict-transport-security: max-age=86400
expires: Wed, 01 Jan 2020 00:00:00 GMT

GET
H2 200 jquery-1.11.0.min.js Show response
www.5giay.vn/js/jquery/ 94 KB
34 KB 328ms
321ms Script
application/x-javascript 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5giay.vn/js/jquery/jquery-1.11.0.min.js
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

:path: /js/jquery/jquery-1.11.0.min.js
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:05 GMT
content-encoding: gzip
etag: W/"563e7ebb-1787d"
last-modified: Sat, 07 Nov 2015 22:44:11 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
expires: Tue, 20 Jul 2021 13:29:05 GMT

GET
H2 200 xenforo.js Show response
www.5giay.vn/js/xenforo/ 162 KB
53 KB 404ms
397ms Script
application/x-javascript 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5giay.vn/js/xenforo/xenforo.js?_v=06e28e09
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: e2a0c03792f12617d0b0e0478a19bb6c24ae3878c28665b94959313a0d86b3e4

Request headers

:path: /js/xenforo/xenforo.js?_v=06e28e09
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:05 GMT
content-encoding: gzip
etag: W/"563e7ebe-28947"
last-modified: Sat, 07 Nov 2015 22:44:14 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
expires: Tue, 20 Jul 2021 13:29:05 GMT

GET
H2 200 jquery.qtip.min.js Show response
www.5giay.vn/js/phc/keywordmanagement/ 43 KB
17 KB 512ms
505ms Script
application/x-javascript 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5giay.vn/js/phc/keywordmanagement/jquery.qtip.min.js?_v=06e28e09
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: fbdb1a21b9aaba55221dd436f153fdd5cef1c5d66d50a3c48e87201c127768ce

Request headers

:path: /js/phc/keywordmanagement/jquery.qtip.min.js?_v=06e28e09
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:05 GMT
content-encoding: gzip
etag: W/"59c9bee4-acdd"
last-modified: Tue, 26 Sep 2017 02:43:48 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
expires: Tue, 20 Jul 2021 13:29:05 GMT

GET
H2 200 kwm.js Show response
www.5giay.vn/js/phc/keywordmanagement/ 4 KB
1 KB 512ms
505ms Script
application/x-javascript 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5giay.vn/js/phc/keywordmanagement/kwm.js?_v=06e28e09
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 700ceb670397df8708ef627ba1e6cb378163d2650568572209916b5c9668f7ca

Request headers

:path: /js/phc/keywordmanagement/kwm.js?_v=06e28e09
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:05 GMT
content-encoding: gzip
etag: W/"59c9bee4-fab"
last-modified: Tue, 26 Sep 2017 02:43:48 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
expires: Tue, 20 Jul 2021 13:29:05 GMT

GET
H2 200 jquery.number.min.js Show response
www.5giay.vn/js/five/ 6 KB
3 KB 511ms
505ms Script
application/x-javascript 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5giay.vn/js/five/jquery.number.min.js?_v=06e28e09
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: e54682a356915c846c7e786b7afd6d7e4dcb5ab7e8d8a77f27d0f11e6dee540a

Request headers

:path: /js/five/jquery.number.min.js?_v=06e28e09
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:05 GMT
content-encoding: gzip
etag: W/"55dfc889-188d"
last-modified: Fri, 28 Aug 2015 02:33:45 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
expires: Tue, 20 Jul 2021 13:29:05 GMT

GET
H2 200 jquery.sticky.js Show response
www.5giay.vn/js/five/ 7 KB
2 KB 511ms
505ms Script
application/x-javascript 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5giay.vn/js/five/jquery.sticky.js?_v=06e28e09
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: c9dc8ec104c88f02b7247bceccae2023a665855ce57e2a3f714d1dfa62cb2262

Request headers

:path: /js/five/jquery.sticky.js?_v=06e28e09
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:05 GMT
content-encoding: gzip
etag: W/"556eaf25-1c03"
last-modified: Wed, 03 Jun 2015 07:39:17 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
expires: Tue, 20 Jul 2021 13:29:05 GMT

GET
H2 200 main.js Show response
www.5giay.vn/js/five/ 4 KB
2 KB 511ms
505ms Script
application/x-javascript 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5giay.vn/js/five/main.js?_v=06e28e09
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: c3a4b99db229f080fcdc2f7ff698ab73e83c468916d35c25bd12fc5bd15be1b8

Request headers

:path: /js/five/main.js?_v=06e28e09
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:05 GMT
content-encoding: gzip
etag: W/"5daeb135-10b7"
last-modified: Tue, 22 Oct 2019 07:35:17 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
expires: Tue, 20 Jul 2021 13:29:05 GMT

GET
H2 200 lazysizes.min.js Show response
www.5giay.vn/js/SV/LazyImageLoader/ 6 KB
3 KB 216ms
212ms Script
application/x-javascript 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5giay.vn/js/SV/LazyImageLoader/lazysizes.min.js
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: aa0e4c5ccd3dcd3d45529ab9fe9753acfdd53b79d4e2d265b54b670e3effaf54

Request headers

:path: /js/SV/LazyImageLoader/lazysizes.min.js
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
content-encoding: gzip
etag: W/"563ae681-16f9"
last-modified: Thu, 05 Nov 2015 05:17:53 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 mBanner.css
www.5giay.vn/igo/changebanner/ 225 B
380 B 509ms
505ms Stylesheet
text/css 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5giay.vn/igo/changebanner/mBanner.css
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 1fc44e8783752f4dfa6f4cfb77b091c97a37d72ce971bfdb2f63de81ce98a95a

Request headers

:path: /igo/changebanner/mBanner.css
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:05 GMT
content-encoding: gzip
etag: W/"56f8e468-e1"
last-modified: Mon, 28 Mar 2016 07:59:36 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 20 Jul 2021 13:29:05 GMT

GET
H2 200 mBanner.js Show response
www.5giay.vn/igo/changebanner/ 10 KB
3 KB 510ms
505ms Script
application/x-javascript 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5giay.vn/igo/changebanner/mBanner.js
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: d9f42899eda68ee014cf0cc8c0eede9a2373c880370593e560d4b783d300aa83

Request headers

:path: /igo/changebanner/mBanner.js
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:05 GMT
content-encoding: gzip
etag: W/"58258aaa-29b3"
last-modified: Fri, 11 Nov 2016 09:08:58 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
expires: Tue, 20 Jul 2021 13:29:05 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba66abe847c018e4a18dfa8861724db879712627f056dd18918b0b04bd4d999d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "907 / 19 of 1000 / last-modified: 1624054126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21490
x-xss-protection: 0
expires: Sun, 20 Jun 2021 13:29:06 GMT

GET
H2 200 / Show response
banner.5giay.vn/ 0
259 B 676ms
239ms Script
text/html 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://banner.5giay.vn/?module=ad&5giaycatid=53&position=c1
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 13:29:06 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
vary: User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 / Show response
banner.5giay.vn/ 0
259 B 675ms
238ms Script
text/html 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://banner.5giay.vn/?module=ad&5giaycatid=53&position=c2
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 13:29:06 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
vary: User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 sticky-new.css
www.5giay.vn/igo/script/sticky_new/ 2 KB
735 B 508ms
505ms Stylesheet
text/css 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5giay.vn/igo/script/sticky_new/sticky-new.css
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: cb35afbba43badbe99bdc30448e3f4389c5b55a66888c50b75535e7b01c362b8

Request headers

:path: /igo/script/sticky_new/sticky-new.css
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:05 GMT
content-encoding: gzip
etag: W/"58084266-6c3"
last-modified: Thu, 20 Oct 2016 04:04:54 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Tue, 20 Jul 2021 13:29:05 GMT

GET
H2 200 lhnb.png
www.5giay.vn/styles/ 4 KB
4 KB 217ms
214ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/styles/lhnb.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 282b202f82ac13a0ff5b11172db4e0c11e1bb413a63ce4bb996e1f8fb3e900dc

Request headers

:path: /styles/lhnb.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "5fcda53a-fbd"
last-modified: Mon, 07 Dec 2020 03:44:58 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4029
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 zalo.png
www.5giay.vn/igo/ 34 KB
34 KB 223ms
220ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/igo/zalo.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: b08a2176f5116bf9b7dc33c923711b288b9146d154270b307e1d904dd15bd863

Request headers

:path: /igo/zalo.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "5dae8fa6-8611"
last-modified: Tue, 22 Oct 2019 05:12:06 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 34321
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 phone.png
www.5giay.vn/igo/ 7 KB
8 KB 233ms
230ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/igo/phone.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 838dae179316cb0fce03a58e751f34805eed97945085342ad0afd7ef81ea692f

Request headers

:path: /igo/phone.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "5daec8d2-1ded"
last-modified: Tue, 22 Oct 2019 09:16:02 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7661
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 / Show response
banner.5giay.vn/ 592 B
681 B 226ms
222ms Script
text/html 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://banner.5giay.vn/?module=ad&5giaycatid=2&position=c6
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 /
Resource Hash: ddd96a77c438ecbb6013cbff60c420e79f5c9beb851333474686e3366308cef0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 13:29:06 GMT
content-encoding: gzip
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 avatar_l.png
www.5giay.vn/styles/default/xenforo/avatars/ 27 KB
27 KB 240ms
238ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/styles/default/xenforo/avatars/avatar_l.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: ac9dc46c9c11a0540dcd4c0e6319293b2d471f1fae4ae8edd5c72679117e0c97

Request headers

:path: /styles/default/xenforo/avatars/avatar_l.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "5594bdbd-6b09"
last-modified: Thu, 02 Jul 2015 04:27:41 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27401
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 cong-ty-cung-ung-lao-dong-min.jpg
www.bandatnendongnai.vn/wp-content/uploads/2021/06/ 95 KB
95 KB 726ms
241ms Image
image/jpeg 2001:19f0:7001:44f5:5400:1ff:fe84:87ce
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bandatnendongnai.vn/wp-content/uploads/2021/06/cong-ty-cung-ung-lao-dong-min.jpg
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:19f0:7001:44f5:5400:1ff:fe84:87ce , Japan, ASN20473 (AS-CHOOPA, US),
Reverse DNS
Software: Nginx / bandatnendongnai.vn
Resource Hash: abaaeb9e82c50bb0ab7ca67bd67bf0aae6df9f70b9f1ce03e47cc5d2086ca563

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 03:55:17 GMT
server: Nginx
x-powered-by: bandatnendongnai.vn
etag: "60bf71d5-17bb0"
content-type: image/jpeg
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 97200
expires: Sat, 17 Jul 2021 03:55:17 GMT

GET
H2 200 hot.gif
www.5giay.vn/styles/default/igo/images/ 2 KB
2 KB 245ms
242ms Image
image/gif 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/styles/default/igo/images/hot.gif
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: d6d32db1c76006216ef7c7cfcd03fbb81fedc45b1bbe8f422ac3575c8b88e571

Request headers

:path: /styles/default/igo/images/hot.gif
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "555e8dd0-865"
last-modified: Fri, 22 May 2015 02:00:48 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2149
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 avatar_default_106x80.png
www.5giay.vn/igo/avatar/ 2 KB
3 KB 246ms
244ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/igo/avatar/avatar_default_106x80.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 2d2b6a37f9c1d811484c53489771fbcf7b7aef4626f6b2165440354299e3ada0

Request headers

:path: /igo/avatar/avatar_default_106x80.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "58dca4f7-99c"
last-modified: Thu, 30 Mar 2017 06:25:59 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2460
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 404 9614008.jpeg
www.5giay.vn/threads_thumb/062021/ 2 KB
3 KB 247ms
244ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/threads_thumb/062021/9614008.jpeg
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 /
Resource Hash: 2d2b6a37f9c1d811484c53489771fbcf7b7aef4626f6b2165440354299e3ada0

Request headers

:path: /threads_thumb/062021/9614008.jpeg
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
etag: "58dca5f5-99c"
content-length: 2460
content-type: image/png

GET
H2 200 9614007.jpg
www.5giay.vn/threads_thumb/062021/ 106 KB
107 KB 253ms
251ms Image
image/jpeg 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/threads_thumb/062021/9614007.jpg
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 837bee1681357388d5f361f39b3fb3e5b5e7d6fd87d8e5334efa8c8483a28176

Request headers

:path: /threads_thumb/062021/9614007.jpg
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "60cec935-1a8e5"
last-modified: Sun, 20 Jun 2021 04:51:01 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 108773
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 9613948.png
www.5giay.vn/threads_thumb/062021/ 194 KB
195 KB 391ms
389ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/threads_thumb/062021/9613948.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 7f548614fb0d9da5631e5b5b7aa8cb239a253863e0f18361efd82f057bc4b258

Request headers

:path: /threads_thumb/062021/9613948.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "60cddd70-3091e"
last-modified: Sat, 19 Jun 2021 12:05:04 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 198942
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 9613909.png
www.5giay.vn/threads_thumb/062021/ 77 KB
77 KB 403ms
400ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/threads_thumb/062021/9613909.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 06a379838288813c47c75235a2ad2172c5b285b216a9063f4bdeac38bb45dde2

Request headers

:path: /threads_thumb/062021/9613909.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "60cdb956-1346a"
last-modified: Sat, 19 Jun 2021 09:31:02 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 78954
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/2060/ 35 KB
13 KB 141ms
51ms Script
application/javascript 2.16.186.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/2060/smart.js
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-113.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 278a9c0226f322fb6adc8c06e28d79607cc5427729dafbf93c157e2b6b874277

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 13:29:06 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 12626
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 lumarpaint.jpg
www.5giay.vn/igo/ 48 KB
48 KB 403ms
401ms Image
image/jpeg 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/igo/lumarpaint.jpg
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 41cf42a81152182b9a092d827ced8f46e735bb862584096650262796739264d3

Request headers

:path: /igo/lumarpaint.jpg
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "60adb025-bfb9"
last-modified: Wed, 26 May 2021 02:19:17 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 49081
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 / Show response
banner.5giay.vn/ 0
259 B 251ms
247ms Script
text/html 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://banner.5giay.vn/?module=ad&5giaycatid=53&position=c3
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 13:29:06 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
vary: User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 / Show response
banner.5giay.vn/ 612 B
693 B 227ms
223ms Script
text/html 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://banner.5giay.vn/?module=ad&5giaycatid=0&position=h5
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 /
Resource Hash: fab9c53c7aa7bf77de0c5c4bdde77e3656257834222167298826edb91f27db39

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 13:29:06 GMT
content-encoding: gzip
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 / Show response
banner.5giay.vn/ 0
258 B 260ms
256ms Script
text/html 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://banner.5giay.vn/?module=ad&5giaycatid=0&position=h4
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 13:29:06 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
vary: User-Agent
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 logo_noel_mobile.png
www.5giay.vn/igo/images/ 4 KB
4 KB 403ms
401ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/igo/images/logo_noel_mobile.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 7af81501a5cb5656e36fb8ed0370dbc645b6e16194fc377713109683b248597e

Request headers

:path: /igo/images/logo_noel_mobile.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "59a8d933-1081"
last-modified: Fri, 01 Sep 2017 03:51:15 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4225
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 logo_noel.png
www.5giay.vn/igo/images/ 15 KB
15 KB 403ms
401ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/igo/images/logo_noel.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 18ba50dd291f3d14735bc14a85de7c014ce783c7c85819d7776eab7ed4da203e

Request headers

:path: /igo/images/logo_noel.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "5902c954-3a4f"
last-modified: Fri, 28 Apr 2017 04:47:16 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14927
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 logo-congthuong.png
www.5giay.vn/igo/trangchu/5s/ 5 KB
6 KB 403ms
401ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/igo/trangchu/5s/logo-congthuong.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: f47c6b0310ec5a450b4f2a9789e08b673bd6d9e22fe39fbf4011c1dff200cd70

Request headers

:path: /igo/trangchu/5s/logo-congthuong.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "5254da2d-15c1"
last-modified: Wed, 09 Oct 2013 04:23:09 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5569
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1829
date: Sun, 20 Jun 2021 12:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 20 Jun 2021 14:58:37 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=849351829&t=pageview&_s=1&dl=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&ul=en-us&de=UTF-8&dt=Vi%E1%BB%87c%20l%C3%A0m%20KCN%20Nh%C6%A1n%20Tr%E1%BA%A1ch%202%20%7C%205giay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=754609246&gjid=1711562480&cid=1164137160.1624195746&tid=UA-1232876-8&_gid=1027664626.1624195746&_r=1&_slc=1&z=1999737411

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 13:29:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.5giay.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-1232876-8&cid=1164137160.1624195746&jid=754609246&gjid=1711562480&_gid=1027664626.1624195746&_u=IEBAAEAAAAAAAC~&z=2080008289

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 20 Jun 2021 13:29:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.5giay.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021061503.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
114 KB 63ms
62ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 21:10:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116743
x-xss-protection: 0
expires: Sun, 20 Jun 2021 13:29:06 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-1232876-8&cid=1164137160.1624195746&jid=754609246&_u=IEBAAEAAAAAAAC~&z=326393629

Requested by

Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 13:29:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-1232876-8&cid=1164137160.1624195746&jid=754609246&_u=IEBAAEAAAAAAAC~&z=326393629

Requested by

Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 13:29:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 category-23px-light.png
www.5giay.vn/styles/default/xenforo/gradients/ 1 KB
1 KB 319ms
318ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/styles/default/xenforo/gradients/category-23px-light.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 4cc4cae0bb86846428c4d8471ec2cd1627e7df4ce1fc4e4bb11c94cf557f9c8e

Request headers

:path: /styles/default/xenforo/gradients/category-23px-light.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977; _ga=GA1.2.1164137160.1624195746; _gid=GA1.2.1027664626.1624195746; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "55603a6c-430"
last-modified: Sat, 23 May 2015 08:29:32 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1072
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 xenforo-ui-sprite.png
www.5giay.vn/styles/default/xenforo/ 9 KB
9 KB 319ms
318ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/styles/default/xenforo/xenforo-ui-sprite.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 9df364139c1fc38b2caab474d596a71c601c8bf5ee5a3e95681f1b877cd1d4ca

Request headers

:path: /styles/default/xenforo/xenforo-ui-sprite.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977; _ga=GA1.2.1164137160.1624195746; _gid=GA1.2.1027664626.1624195746; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "58379b70-24bf"
last-modified: Fri, 25 Nov 2016 02:01:20 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9407
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.5giay.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
317 B 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.5giay.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
5 KB 298ms
298ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3543847824324645&correlator=3876425842934884&output=ldjh&impl=fif&eid=31061502&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210620&iu_parts=21622890900%2CVN_5giay.vn_res_home_mid1_728x90%2C320x100%2C320x50%2C300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4%2F%2F5&prev_iu_szs=728x90&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1624195745&dt=1624195746333&dlt=1624195745445&idt=841&frm=20&biw=1600&bih=1200&oid=3&adxs=302&adys=532&adks=887385340&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=782x0&msz=782x0&ga_vid=1164137160.1624195746&ga_sid=1624195746&ga_hid=849351829&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

7a97d3aa73aaebbf6aa3b525310b05027369a42101503afb89cb43106c4fe18a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4653
x-xss-protection: 0
google-lineitem-id: 4924916588
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138257641633
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.5giay.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 47ms
14ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 tab-selected-light.png
www.5giay.vn/styles/default/xenforo/gradients/ 1006 B
1 KB 212ms
211ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/styles/default/xenforo/gradients/tab-selected-light.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/css.php?css=bb_code,custom_login_bar_form,discussion_list,facebook,igo_home_page_css,jquery.qtip.min,kwm,login_bar,message,message_user_info,rightlistPrefixes,share_page,thread_view,tinhte_xentag,wf_default&style=11&dir=LTR&d=1623218873
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: c5097da42217e110eb92e74d0834e712ea85c4795f54125cab5cd1c3d46103f7

Request headers

:path: /styles/default/xenforo/gradients/tab-selected-light.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977; _ga=GA1.2.1164137160.1624195746; _gid=GA1.2.1027664626.1624195746; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/css.php?css=bb_code,custom_login_bar_form,discussion_list,facebook,igo_home_page_css,jquery.qtip.min,kwm,login_bar,message,message_user_info,rightlistPrefixes,share_page,thread_view,tinhte_xentag,wf_default&style=11&dir=LTR&d=1623218873
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/css.php?css=bb_code,custom_login_bar_form,discussion_list,facebook,igo_home_page_css,jquery.qtip.min,kwm,login_bar,message,message_user_info,rightlistPrefixes,share_page,thread_view,tinhte_xentag,wf_default&style=11&dir=LTR&d=1623218873
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "55603a6d-3ee"
last-modified: Sat, 23 May 2015 08:29:33 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1006
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 gradient_tcat.gif
www.5giay.vn/igo/images/gradients/ 4 KB
4 KB 212ms
212ms Image
image/gif 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/igo/images/gradients/gradient_tcat.gif
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/css.php?css=bb_code,custom_login_bar_form,discussion_list,facebook,igo_home_page_css,jquery.qtip.min,kwm,login_bar,message,message_user_info,rightlistPrefixes,share_page,thread_view,tinhte_xentag,wf_default&style=11&dir=LTR&d=1623218873
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: f818ad01616fcee8e2486a56ac41a4d8de9a569898af6e888432d954be9c951a

Request headers

:path: /igo/images/gradients/gradient_tcat.gif
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977; _ga=GA1.2.1164137160.1624195746; _gid=GA1.2.1027664626.1624195746; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/css.php?css=bb_code,custom_login_bar_form,discussion_list,facebook,igo_home_page_css,jquery.qtip.min,kwm,login_bar,message,message_user_info,rightlistPrefixes,share_page,thread_view,tinhte_xentag,wf_default&style=11&dir=LTR&d=1623218873
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/css.php?css=bb_code,custom_login_bar_form,discussion_list,facebook,igo_home_page_css,jquery.qtip.min,kwm,login_bar,message,message_user_info,rightlistPrefixes,share_page,thread_view,tinhte_xentag,wf_default&style=11&dir=LTR&d=1623218873
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "48b3605d-f7f"
last-modified: Tue, 26 Aug 2008 01:46:05 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3967
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 485 B
284 B 413ms
413ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3543847824324645&correlator=3876425842934884&output=ldjh&impl=fif&eid=31061502&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210620&iu_parts=21622890900%2CVN_5giay.vn_res_article_below2_728x90%2C300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3&prev_iu_szs=728x90&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1624195745&dt=1624195746395&dlt=1624195745445&idt=841&frm=20&biw=1600&bih=1200&oid=3&adxs=302&adys=1832&adks=62352956&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=782x0&msz=782x0&ga_vid=1164137160.1624195746&ga_sid=1624195746&ga_hid=849351829&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1ef88a18c24212613b3ee105a29600d8475f567bd2923ed9da395c5b9323cc22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.5giay.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bgntp1.png
www.5giay.vn/styles/default/five/ 4 KB
4 KB 213ms
213ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/styles/default/five/bgntp1.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: dd216406fd85fbc36271fb0b5eff74d4d5cf4c16ab5e4dff460725d5f308d581

Request headers

:path: /styles/default/five/bgntp1.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977; _ga=GA1.2.1164137160.1624195746; _gid=GA1.2.1027664626.1624195746; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "556dd0b6-10ae"
last-modified: Tue, 02 Jun 2015 15:50:14 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4270
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 ac Show response
adnetwork.adasiaholdings.com/ 22 B
1 KB 1420ms
378ms Script
application/javascript 47.74.174.177
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://adnetwork.adasiaholdings.com/ac?nwid=2060&siteid=289655&pgid=1055810&fmtid=44269&async=1&visit=m&tmstp=277307291&tag=sas_44269&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/2060/smart.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.74.174.177 Singapore, Singapore, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e44c51c44d98e56e70bfdd2a2a9fe73171015812ac7cdb4ce599b66f92b8fde1

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 13:29:07 GMT
content-encoding: br
x-smrt-d: 8%3b5%3b68
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
content-type: application/javascript; charset=UTF-8

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 11 KB
6 KB 598ms
598ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3543847824324645&correlator=3876425842934884&output=ldjh&impl=fif&eid=31061502&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210620&iu_parts=21622890900%2CVN_5giay.vn_pc_home_right3_sticky_160x600%2C120x600&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=160x600%7C120x600&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1624195745&dt=1624195746412&dlt=1624195745445&idt=841&frm=20&biw=1600&bih=1200&oid=3&adxs=1094&adys=553&adks=1309965797&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=205x0&msz=205x0&ga_vid=1164137160.1624195746&ga_sid=1624195746&ga_hid=849351829&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c1263a7aec844385314a037cee8d4fc86cd7820731f92fb55ed93dd63184f2f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 213196
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6331
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 321289
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.5giay.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.5giay.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.5giay.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 13:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 754ms
753ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3543847824324645&correlator=3876425842934884&output=ldjh&impl=fif&eid=31061502&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210620&iu_parts=21622890900%2CVN_5giay.vn_pc_cate_right1_sticky_160x600%2C120x600&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=160x600%7C120x600&prev_scp=ad_group%3Dad_ex2&cookie_enabled=1&bc=31&abxe=1&lmt=1624195745&dt=1624195746421&dlt=1624195745445&idt=841&frm=20&biw=1600&bih=1200&oid=3&adxs=1455&adys=150&adks=3097972743&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=135x-1&msz=135x-1&ga_vid=1164137160.1624195746&ga_sid=1624195746&ga_hid=849351829&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ddccdf1a8d2226cf86856b2bf9e3b5a6788a2896cc8aabb9388dd79ec38cab50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4378
x-xss-protection: 0
google-lineitem-id: 4924916588
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138257374956
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.5giay.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/vn_VI/sdk/ 259 KB
77 KB 81ms
68ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vn_VI/sdk/xfbml.customerchat.js

Requested by

Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7790e40a51728de2f4dab01e8eecee193ec134f1f6ccbb046af0ba261d4316e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IFgYajIdP9dA1K7PEZleTw==
cross-origin-resource-policy: cross-origin
expires: Sun, 20 Jun 2021 13:49:06 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 78175
x-fb-rlafr: 0
x-fb-debug: /G2uMmkLAyz1BLJkJChk6Q38BKSm7hZtjghjQXb7SKNumeIxM9mHJ3OypVeJhgFDdZ9KouKuVoCgFMv3yI6txA==
x-fb-trip-id: 917726464
x-fb-content-md5: 8e82c1f30d228dbf7dc7548d5617376b
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Sun, 20 Jun 2021 13:29:06 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "97380da2d81c915f2ac6dccc34a4c707"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 search-icon.png
www.5giay.vn/styles/default/five/ 1 KB
1 KB 212ms
211ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/styles/default/five/search-icon.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 73d6c99c3d1c1a532ec8034450f164809f8e28960456310b9fc74971a199c1c8

Request headers

:path: /styles/default/five/search-icon.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977; _ga=GA1.2.1164137160.1624195746; _gid=GA1.2.1027664626.1624195746; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "569c8f48-488"
last-modified: Mon, 18 Jan 2016 07:07:52 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1160
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 nav-bg.gif
www.5giay.vn/styles/default/five/ 349 B
574 B 213ms
211ms Image
image/gif 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/styles/default/five/nav-bg.gif
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: fb505e91c4af76a9e411b68657ae26ca6a24f009e1600feca40d27e3646ce74f

Request headers

:path: /styles/default/five/nav-bg.gif
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977; _ga=GA1.2.1164137160.1624195746; _gid=GA1.2.1027664626.1624195746; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "556dd0b6-15d"
last-modified: Tue, 02 Jun 2015 15:50:14 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 349
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 navigation-tab.png
www.5giay.vn/styles/default/xenforo/gradients/ 1 KB
1 KB 213ms
211ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/styles/default/xenforo/gradients/navigation-tab.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 08edf588670f7002d869ca63d5cf8edcde6ee5d80db55aad3faf0b942a34f10a

Request headers

:path: /styles/default/xenforo/gradients/navigation-tab.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977; _ga=GA1.2.1164137160.1624195746; _gid=GA1.2.1027664626.1624195746; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "55603a6c-4d8"
last-modified: Sat, 23 May 2015 08:29:32 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1240
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 new.png
www.5giay.vn/styles/default/five/ 19 KB
19 KB 215ms
214ms Image
image/png 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/styles/default/five/new.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 6d4fe55a88ade6347f8db044c0368e4f23983d19068b354bcf121efbc078ea1a

Request headers

:path: /styles/default/five/new.png
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977; _ga=GA1.2.1164137160.1624195746; _gid=GA1.2.1027664626.1624195746; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "5575740a-4bb1"
last-modified: Mon, 08 Jun 2015 10:52:58 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19377
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 28ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/js/xenforo/xenforo.js?_v=06e28e09
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 13:29:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/6711)
Age: 741
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H2 200 ajaxload.info_FFFFFF_facebook.gif
www.5giay.vn/styles/default/xenforo/widgets/ 723 B
947 B 212ms
212ms Image
image/gif 210.211.109.164
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.5giay.vn/styles/default/xenforo/widgets/ajaxload.info_FFFFFF_facebook.gif
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.164 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / cdn1
Resource Hash: 5a8f886ffb6afed6497f36d8940ab950086a2eb72fe82266f8ac96acc43a8de2

Request headers

:path: /styles/default/xenforo/widgets/ajaxload.info_FFFFFF_facebook.gif
pragma: no-cache
cookie: 5s_session=93a264e3f4054240665be70b7d3cf977; _ga=GA1.2.1164137160.1624195746; _gid=GA1.2.1027664626.1624195746; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.5giay.vn
referer: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.5giay.vn/css.php?css=xenforo,form,public&style=11&dir=LTR&d=1623218873
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
etag: "55603a70-2d3"
last-modified: Sat, 23 May 2015 08:29:36 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: cdn1
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 723
expires: Tue, 20 Jul 2021 13:29:06 GMT

GET
H2 200 tuyendung Show response
qc.5giay.vn/catalog_demo/sticky/ 1 KB
1 KB 701ms
236ms XHR
text/html 210.211.109.167
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://qc.5giay.vn/catalog_demo/sticky/tuyendung
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/js/jquery/jquery-1.11.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.167 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / PHP/5.6.40
Resource Hash: ba053094c3fce9fffd55a81c1ce057ebcca763cbe13ffe53be20346164062136

Request headers

Accept: */*
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:07 GMT
content-encoding: gzip
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.5giay.vn
access-control-allow-headers: *

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 63ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=363772567412181&ev=fb_page_view&dl=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&rl=&if=false&ts=1624195746536&sw=1600&sh=1200&at=

Requested by

Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 20 Jun 2021 13:29:06 GMT

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame 05BD 319 KB
103 KB 9ms
9ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.5giay.vn
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 234878
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 20 Jun 2021 13:29:06 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674C)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 05BD 256 B
441 B 237ms
148ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=a578a616ed9ecc91b65d7eb6f30ed1070b801949

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.5giay.vn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:05 GMT
content-encoding: gzip
last-modified: Sun, 20 Jun 2021 13:29:06 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 10342d4a56c33a0b080f8e3d869150716a3e3df6f442c8d4bced0aeccf5a9fd3
content-length: 176

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E4E5 0
0 89ms
88ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDN7J43x5cGqc10I2gQm5me8bDhrerIneSf5bRqyDrXyCHPdk5LOA_afT-6qS5GBvogsk4x8oi-AuPpCRVXbAWb_Kgc1BR4FuVknlkaJ5F-sxdiWel7Ak5slNJikqlFfTFYoOpB_A4gP64SaflqWrAhzdY6yng5kohYAibgS-saMU2vcbyyHQi6h18_JrtU0ItKwrVc5o9drIjQ8OaoGYuWXKcqxovbm-_M2EXLvTjST9lMWDLfqELOGAcePcAq_9qYcQNAPSzCb_9ZcfUsOWhetryC-v5F3jaQu_csgLUPpsydrGaExO7FKgg5fmAv2L8PYGCToJs6XRGiooIGKqPb_kT4LFB0AAE0GXABhGyKfA84dfJ&sai=AMfl-YQBBbiaghJfSp7Cyna2ZVRZu9eK_OIelqpXacrpGixhM4iZT2-cBb-vZ62dg3AnGhA1eb21NzqFLHB-p_LgIzWzL2Og5sWQvR4V0R3j7-rtDyFaeYwoQgwMq7jc8hyA&sig=Cg0ArKJSzCb3qoxM22M2EAE&urlfix=1&adurl=

Requested by

Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 13:29:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 20 Jun 2021 13:29:06 GMT

GET
H/1.1 200
OK tfav_adl_152.js Show response
as.adlooxtracking.com/ads/js/ Frame E4E5 41 KB
41 KB 816ms
369ms Script
application/javascript 139.99.121.205
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://as.adlooxtracking.com/ads/js/tfav_adl_152.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.99.121.205 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: as04.adlooxtracking.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 81c821e746c88b6e6a291ae7e6927f541ec28c0029203cfb4ef0a90cf4deab1c

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 13:29:07 GMT
Last-Modified: Tue, 18 May 2021 20:24:49 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60a42291-a492"
Content-Type: application/javascript
Cache-Control: no-cache, max-age=60
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42130

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E4E5 122 KB
37 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Sun, 20 Jun 2021 13:29:06 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 23ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:06 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Sun, 20 Jun 2021 13:29:06 GMT

GET
H/1.1 200
OK button.5573c974dc31bbdab5ea7923a0bd5cf3.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 13:29:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/6711)
Age: 234879
Etag: "382be2960021b88f6ce982d997cdbd01+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H/1.1 200
OK tweet_button.06c6ee58c3810956b7509218508c7b56.vi.html Show response
platform.twitter.com/widgets/ Frame CC7F 33 KB
13 KB 8ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.vi.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 0c087a12ce385494d56568b44022ef463be4176c2c0c137c1f14f1ce15cca3eb

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 234664
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 20 Jun 2021 13:29:06 GMT
Etag: "b2f39b9976b8cfc8c723bb797ab43036+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:50 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6711)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12500

GET
DATA 200
OK truncated
/ Frame CC7F 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 container.html Show response
5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CBBF 6 KB
3 KB 21ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 20 Jun 2021 13:29:06 GMT
expires: Mon, 20 Jun 2022 13:29:06 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
375 B 153ms
152ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22vi%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1624195747037%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Sun, 20 Jun 2021 13:29:07 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 10342d4a56c33a0b080f8e3d869150716a3e3df6f442c8d4bced0aeccf5a9fd3
x-transaction: 87606a3c8464ac3f
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CBBF 0
0 90ms
90ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqDdtokLPYJbJMIHb3gOI74z4D7iZ86Jc6bXuu_oCwI23ARABIABglQKCARdjYS1wdWItOTA1ODI5MTg1NDQ0Mzg4McgBCeACAKgDAaoEnwJP0NHrszGycwMDEIcmaT7u4kcx6rF7qWqj28HmxQ7jjPkk-B20DZuc3hfzt4dyNTkL9oHiNsWzwWG2fewWmjsafFpvQpFMU-7SvfTqMsBearx4LOKgLYEq0s9_Q3jS9z3Ddw-kUohprToNrb0ORMd9qV2d7rDXv1jzA2HIS3twqaONSKaxYmQ9J4cMqlGuPY4hviWNEbIZw6UGP1371e9pI6wrweNiQ8d1RAjxpQLh1pL5PRlNW--JLbLkgtkSLcK2JgT3Zvmhc8dmy2P27iafXTzVkJ69OaseBCWKL86TeVJA42CMFu0QhaHsCdY9Rp51-F25yRaz4Ln3ODHhrC92eX6OarnR-FpTTXZidrzjgEkzOuSyVF6DiccBz8vIIuAEAYAG2-aG1oaLi46WAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB4qcsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi0xOTAwNzA4MTcwODcxNDU3gAoD-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTkwNTgyOTE4NTQ0NDM4ODE&sigh=n1Ulcmd3mOw&tpd=AGWhJmssVfr_vAJjAMKlqWfCLN2lSIMSDFocsUL-H3hF_gmVQuaa6FKDO2Sl6Xr4m_Ch4P8VupLo1YntdirSsmZq98kpo147aZKsr8KNOzuyjWm8RqlRFgX7DnTCEjFj2ekicgN7Xu6sadq_3d9kCwPmEwUF3vucDEPWeUDTBJ8RWIBUoqd5cJJgCQudR_XmbiCYSk5y-urkqnrn-zFomKlYJ_26DBR1yyv4CrtXSdAoA0drZs2zL76buygG0VSFXhHkUEegOY68skaAqwUhOFf4_ZTH-fcrHPhyMF71Bv8v4EeGxYBiAvFxjicuH8EgjwEOYSqbLoBbaoeetPVBuJtN2RxEh38oypn96NLZMVLfnlI_hCG1tS0UKzxiIX0Z3F5iQuWiy3aUF_8RqyNP1xqcCBHEtGH2bIQaZ4gjEgianrcq8_EAurT5uDv4j9pEwfOLbL5_Gd061AqWUyVISaVWrjaA7a0x0zRUr2vHFZSnH2IBqfKGAZbCvk9E1qkxBENd9m9OgS7w3GW094BHjTlHAoxhhUIpSSiJZcuSVKpPZLgSF7HgoHtH7TKlqFVLN4mjgJ40kRMopPtye-IyPL19EjvyiKj8Zrp5yuAHnv2Mrc-nlDavmS5w3zxdxceBKUyRuOlOqJ57dwjnl6_1Wgj9Gi1lPKU9ADcxU1VCIoh3W3wACL1EhRlfHKrUtji3oNipTQvOC4mjMqg7MEdqlTAZYgyYjl060VFdmTqbjfR4GaO8WCt3h6jDiseBrIqjcvIhqEpXhTHoGarUSfkqwtw_YGQdVYiQR7bXRrXveMEtPtlCAbybP8Eaomk-Q3aIFket8PowLw8wfjFRuyEmYUkjAetaFNgSSWOT5f6_q2xBUoh_AtVQoFQGa5WRf1ycc4pSJOfW2NZj726C5JO_-aMbqhJWpILPJiopn7ykp_yt2N1u4KgTrWQMPIH63-niiUt-NdaREo0nJM-CwRyqz_0HPU5mVfvjfKDD8jHRu-ywX_Ndn9RE2c5CCcKGvNPMDK6LUYnstgKfrCCvab_7e2PZd0cryPvP_WhzYexXhwlYZbPtPcsKV8kZUTvki1o9PCwCXUDQeOJe2jqR5ftQy4MjIFE69j-eMEk6UYeI26veyrgHH4j_SN56fH7knju9UECK66-y5Qv1_kqgua_BwvXQLyeZ_b1C6oV-T1XdMTSvwvhwNCCZ2RbwkBKgF-ff4u8-63-nh-rFYeDJyAyMHVkaclDpqf93SNXG0d0WRZY1WSYD4yB5FHRgnI6JpCHw-OWL-EbnxGIc6iOMPJYYJ-qDoYH4y0uMC0tNsyKUdS5ee4nMNCqGxGFYwzj0a_lrGUenQODDo4gU4evSafmJEW4PHnZcAttw6rOBpU8mgGGEnEYBxh4G1zD-6FwPvo8dfxLE6SADw4Nmep4iJM_SA9qzFhqJkYGeAVuH3pZeEOtsqb7tn7BYV3uJTtMt-ID5liu8pQMdhFbA1Oa61s3A2SRqkjVzVjCC-Q7d0cqppDU4Qt5j7wr-c8RsN7DW89je-yJ29Wp1Xi_NP8kn76so
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame CBBF 2 KB
2 KB 199ms
67ms Script
application/x-javascript 185.29.133.58
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=pub&s_exch=pub&id=5aW95q2jLzIzLyAvTVRBelpqTXlNRFF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0NzE4NDIyNDQxMTA3NDE2NDMvNjg4MTM2MS80ODMwNjcyLzMvdVFFeVZzTFU5TjBhazh6R25QSVktSTYzWWE4TFJGWFBUSUtBb3lHV1pNRS8xLzMvMC8wLzk2MjQzMS8xNTA1NDY5Njk2LzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NDcxODQyMjQ0MTEwNzQxNjQzL3pyaC8wLzY2LzY0Lzk5OS8yLzg5LjE4Ny4xNjUuMC8wLjAwMC8xNjI0MTk1NzQ2LzE2MjQyMDgzNDYvMy8xNTcyNjcv/eywvEjS-LHDqg_Tk2Ozo4P2cJsU&nodeid=2803&group=eu&auctionid=8471842244110741643&sid=4830672&cid=6881361&price=0.029919&bp=a_aefiia&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.66&3pck=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NzI2NyZzaXRlSWQ9NTUwODA1JmFkSWQ9MTk1MDY2OSZrYWRzaXplaWQ9MTAmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNDQzMjMxNjc3OTA1MDM2NTkwMiZhZFNlcnZlcklkPTI0MyZpbXBpZD1BQTczNDY2Mi03Qjg0LTQyMkUtODVDQS01NUMwNkI2NjE1REMmcGFzc2JhY2s9MA%3D%3D_url%3D
Requested by: Host: 5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com
URL: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.200.1 /
Resource Hash: ffbae82bacf1c3222a9cbde314e23b598fb0332e163206925d728a40c99f4e7d

Request headers

Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 13:28:58 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1624195746
Last-Modified: Sun, 20 Jun 2021 13:29:06 GMT
Server: MMBD/3.200.1
x-mm-latency: 2 (2)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x80, zrh-bidder-x158
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Sun, 20 Jun 2021 13:28:57 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame CBBF 3 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com
URL: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 13:28:51 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CBBF 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com
URL: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Sun, 20 Jun 2021 13:29:07 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame CBBF 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com
URL: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 13:27:01 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CBBF 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com
URL: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jun 2022 14:57:29 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F6FA 0
0 88ms
88ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssA0aRNQlrTGJ9uK9LGDupXuzgGzgu1d8c4xGYoAvrrrm_Zc6azNxl9fMuCMhE46HVS1UJERkmmllUkgLhq5P5p3RitYWX4MenmVu-X4u71uygcXleqp1VTTlg1QDSkcXV8zWbK0ENr_atjOaGnZBYZA_Foz1h04gPwcDUavjIHFPfSzv86JS1lpjqqwjMT4k2DP3pyqECQp4dLZFLRINbEppV6MxDFE-xNABuKS8OSSnz7NayUq3UIpzq4hTjbLCEzGXaX3oUNOdFGInEQaVViEuD67tEX7voBEmxWauUNnjzy7tW_SwYIO9agpvGdJcWkRZM8DWY5CsDxRNvkS73CyjNYtQ&sai=AMfl-YSrMYdKfA6EygcA70tn_BaFdY9m6NSvBW6p_Q4YDDBio01Uh8OJMaFj6hVf_hO2Riy3SRwZDPBMDfDc9r-dBmSnLNvM5yaNoP7xdJWz5gY6-CPC59rCt56vcAwMhxFy&sig=Cg0ArKJSzK02olvjrcIrEAE&urlfix=1&adurl=

Requested by

Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 13:29:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK tfav_adl_152.js Show response
as.adlooxtracking.com/ads/js/ Frame F6FA 41 KB
41 KB 800ms
382ms Script
application/javascript 139.99.121.205
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://as.adlooxtracking.com/ads/js/tfav_adl_152.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.99.121.205 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: as04.adlooxtracking.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1e6a8de32f3549cbc9f1c37130992e3505b087fd5050de4a4378ebb86712e165

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 13:29:07 GMT
Last-Modified: Thu, 20 May 2021 08:58:24 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60a624b0-a492"
Content-Type: application/javascript
Cache-Control: no-cache, max-age=60
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42130

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6FA 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:07 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Sun, 20 Jun 2021 13:29:07 GMT

GET
H2 200 sticky-1683.png
qc.5giay.vn/sticky_thumb/1584/1683/ 12 KB
13 KB 640ms
214ms Image
image/png 210.211.109.167
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qc.5giay.vn/sticky_thumb/1584/1683/sticky-1683.png
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.109.167 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: Nhat Nguyet Websphere 12.3 build 3.456.234.2600 / nhatnguyet-
Resource Hash: b286b503fac03a393afcc7af0e0e79e39ddffe9d6f9abe243fa579dcfe5e5292

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:07 GMT
etag: "6090be38-3105"
last-modified: Tue, 04 May 2021 03:23:36 GMT
server: Nhat Nguyet Websphere 12.3 build 3.456.234.2600
x-powered-by: nhatnguyet-
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 12549
expires: Tue, 20 Jul 2021 13:29:07 GMT

GET
H/1.1 200
OK v0ze6hqos4es Show response
hal9000.redintelligence.net/zone/ Frame CBBF 10 KB
3 KB 224ms
75ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/v0ze6hqos4es?subid=&rnd=8471842244110741643&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8471842244110741643%26mt_id%3D6881361%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D12a960cf-42a3-4a01-8dd3-b7b70f564957%26mt_cid%3D12a960cf-42a3-4a01-8dd3-b7b70f564957%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NzI2NyZzaXRlSWQ9NTUwODA1JmFkSWQ9MTk1MDY2OSZrYWRzaXplaWQ9MTAmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNDQzMjMxNjc3OTA1MDM2NTkwMiZhZFNlcnZlcklkPTI0MyZpbXBpZD1BQTczNDY2Mi03Qjg0LTQyMkUtODVDQS01NUMwNkI2NjE1REMmcGFzc2JhY2s9MA%253D%253D_url%253D%26redirect%3D
Requested by: Host: www.5giay.vn
URL: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e52aa66ea29c95d331ce0ee4ee3987937bfbe49a2adecca66ecc021a6e90a803

Request headers

Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 13:29:07 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3109
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame CBBF 49 B
330 B 188ms
64ms Image
image/gif 185.29.133.58
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=8471842244110741643&node_id=2803&exch_id=3
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=pub&s_exch=pub&id=5aW95q2jLzIzLyAvTVRBelpqTXlNRFF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0NzE4NDIyNDQxMTA3NDE2NDMvNjg4MTM2MS80ODMwNjcyLzMvdVFFeVZzTFU5TjBhazh6R25QSVktSTYzWWE4TFJGWFBUSUtBb3lHV1pNRS8xLzMvMC8wLzk2MjQzMS8xNTA1NDY5Njk2LzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NDcxODQyMjQ0MTEwNzQxNjQzL3pyaC8wLzY2LzY0Lzk5OS8yLzg5LjE4Ny4xNjUuMC8wLjAwMC8xNjI0MTk1NzQ2LzE2MjQyMDgzNDYvMy8xNTcyNjcv/eywvEjS-LHDqg_Tk2Ozo4P2cJsU&nodeid=2803&group=eu&auctionid=8471842244110741643&sid=4830672&cid=6881361&price=0.029919&bp=a_aefiia&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.66&3pck=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NzI2NyZzaXRlSWQ9NTUwODA1JmFkSWQ9MTk1MDY2OSZrYWRzaXplaWQ9MTAmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNDQzMjMxNjc3OTA1MDM2NTkwMiZhZFNlcnZlcklkPTI0MyZpbXBpZD1BQTczNDY2Mi03Qjg0LTQyMkUtODVDQS01NUMwNkI2NjE1REMmcGFzc2JhY2s9MA%3D%3D_url%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.200.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 13:28:58 GMT
Server: MMBD/3.200.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x69, zrh-bidder-x158
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 20 Jun 2021 13:28:57 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame CBBF 43 B
360 B 145ms
56ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=3&v2=8471842244110741643&v3=655130&v4=4830672&v5=6881361&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=pub&s_exch=pub&id=5aW95q2jLzIzLyAvTVRBelpqTXlNRFF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0NzE4NDIyNDQxMTA3NDE2NDMvNjg4MTM2MS80ODMwNjcyLzMvdVFFeVZzTFU5TjBhazh6R25QSVktSTYzWWE4TFJGWFBUSUtBb3lHV1pNRS8xLzMvMC8wLzk2MjQzMS8xNTA1NDY5Njk2LzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NDcxODQyMjQ0MTEwNzQxNjQzL3pyaC8wLzY2LzY0Lzk5OS8yLzg5LjE4Ny4xNjUuMC8wLjAwMC8xNjI0MTk1NzQ2LzE2MjQyMDgzNDYvMy8xNTcyNjcv/eywvEjS-LHDqg_Tk2Ozo4P2cJsU&nodeid=2803&group=eu&auctionid=8471842244110741643&sid=4830672&cid=6881361&price=0.029919&bp=a_aefiia&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.66&3pck=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NzI2NyZzaXRlSWQ9NTUwODA1JmFkSWQ9MTk1MDY2OSZrYWRzaXplaWQ9MTAmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNDQzMjMxNjc3OTA1MDM2NTkwMiZhZFNlcnZlcklkPTI0MyZpbXBpZD1BQTczNDY2Mi03Qjg0LTQyMkUtODVDQS01NUMwNkI2NjE1REMmcGFzc2JhY2s9MA%3D%3D_url%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3759 5f8f15b master cdg-pixel-x28 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 13:29:07 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 20 Jun 2021 13:28:31 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame CBBF 49 B
330 B 187ms
63ms Image
image/gif 185.29.133.58
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=pub&bid=8471842244110741643&st=4830672&time=1624195747&nodeid=2803
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=pub&s_exch=pub&id=5aW95q2jLzIzLyAvTVRBelpqTXlNRFF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0NzE4NDIyNDQxMTA3NDE2NDMvNjg4MTM2MS80ODMwNjcyLzMvdVFFeVZzTFU5TjBhazh6R25QSVktSTYzWWE4TFJGWFBUSUtBb3lHV1pNRS8xLzMvMC8wLzk2MjQzMS8xNTA1NDY5Njk2LzIxNjUzNi82NTUxMzAvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NDcxODQyMjQ0MTEwNzQxNjQzL3pyaC8wLzY2LzY0Lzk5OS8yLzg5LjE4Ny4xNjUuMC8wLjAwMC8xNjI0MTk1NzQ2LzE2MjQyMDgzNDYvMy8xNTcyNjcv/eywvEjS-LHDqg_Tk2Ozo4P2cJsU&nodeid=2803&group=eu&auctionid=8471842244110741643&sid=4830672&cid=6881361&price=0.029919&bp=a_aefiia&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.66&3pck=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NzI2NyZzaXRlSWQ9NTUwODA1JmFkSWQ9MTk1MDY2OSZrYWRzaXplaWQ9MTAmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNDQzMjMxNjc3OTA1MDM2NTkwMiZhZFNlcnZlcklkPTI0MyZpbXBpZD1BQTczNDY2Mi03Qjg0LTQyMkUtODVDQS01NUMwNkI2NjE1REMmcGFzc2JhY2s9MA%3D%3D_url%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.200.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 13:28:58 GMT
Server: MMBD/3.200.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x73, zrh-bidder-x158
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 20 Jun 2021 13:28:57 GMT

GET
H/1.1

200
OK

request.php Show response
hal900027.redintelligence.net/ Frame CBBF
Redirect Chain

https://hal900027.redintelligence.net/request.php?zone=v0ze6hqos4es&nw=20&renderingType=javascript&namespace=0ccc50a25b&subid=&uid=c767a646a65f102c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900027.redintelligence.net/request.php?zone=v0ze6hqos4es&nw=20&renderingType=javascript&namespace=0ccc50a25b&subid=&uid=c767a646a65f102c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

286ms
137ms

Script
application/x-javascript

78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request.php?zone=v0ze6hqos4es&nw=20&renderingType=javascript&namespace=0ccc50a25b&subid=&uid=c767a646a65f102c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8471842244110741643%26mt_id%3D6881361%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D12a960cf-42a3-4a01-8dd3-b7b70f564957%26mt_cid%3D12a960cf-42a3-4a01-8dd3-b7b70f564957%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NzI2NyZzaXRlSWQ9NTUwODA1JmFkSWQ9MTk1MDY2OSZrYWRzaXplaWQ9MTAmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNDQzMjMxNjc3OTA1MDM2NTkwMiZhZFNlcnZlcklkPTI0MyZpbXBpZD1BQTczNDY2Mi03Qjg0LTQyMkUtODVDQS01NUMwNkI2NjE1REMmcGFzc2JhY2s9MA%253D%253D_url%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&ancestorOrigins=https%3A%2F%2Fwww.5giay.vn&random=3802517088951&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com
URL: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 9316d990b7d9d6d6687f3c9843e260fdc6be615beeaeeb756912c51246629164

Request headers

Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 13:29:07 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 80190100077030901060216011631027
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 794
Expires: Sun, 20 Jun 2021 14:29:07 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 20 Jun 2021 13:29:07 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=v0ze6hqos4es&nw=20&renderingType=javascript&namespace=0ccc50a25b&subid=&uid=c767a646a65f102c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8471842244110741643%26mt_id%3D6881361%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D12a960cf-42a3-4a01-8dd3-b7b70f564957%26mt_cid%3D12a960cf-42a3-4a01-8dd3-b7b70f564957%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NzI2NyZzaXRlSWQ9NTUwODA1JmFkSWQ9MTk1MDY2OSZrYWRzaXplaWQ9MTAmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNDQzMjMxNjc3OTA1MDM2NTkwMiZhZFNlcnZlcklkPTI0MyZpbXBpZD1BQTczNDY2Mi03Qjg0LTQyMkUtODVDQS01NUMwNkI2NjE1REMmcGFzc2JhY2s9MA%253D%253D_url%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&ancestorOrigins=https%3A%2F%2Fwww.5giay.vn&random=3802517088951&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 20 Jun 2021 14:29:07 +0200

GET
DATA 200
OK truncated
/ Frame E4E5 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fc687134456044b0e5deb7e0fe9932f3dea3c23fc24152a7d83b7498b99d8da

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E4E5 0
0 144ms
86ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTXrpPTFKZ57-uBwqXMFwVDpu97brKrWdwWymi7fH-AfRd9qX8O6Ni5M3RpQ0tnT9MWzAWSX97Dsa1clq4GVTJj6iIDuLYq1m7hM5F7u9FjJoXsFlXnk1ErZpDIBDNsp2rBNGbSr4u4SWR_rKOoIaJiDwUDGzMc8KZFQWmgMKOyxgGrvFvL-kWSv1XSYB-DWR0XdTRYB0Kky1GCcqfLRNSQQoFKUDnYZOk9wFKRYoObL3nuKLFwoWHOjMo2ukMUAslwO5IC7f-Q04DXg6NTSpQZypu0uDsQYczH0S_l__MPrvRHGJ_JCX0whNtK01ewIRehkjzt1KlzcJP_IVP31BtlZqHBhipln7_uvHAWiv294T8ND3Dcxc&sai=AMfl-YQNCYwgZ1hNDiXnl5TvOsdTAcKyNoAeKrHQgivL_DiyKi9Q2i8-oZh2Bbv4E1ImHY8Z1v65JYjsFRFDvIA4MYBgvXdAxYOEnPDr9Eskgo3SqHOLkgKYMPC9M9ybFot1&sig=Cg0ArKJSzCVTVRaxd2JBEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 13:29:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 20 Jun 2021 13:29:07 GMT

POST
H2 200 ic5.php
data00.adlooxtracking.com/ads/ Frame E4E5 1 B
420 B 174ms
68ms Ping
text/plain 35.241.31.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?adloox_io=1&seq=0&campagne=152&banniere=0&plat=78&adloox_transaction_id=null&bp=&visite_id=28982619905&client=adasia&ctitle=&os=&navigateur=&appname=Netscape&timezone=-120&fai=google_ads_iframe_%2F21622890900%2FVN_5giay.vn_res_home_mid1_728x90%2F%2F320x100%2F%2F320x50%2F%2F300x250%2F%2F336x280_0%40https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&data=-813568601ttttttttffffffttttftffffffffttttf&js=tfav_adl_152.js&commitid=5e1985b&fw=1&version=log&iframe=3&hadnxs=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&url_referrer=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&resolution=1600x1200&nb_cpu=16&nav_lang=en-US&date_regen=2021-05-18%2021%3A21%3A18&debug=7%3A%20top%20%21%3D%20window%20%26%20friendly%20-%3E%20location.href%20&ao=https%3A%2F%2Fwww.5giay.vn&fake=000000&type_crea=2&tagid=95&id11=&id1=4423307908&id2=2469850497&id3=21785946636&id4=21621840631&id5=138257641633&id20=5e1985b
Requested by: Host: as.adlooxtracking.com
URL: https://as.adlooxtracking.com/ads/js/tfav_adl_152.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: nginx/1.19.8 / PHP/7.4.19
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 20 Jun 2021 13:29:07 GMT
content-encoding: gzip
access-control-allow-origin: https://www.5giay.vn
x-powered-by: PHP/7.4.19
route: ads-prod-68c5cc8796-w7r8j
alt-svc: clear
pragma: no-cache
server: nginx/1.19.8
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
timing-allow-origin: *
expires: 0

GET
H/1.1 200
OK Cookie set cshow.php Show response
www.awin1.com/ Frame 4CDF 43 B
703 B 145ms
56ms Document
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2854460&v=14114&q=410438&r=414915&pref1=80190100077030901060216011631027&pv=1

Requested by

Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=v0ze6hqos4es&nw=20&renderingType=javascript&namespace=0ccc50a25b&subid=&uid=c767a646a65f102c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8471842244110741643%26mt_id%3D6881361%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D12a960cf-42a3-4a01-8dd3-b7b70f564957%26mt_cid%3D12a960cf-42a3-4a01-8dd3-b7b70f564957%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NzI2NyZzaXRlSWQ9NTUwODA1JmFkSWQ9MTk1MDY2OSZrYWRzaXplaWQ9MTAmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNDQzMjMxNjc3OTA1MDM2NTkwMiZhZFNlcnZlcklkPTI0MyZpbXBpZD1BQTczNDY2Mi03Qjg0LTQyMkUtODVDQS01NUMwNkI2NjE1REMmcGFzc2JhY2s9MA%253D%253D_url%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&ancestorOrigins=https%3A%2F%2Fwww.5giay.vn&random=3802517088951&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Host: www.awin1.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/

Response headers

Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Content-Type: image/gif
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Content-Length: 43
Date: Sun, 20 Jun 2021 13:29:08 GMT
Connection: keep-alive
Set-Cookie: awpv14114=414915|1624195748|7da8e8c1-d1cb-11eb-9de5-692d0c580a00;domain=.awin1.com;path=/;expires=Tuesday, 20-Jul-2021 13:29:08 UTC;Secure;SameSite=None AWSESS=410438:2854460;domain=.awin1.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H2

200

aff_c.html Show response
www.parship.ch/lp/v00/ Frame 8C9D
Redirect Chain

https://www.awin1.com/cshow.php?s=2524213&v=11690&q=377451&r=414915&pref1=80190100077030901060216011631027&pv=1
https://www.zenaps.com/cshow.php?pvr=7da89aa0-d1cb-11eb-baa4-692d0214a5e5&v=11690&r=414915&q=377451&s=2524213&viewref=80190100077030901060216011631027&pv=1
https://trf.greatviews.de/cl?m315=c&q=bcFmSNwtSyFj8cl6fn8v8CX8&pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV00ID
https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID

724 B
1018 B

173ms
130ms

Document
text/html

2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30e921bae19f924397faac9545bd37cd5c72e38798aa7b0235962d5155e77b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.parship.ch
:scheme: https
:path: /lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-type: text/html
last-modified: Fri, 18 Jun 2021 04:04:09 GMT
vary: Accept-Encoding,User-Agent
p3p: CP="ALL CUR OUR STP UNI PUR"
set-cookie: peg_session=!B8OLseE7jjPEinrrPv2rol1qxN8Mh83wg3LghKOHwFlJqC9zwtvUXzboYsuu7APw3uPLP29jj0p3QY8=; path=/; Httponly; Secure __cf_bm=59754fe63759e7f704212716495bb2f2f2723ab3-1624195748-1800-Ae5p8EuZ+Tdp49HRMswQQ7EK8RzCjKp00XGbcO3LeWX2518+o/kTHV4YcIQ2lCTo5e5TR+8lKz7jbEKvNeMxn4M=; path=/; expires=Sun, 20-Jun-21 13:59:08 GMT; domain=.www.parship.ch; HttpOnly; Secure; SameSite=None
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
cf-request-id: 0acb356ab800001f19d7b92000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 662558245f241f19-FRA
content-encoding: br

Redirect headers

server: nginx
date: Sun, 20 Jun 2021 13:28:57 GMT
content-type: text/html; charset=UTF-8
location: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID
set-cookie: ads_si=a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%2277792fd2-d1cb-11eb-8acb-00155def0803%22%3Bs%3A3%3A%22sit%22%3Bi%3A1624282137%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D; path=/; secure; HttpOnly; SameSite=None cjcookie=a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj77794f3a-d1cb-11eb-8acb-00155def0803%22%3Bs%3A6%3A%22expire%22%3Bi%3A1687267737%3B%7D; expires=Tue, 20-Jun-2023 13:28:57 GMT; Max-Age=63072000; path=/; secure; SameSite=None mcookie=a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%2277792f6e-d1cb-11eb-8acb-00155def0803%22%3Bs%3A11%3A%22click_12791%22%3Bs%3A57%3A%221624195737%25%255529584%25%2577792eb0-d1cb-11eb-8acb-00155def0803%22%3Bs%3A6%3A%22expire%22%3Bi%3A1639747737%3B%7D; expires=Fri, 17-Dec-2021 13:28:57 GMT; Max-Age=15552000; path=/; secure; HttpOnly; SameSite=None ads_pu=a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A1624800537%3B%7D; expires=Sun, 27-Jun-2021 13:28:57 GMT; Max-Age=604800; path=/; secure; HttpOnly; SameSite=None ads_ps=a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D; path=/; secure; HttpOnly; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server-id: 13
x-robots-tag: noindex, nofollow
access-control-allow-origin: *

GET
H2

200

ztpv.php Show response
www.conrad.ch/ Frame 4946
Redirect Chain

https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=80190100077030901060216011631027&pv=1
https://www.conrad.ch/ztpv.php?insert=AW

3 B
762 B

143ms
105ms

Document
text/html

2606:4700::6810:8860
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.conrad.ch/ztpv.php?insert=AW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8860 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: www.conrad.ch
:scheme: https
:path: /ztpv.php?insert=AW
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-type: text/html; charset=UTF-8
server-timing: intid;desc=aa853a49efd6974a intid;desc=71cca4174d3a43a4
cache-control: no-cache
expires: -1
set-cookie: HTLP_timestamp=1624195748; expires=Fri, 25-Jun-2021 13:29:08 GMT; Max-Age=432000; path=/; secure; SameSite=None CEAffHA=AW; expires=Fri, 25-Jun-2021 13:29:08 GMT; Max-Age=432000; path=/; secure; SameSite=None __cf_bm=6553d691d82fcb02678d183aa76ad13d7b9780e6-1624195748-1800-ARYRbr3xA+lBCPz482bi91YBKceGGKQUYgDlZ9vYTMkKPFSADQku3aqbBIzs6aT2OLepCR8r5gv0E48ltzo5Y+Y=; path=/; expires=Sun, 20-Jun-21 13:59:08 GMT; domain=.www.conrad.ch; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
p3p: policyref="http://www.conrad.ch/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
age: 0
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
cf-request-id: 0acb356980000097f08e169000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 662558226cc397f0-FRA
content-encoding: br

Redirect headers

Location: https://www.conrad.ch/ztpv.php?insert=AW
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length: 0
Date: Sun, 20 Jun 2021 13:29:08 GMT
Connection: keep-alive
Set-Cookie: awpv11467=414915|1624195748|7da89aa0-d1cb-11eb-8847-692d0cc96476;domain=.awin1.com;path=/;expires=Sunday, 27-Jun-2021 13:29:08 UTC;Secure;SameSite=None AWSESS=346432:2246412;domain=.awin1.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H/1.1 200
OK request_content.php Show response
hal900027.redintelligence.net/ Frame 8381 7 KB
2 KB 217ms
72ms Document
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request_content.php?s=80190100077030901060216011631027&a=d3f056bb
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=v0ze6hqos4es&nw=20&renderingType=javascript&namespace=0ccc50a25b&subid=&uid=c767a646a65f102c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8471842244110741643%26mt_id%3D6881361%26mt_adid%3D216536%26mt_sid%3D4830672%26mt_exid%3D3%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D12a960cf-42a3-4a01-8dd3-b7b70f564957%26mt_cid%3D12a960cf-42a3-4a01-8dd3-b7b70f564957%26mt_3pck%3Dhttps%253A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%253FclickData%253DJnB1YklkPTE1NzI2NyZzaXRlSWQ9NTUwODA1JmFkSWQ9MTk1MDY2OSZrYWRzaXplaWQ9MTAmdGxkSWQ9MCZjYW1wYWlnbklkPTE2NzM1JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNDQzMjMxNjc3OTA1MDM2NTkwMiZhZFNlcnZlcklkPTI0MyZpbXBpZD1BQTczNDY2Mi03Qjg0LTQyMkUtODVDQS01NUMwNkI2NjE1REMmcGFzc2JhY2s9MA%253D%253D_url%253D%26redirect%3D&documentReferer=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&ancestorOrigins=https%3A%2F%2Fwww.5giay.vn&random=3802517088951&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: fb3fa445a14328f3670897ce069c60921549c6d6213c3b6feec5763cb1447c60

Request headers

Host: hal900027.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=fcca06cd07dfbdfd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/

Response headers

Date: Sun, 20 Jun 2021 13:29:08 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 20 Jun 2021 14:29:08 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2077
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 48A2 38 KB
14 KB 137ms
44ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: 5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com
URL: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=25606
expires: Sun, 20 Jun 2021 20:35:54 GMT
date: Sun, 20 Jun 2021 13:29:08 GMT
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame CBBF 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f85f0fea8a806a30c7f4ac2750cec795f7ecebc34a7876593ae1231161cc6b86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F6FA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb96f297567f4aa0b829fb9774679b16fe9eca4bbca718bee00a935e4f0124bb

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F6FA 0
0 86ms
86ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssf0376sQKh3NYmYvgwKypOYQO6mjIg413rqY8Bq9VGYOMHSQuSg1pNGwuscbJC2B9RXfUwKGAsBgtBSLbRdeB_lI2KsT9SZicuJDWup6PAxN1LzDB_v1YY5B5Be1ejfYk-I7UTMlEf7hR2G6M1qNUqqSDM9gH3dVDRhbsps67plT2FUNLUNc2CqSN2B1xFQR-qyrzVtLDDNCMH4Btog-GcU4XhG0bcXU0au-H4iSbLMeCYLyepRxR2epgmYe3Q88Y7eQaY55NJLt6ZQZrHyTuE0UTjSb6i0rvYiGrGZN_7IF8TU8Fk3yTRu9NyS1mH5nId0xxQ02uWmjXbASbyla0sfkJNjfFK&sai=AMfl-YRfqFmQlOy5YJwEup1jTB8ANUB17rNxPpOp9ccfaKQZ7-N8yUEB2tfbCf40hjZXHQIk372IrmXwlWFZfKXq-vr6A-j06vkMTjQp5Jto9kSqgeIn_ZD47nkob7brrlCX&sig=Cg0ArKJSzKYjH7wfUkK9EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 13:29:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 20 Jun 2021 13:29:08 GMT

POST
H2 200 ic5.php
data00.adlooxtracking.com/ads/ Frame F6FA 1 B
110 B 76ms
76ms Ping
text/plain 35.241.31.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?adloox_io=1&seq=0&campagne=152&banniere=0&plat=78&adloox_transaction_id=null&bp=&visite_id=37514335142&client=adasia&ctitle=&os=&navigateur=&appname=Netscape&timezone=-120&fai=google_ads_iframe_%2F21622890900%2FVN_5giay.vn_pc_cate_right1_sticky_160x600%2F%2F120x600_0%40https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&data=-813568601ttttttttffffffttttftffffffffttttf&js=tfav_adl_152.js&commitid=5e1985b&fw=1&version=log&iframe=3&hadnxs=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&url_referrer=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&resolution=1600x1200&nb_cpu=16&nav_lang=en-US&date_regen=2021-05-20%2008%3A58%3A21&debug=7%3A%20top%20%21%3D%20window%20%26%20friendly%20-%3E%20location.href%20&ao=https%3A%2F%2Fwww.5giay.vn&fake=000000&type_crea=2&tagid=95&id11=&id1=4423307908&id2=2469850497&id3=21785947569&id4=21621840631&id5=138257374956&id20=5e1985b
Requested by: Host: as.adlooxtracking.com
URL: https://as.adlooxtracking.com/ads/js/tfav_adl_152.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: nginx/1.19.8 / PHP/7.4.19
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: gzip
access-control-allow-origin: https://www.5giay.vn
x-powered-by: PHP/7.4.19
route: ads-prod-68c5cc8796-vqrmt
alt-svc: clear
pragma: no-cache
server: nginx/1.19.8
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
timing-allow-origin: *
expires: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 48A2 0
42 B 154ms
49ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54307705&p=157267&s=550805&a=0&ptask=DSP&np=0&fp=1&mpc=10&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:07 GMT
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 8381 4 KB
744 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=80190100077030901060216011631027&a=d3f056bb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 20 Jun 2021 12:45:13 GMT
server: ESF
date: Sun, 20 Jun 2021 13:29:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Jun 2021 13:29:08 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8381 18 KB
18 KB 214ms
72ms Image
image/png 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/18263/creativesup/image-1200x627.jpg
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=80190100077030901060216011631027&a=d3f056bb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a68ed74648414bd6a0328d861deda58ef82aac2549b87fa44ba0f45742e018af

Request headers

Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 13:29:08 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 18697
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 8381 15 KB
15 KB 219ms
77ms Image
image/png 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/21659/creativesup/1200x627_Aline.jpg
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=80190100077030901060216011631027&a=d3f056bb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 304e4bd7fcd5c397dc8fee1e3ce90887fabaa87a3de02b27870809da119ba0df

Request headers

Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 13:29:08 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 14711
Vary: Accept-Encoding
Content-Type: image/png

GET
H2

200

Conrad_Logo_120x60.jpg
www.conrad.ch/affiliate/banner/logos_b2c/ Frame 8381
Redirect Chain

https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=80190100077030901060216011631027&pv=0
https://www.conrad.ch/affiliate/banner/logos_b2c/Conrad_Logo_120x60.jpg

2 KB
2 KB

24ms
24ms

Image
image/webp

2606:4700::6810:8860
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.ch/affiliate/banner/logos_b2c/Conrad_Logo_120x60.jpg

Requested by

Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=80190100077030901060216011631027&a=d3f056bb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8860 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6674a49a1ce0f1098025614223daf6d76c9c32bdfe76b3bcf1134122cb380c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
vary: Accept
cf-cache-status: HIT
age: 5880
cf-polished: qual=85, origFmt=jpeg, origSize=5461
p3p: policyref="http://www.conrad.ch/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-disposition: inline; filename="Conrad_Logo_120x60.webp"
server-timing: intid;desc=063b45727c7f0235
content-length: 1606
cf-request-id: 0acb3569e0000097f05b965000000001
last-modified: Wed, 26 Feb 2020 09:03:45 GMT
server: cloudflare
etag: "1555-59f76e1b8c5ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/webp
accept-ranges: bytes
cf-ray: 66255822fd2197f0-FRA
cf-bgj: imgq:85,h2pri

Redirect headers

Date: Sun, 20 Jun 2021 13:29:08 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.ch/affiliate/banner/logos_b2c/Conrad_Logo_120x60.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
hal900027.redintelligence.net/ Frame 8381 0
150 B 213ms
72ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/viewability?s=80190100077030901060216011631027&a=77b931b2&vb=m
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=80190100077030901060216011631027&a=d3f056bb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900027.redintelligence.net/request_content.php?s=80190100077030901060216011631027&a=d3f056bb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 13:29:08 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 8381 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hal900027.redintelligence.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 18:21:47 GMT
x-content-type-options: nosniff
age: 68841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 18:21:47 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 8381 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://hal900027.redintelligence.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 12:33:53 GMT
x-content-type-options: nosniff
age: 89715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 12:33:53 GMT

GET
H2 200 peg_logger.js Show response
www.parship.ch/static_cms/parship/static/peg_utils/peg_logger/ Frame 8C9D 11 KB
4 KB 16ms
15ms Script
application/x-javascript 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcf6e45981cf5196ae6bf70e51b1d559e0a80c024f83146b644360a236b3da23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22674
strict-transport-security: max-age=15552000
cf-request-id: 0acb356b3900001f193193b000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Jun 2021 06:12:23 GMT
server: cloudflare
etag: W/"60b9c447-2c4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 6625582529001f19-FRA
expires: Mon, 21 Jun 2021 07:11:14 GMT

GET
H2 200 pegtracking_combined.js Show response
www.parship.ch/static_cms/parship/static/peg_utils/tracking/ Frame 8C9D 28 KB
9 KB 22ms
21ms Script
application/x-javascript 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ca1acc16710ab33ec2c8e8e7bca4d9fa7b6ee242303c0b4efff9dded5d8aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22674
strict-transport-security: max-age=15552000
cf-request-id: 0acb356b3c00001f19f0310000000001
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Mar 2021 11:26:43 GMT
server: cloudflare
etag: W/"604609f3-6f38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 6625582529031f19-FRA
expires: Mon, 21 Jun 2021 07:11:14 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame 8C9D 13 KB
5 KB 13ms
13ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.parship.ch
URL: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 662558252abb4a92-FRA
cf-request-id: 0acb356b3a00004a92cb819000000001

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E4E5 42 B
518 B 59ms
39ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaJ08ZgnHXEGeS1MqcBpx65CkObNZd0BJJCY9zF19xFJui36v7sPx-zsgF29U5RYipCHLcUMew69BhYpqiVWj59zAcwp_gu8UAizE18FA&sig=Cg0ArKJSzDRHsM9jmRzdEAE&id=lidar2&mcvt=1000&p=414,302,504,1030&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210616&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=887385340&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624195746649&dlt=0&rpt=1031&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 13:29:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 eum.min.js Show response
eum.instana.io/ Frame 8C9D 24 KB
9 KB 48ms
22ms Script
application/javascript 2606:4700::6810:9cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum.instana.io/eum.min.js
Requested by: Host: www.parship.ch
URL: https://www.parship.ch/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d72fe48350b82bd31bd6c6b8e90811d971f483c9722af13005cb7539a0c0a2fa

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 400122
cf-ray: 66255825885d4d84-FRA
cf-request-id: 0acb356b7200004d842b88c000000001
access-control-allow-origin: *
last-modified: Tue, 15 Jun 2021 15:42:43 GMT
server: cloudflare
etag: -1517129700--gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin: *

GET
H2 200 nvi Show response
www.parship.ch/nocache/ Frame 8C9D 15 B
414 B 53ms
52ms XHR
application/json 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/nocache/nvi?url_path=%2Flp%2Fv00%2Faff_c.html&pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID&ref=https%3A%2F%2F5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com%2F

Requested by

Host: www.parship.ch
URL: https://www.parship.ch/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/json
cf-ray: 6625582559581f19-FRA
content-length: 15
cf-request-id: 0acb356b5500001f19c9924000000001

GET
H3-29 200 share_button.php Show response
www.facebook.com/v3.2/plugins/ Frame 7204 43 KB
13 KB 70ms
69ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/share_button.php?app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26320fe353a878%26domain%3Dwww.5giay.vn%26origin%3Dhttps%253A%252F%252Fwww.5giay.vn%252Ff17fa06332b423c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&layout=button_count&locale=en_US&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vn_VI/sdk/xfbml.customerchat.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b44e239d7ae95c5f64893652dd5e028ba962e1692cee303a17cafd19c264a5f5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/share_button.php?app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26320fe353a878%26domain%3Dwww.5giay.vn%26origin%3Dhttps%253A%252F%252Fwww.5giay.vn%252Ff17fa06332b423c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&layout=button_count&locale=en_US&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v3.3
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: PWoE0b8dEcVM5oqGxQkPgSnMoMLx9B7Z+FnySp3zfbV0AK3Q1dZsD1aSkA0Nki1X9GxIN2lAPREPCEcnd/k+Vw==
date: Sun, 20 Jun 2021 13:29:08 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 like.php Show response
www.facebook.com/v3.2/plugins/ Frame 0D4A 46 KB
14 KB 72ms
72ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/like.php?action=recommend&app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df315aec47a9901c%26domain%3Dwww.5giay.vn%26origin%3Dhttps%253A%252F%252Fwww.5giay.vn%252Ff17fa06332b423c%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&layout=standard&locale=en_US&sdk=joey&show_faces=true&width=400

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vn_VI/sdk/xfbml.customerchat.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bc5a52d2374d525bd3a7a6286e7848bf9a4a5d62d92ff24f19063893f065bc71

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/like.php?action=recommend&app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df315aec47a9901c%26domain%3Dwww.5giay.vn%26origin%3Dhttps%253A%252F%252Fwww.5giay.vn%252Ff17fa06332b423c%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&layout=standard&locale=en_US&sdk=joey&show_faces=true&width=400
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report","include_subdomains":true}
x-fb-rlafr: 0
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coep_report"
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v3.3
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 9yjwv4X3BfNf3b2fgWc3nit8FVeEFzub0q6Ci3HzwIxZm5MWxtaB7XKt/0Sb6YlLn/fpFvF0yllWnUT5cc+KhA==
date: Sun, 20 Jun 2021 13:29:08 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 like_box.php Show response
www.facebook.com/v3.2/plugins/ Frame 6670 53 KB
16 KB 92ms
92ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/like_box.php?app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5c4afaf01fe1c%26domain%3Dwww.5giay.vn%26origin%3Dhttps%253A%252F%252Fwww.5giay.vn%252Ff17fa06332b423c%26relation%3Dparent.parent&container_width=205&header=false&height=251&href=https%3A%2F%2Fwww.facebook.com%2F5GiayVietNam&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=205

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vn_VI/sdk/xfbml.customerchat.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

650538fa16e7c3a06f738327323c1850964b67d03b6c5a825f37780f9d5ff31c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/like_box.php?app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5c4afaf01fe1c%26domain%3Dwww.5giay.vn%26origin%3Dhttps%253A%252F%252Fwww.5giay.vn%252Ff17fa06332b423c%26relation%3Dparent.parent&container_width=205&header=false&height=251&href=https%3A%2F%2Fwww.facebook.com%2F5GiayVietNam&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=205
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v3.3
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 078bKgqStnMt/JYmVvIKgQwbtd5Y/lgjsooV9faZaj0x+i/N1TYq6ylqkbpCdGOZYP53WwrnISJRaIftMBn3+A==
date: Sun, 20 Jun 2021 13:29:08 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 33ms
19ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061503&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6de8a0ceea88b4bd55779cf77e6a60f94a2d5ccb0203537859d54b0e44f4ea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7892
x-xss-protection: 0

POST
H2 200 rum Show response
www.parship.ch/cdn-cgi/ Frame 8C9D 0
211 B 14ms
14ms XHR
text/plain 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.ch/cdn-cgi/rum?req_id=662558245f241f19

Requested by

Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-INSTANA-T: ced8affddb8ac8b7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID
X-INSTANA-S: ced8affddb8ac8b7
X-INSTANA-L: 1,correlationType=web;correlationId=ced8affddb8ac8b7
content-type: application/json

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.parship.ch
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 66255825ca551f19-FRA
vary: Origin

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 20 Jun 2021 13:29:08 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame D895 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 20 Jun 2021 13:28:34 GMT
expires: Mon, 20 Jun 2022 13:28:34 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 34
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5591 783 B
532 B 24ms
23ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dc6a65d3c26abc69d593f853316df1541fd847ea35d6c8ac8ae36992fb8adb7e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K6c66lSQU7qqoJgSqg2P4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/

Response headers

expires: Sun, 20 Jun 2021 13:29:08 GMT
date: Sun, 20 Jun 2021 13:29:08 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-K6c66lSQU7qqoJgSqg2P4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zSKZHMh8mXU.png
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 7204 388 B
633 B 7ms
6ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/zSKZHMh8mXU.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26320fe353a878%26domain%3Dwww.5giay.vn%26origin%3Dhttps%253A%252F%252Fwww.5giay.vn%252Ff17fa06332b423c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&layout=button_count&locale=en_US&sdk=joey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: BrF1Viy6iAFeA3fyinxZXRDWmPNRsakxnTDRrhyBvpH02O0LnfcRTOePGlBtRJONPVXzH0UFAhB5REJvDXJWwg==
x-fb-trip-id: 917726464
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: mLIKfuTnwd0c8uA9BXg4cQ==
date: Sun, 20 Jun 2021 13:29:08 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 388
x-fb-rlafr: 0
expires: Thu, 16 Jun 2022 05:13:14 GMT

GET
H2 200 lCBXLPxAbEd.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yS/l/en_US/ Frame 7204 509 KB
133 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yS/l/en_US/lCBXLPxAbEd.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cf7d446cd036edf188277a0442d66d7ad979ff9cb38cb79391b20ceeb107e981

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nEfkuP7dYXmflvlkjncBsQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 135990
x-fb-rlafr: 0
x-fb-debug: J6iS2fttAV3ccxAHf14wMLivUT5s9vk+IKLnEtcezRBGPSLu/BT/1o9+C4fzlvYijHEXHWfsfBqQqErPVWng0A==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 18 Jun 2022 23:21:04 GMT

GET
H3-29 200 r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js Show response
pagead2.googlesyndication.com/bg/ Frame D895 14 KB
6 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afd5018c84a870d00826562927d8eceaa4b5424c6517c59e2f02814f5f4e9cf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 12:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5758
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jun 2022 12:46:36 GMT

GET
H3-29 200 zSKZHMh8mXU.png
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 0D4A 388 B
439 B 19ms
6ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/zSKZHMh8mXU.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/like.php?action=recommend&app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df315aec47a9901c%26domain%3Dwww.5giay.vn%26origin%3Dhttps%253A%252F%252Fwww.5giay.vn%252Ff17fa06332b423c%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&layout=standard&locale=en_US&sdk=joey&show_faces=true&width=400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: BrF1Viy6iAFeA3fyinxZXRDWmPNRsakxnTDRrhyBvpH02O0LnfcRTOePGlBtRJONPVXzH0UFAhB5REJvDXJWwg==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: mLIKfuTnwd0c8uA9BXg4cQ==
date: Sun, 20 Jun 2021 13:29:08 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 388
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
x-fb-rlafr: 0
expires: Thu, 16 Jun 2022 05:13:14 GMT

GET
H3-29 200 lCBXLPxAbEd.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yS/l/en_US/ Frame 0D4A 509 KB
133 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yS/l/en_US/lCBXLPxAbEd.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cf7d446cd036edf188277a0442d66d7ad979ff9cb38cb79391b20ceeb107e981

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nEfkuP7dYXmflvlkjncBsQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 135990
x-fb-rlafr: 0
x-fb-debug: J6iS2fttAV3ccxAHf14wMLivUT5s9vk+IKLnEtcezRBGPSLu/BT/1o9+C4fzlvYijHEXHWfsfBqQqErPVWng0A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 23:21:04 GMT

GET
H3-29 200 1_Fv7G3Bc_k.css
static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/ Frame 6670 23 KB
5 KB 21ms
12ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/1_Fv7G3Bc_k.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/like_box.php?app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5c4afaf01fe1c%26domain%3Dwww.5giay.vn%26origin%3Dhttps%253A%252F%252Fwww.5giay.vn%252Ff17fa06332b423c%26relation%3Dparent.parent&container_width=205&header=false&height=251&href=https%3A%2F%2Fwww.facebook.com%2F5GiayVietNam&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=205

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9e45836d61aea9666f3a5c4c356fa4e5e757bdeaaa6138018feea1a5e1b5f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1D70mvE69nPwQbVIRvYrdw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 5297
x-fb-rlafr: 0
x-fb-debug: p21sKV6xQZ39mCtjLEVCWq2VATrZPSvTa8r/sFFQLnVrRAzp+ELHSXuGGgeGQA1lCBYk2rLPJyng0ABdn87rnw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 19 Jun 2022 18:15:34 GMT

GET
H3-29 200 ggzcJLJkhSr.css
static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/ Frame 6670 3 KB
1 KB 21ms
12ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/ggzcJLJkhSr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b3408a1b744ce1351e9554b861c45480f39e54c059f3b11f4e77f9f13564ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ywe+5CCuBA6nTAXpv0OCFQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1102
x-fb-rlafr: 0
x-fb-debug: E1JAIrPEXfUvR7jP0cyX0nkB9w0dYd5RsP9khcmO4/N4WfbxQ9D4h+FbxCuyR97M32WQOUJpHgA1NbkuUBvMOQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 17 Jun 2022 07:56:06 GMT

GET
H3-29 200 jXrsEmrUaEC.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame 6670 297 KB
80 KB 15ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/jXrsEmrUaEC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5a915d50f69eefcd76b8b57ce8b439080c67d16fb77def91b9d6ba947d662c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: u4XoyvmBU4eRGoHYqdK/aQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 82192
x-fb-rlafr: 0
x-fb-debug: W1hEWDrqH0oDfpuFl+MXjLOhrHGuZYKZsW+bTehVBnqa4Rh0nTuzCnEkDOU42YzZGyH40If0LbUxz14DobqcmA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 23:18:52 GMT

GET
H3-29 200 IEOQM8FL8ot.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 6670 5 KB
2 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/IEOQM8FL8ot.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mrvV7Xg6Liq29ANLrbPdkw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1630
x-fb-rlafr: 0
x-fb-debug: Jctd8aW3GKIdRzANwBtP0bz2sTCq87ut5704He6+FiZZn9L9oZ1+sGEjZxLrqwhyVOV4maTbGQSZOoEWeLAoLg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 00:02:39 GMT

GET
H3-29 200 NqexeeEEFcD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yE/r/ Frame 6670 65 KB
20 KB 20ms
12ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/NqexeeEEFcD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b5f5a8182de38890b86c7bd4ad823e94b36dea8fe12641ebb9c428ae4702e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: J9LwtoJZfGFSWXqMdsibEg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 20242
x-fb-rlafr: 0
x-fb-debug: WxxFyBdr45dbJp8PSoA4TayC2aFDrEq4A35swe3aZGOgKNJQs2yBKhfLV6u1uXlUD+p+wJyr2XcFMHMqdLInww==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 19 Jun 2022 20:34:32 GMT

GET
H3-29 200 hquZTtfTKhX.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y_/l/en_US/ Frame 6670 130 KB
36 KB 19ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y_/l/en_US/hquZTtfTKhX.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

814e6e15c71b9ac889bb0071660fe580ad88cdeb795784c5e7df88613cf957c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GMnn1MI9zfkoMHndkE011A==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 36822
x-fb-rlafr: 0
x-fb-debug: g42qbE0xFu0sWtRrB7v2rRMYoFURWg2KRBiTvfjt5dfS8flVEdnqLbyPoLyNd9t85qalUxrOTlrt6mHayg6PDg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 19 Jun 2022 18:16:18 GMT

GET
H2 200 133433955_3638726552873024_31733202289823522_n.png
scontent-frt3-1.xx.fbcdn.net/v/t1.6435-0/p130x130/ Frame 6670 8 KB
8 KB 20ms
7ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t1.6435-0/p130x130/133433955_3638726552873024_31733202289823522_n.png?_nc_cat=102&ccb=1-3&_nc_sid=dd9801&_nc_ohc=HlQvtaMu_YcAX_3nDDa&_nc_ht=scontent-frt3-1.xx&tp=30&oh=25bc0bdca00d2ca2bd634f5addfe4225&oe=60D46961
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/like_box.php?app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5c4afaf01fe1c%26domain%3Dwww.5giay.vn%26origin%3Dhttps%253A%252F%252Fwww.5giay.vn%252Ff17fa06332b423c%26relation%3Dparent.parent&container_width=205&header=false&height=251&href=https%3A%2F%2Fwww.facebook.com%2F5GiayVietNam&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 14ed7b99cfba24944e676afecd7603396c225fbbb961e455eabbbcd3779bec66

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1353064913
date: Sun, 20 Jun 2021 13:29:08 GMT
x-fb-trip-id: 686109401
last-modified: Sat, 26 Dec 2020 06:00:54 GMT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3912022255
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 8377

GET
H2 200 44067598_1965451133533916_4092662851615850496_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/ Frame 6670 2 KB
2 KB 7ms
6ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/44067598_1965451133533916_4092662851615850496_n.jpg?_nc_cat=111&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=7JoBhmuiMXoAX-p__zM&_nc_ht=scontent-frx5-1.xx&tp=27&oh=ecf4913954ece8df3306d0011294c6d8&oe=60D36973
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/like_box.php?app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5c4afaf01fe1c%26domain%3Dwww.5giay.vn%26origin%3Dhttps%253A%252F%252Fwww.5giay.vn%252Ff17fa06332b423c%26relation%3Dparent.parent&container_width=205&header=false&height=251&href=https%3A%2F%2Fwww.facebook.com%2F5GiayVietNam&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=205
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f7bcc80a3c33950f21b535283891256ac63e657ae7660f9ef0f6b7898d9c95de

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1423566184
date: Sun, 20 Jun 2021 13:29:08 GMT
x-fb-trip-id: 917726464
last-modified: Tue, 16 Oct 2018 11:17:12 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3093608180
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1634

GET
H3-29 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 7204 67 B
97 B 38ms
38ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1624195748834&t_start=1624195748834&t_domcontent=1624195748844&t_layout=1624195748921&t_onload=1624195748921&t_paint=1624195748921&t_creport=1624195748921&t_tti=1624195748844&lid=6975867620484021407-0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26320fe353a878%26domain%3Dwww.5giay.vn%26origin%3Dhttps%253A%252F%252Fwww.5giay.vn%252Ff17fa06332b423c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&layout=button_count&locale=en_US&sdk=joey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: 2jqhJ5hIG42aYcdj29POcq3IQNxQ1/RY/FMzm0cio4auQWsIHs+apn6PHVoxoCsl3NtG9QYjjqrSzSlmi1fqSQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 20 Jun 2021 13:29:08 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 ApcBOUT5FoS.png
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame 6670 573 B
624 B 8ms
8ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/1_Fv7G3Bc_k.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/1_Fv7G3Bc_k.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: xrJ3ieg6/Oy1WTJxXfAJJfeQE963aD7IzAZTBiNclB2zMMzZUY2NJx50gHyYBMVeIc9Y1VnmB0qtFJ2VZRQIfQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Sun, 20 Jun 2021 13:29:08 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 573
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
x-fb-rlafr: 0
expires: Thu, 16 Jun 2022 01:34:36 GMT

GET
H3-29 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 0D4A 67 B
97 B 36ms
36ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1624195748854&t_start=1624195748855&t_domcontent=1624195748862&t_layout=1624195748969&t_onload=1624195748969&t_paint=1624195748969&t_creport=1624195748969&t_tti=1624195748862&lid=6975867620553027704-0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/like.php?action=recommend&app_id=363772567412181&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df315aec47a9901c%26domain%3Dwww.5giay.vn%26origin%3Dhttps%253A%252F%252Fwww.5giay.vn%252Ff17fa06332b423c%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=https%3A%2F%2Fwww.5giay.vn%2Fthreads%2Fviec-lam-kcn-nhon-trach-2.9614031%2F&layout=standard&locale=en_US&sdk=joey&show_faces=true&width=400
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: +QIjhi0BUfTgSAlcNcWHUtDkQIxVAJhuk2Oa2C+V00yF6utfzvU4MdNzgVo0VV9AN/VmHSE+eZVUtxjQSqJwpA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 20 Jun 2021 13:29:08 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 4yjqbU_BRDU.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 6670 15 KB
5 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/4yjqbU_BRDU.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/jXrsEmrUaEC.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20fa21e201dd39b45d28e9ed67db67201fe061ee659f6cacc7cae18e0662de4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: als2HEWIl2QBDmwJFgBEyw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 5035
x-fb-rlafr: 0
x-fb-debug: qT1DqpVFvraez1A5tow1CZjMct2WOkqMQBneUyJky1If4Zu4GgizasO5uB8uHfaJSTzg7MScBhbb2+vcBoW57w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 19 Jun 2022 18:16:40 GMT

GET
H3-29 200 JopZtdti8dq.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame 6670 7 KB
2 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/JopZtdti8dq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/jXrsEmrUaEC.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mTMNw9OoY8KLmzHcqJmeVA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2270
x-fb-rlafr: 0
x-fb-debug: Y/Q5HA9Mq0fqg73drb6lk/lULKJDLDOMNJV6WVTYcW1yAomu4QEOhvxPH+X1EKK0V06XzaHXu08mbNlP/ADPSw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 17 Jun 2022 06:57:48 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CBBF 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9IA0UC2i-KJTASwNCDjb6nRH-qHez7wuk1wa2X8sk3PeQC4XaHhRHJjIZ43Vp1zu9_Nkq6PWBsQMHUD9xbPMYbg9a9l3gTg&sig=Cg0ArKJSzJMNA0CqU1JTEAE&id=lidar2&mcvt=1000&p=693,1116,1293,1276&asp=553,1116,1153,1276&mtos=909,1000,1000,1000,1000&tos=909,91,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1309965797&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624195747027&dlt=23&rpt=1043&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 13:29:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021061503&jk=3543847824324645&bg=!zM-lz4vNAAZktE7iZLQ7ACkAdvg8WtnVa8AiMpNqTCU46xzjqwyrc2n0-BHJAIKWSzzFgeG7qcmPJwIAAAC5UgAAAAhoAQcKAI-dKg6DSM9368QlxPNESuawiyVjX2lTCIyMInfACfVI2fy8qMo4la5MS8nrk5MKdcO12NzJJRRc4OoNpi7oL5qNyRCwMeqVeniWaAt9iqHjB8a6622aGzxKXhTUNrQU5Y5AnrFMPJIYtzjxiG0pQXsfCtNAyFf3sdgM3VhRkIAOj2kX9QvxUns5N_WGG2EUhJkCcXcHaKrD7I8sidxqTO_0XrsBdl65LMHnVq3lMLiTDSjN622DsIrDGis0rAnKKHC6QmfnNxaOOnW2vqYO-CSl8IoiKZ-rrwslbPEgFqr5HgKIXKhQmJiXN19vlRqjtvKxsthUs-prvF8Tzl8W64qp5tOa62aZin47e6aI2vNOC4fc7ZHloYmUMPY9JdpdrGADTMvYf800zOaWUKA8p5z1vxAs0ralkS3SIiatns1M4L5TWdT8T_Ze4t2i036spTAqBwKZoN0JiPsovGYXSoabXF4XfQGeQVCSVvap4u985J5OyGns2EhYods4AXv__t9XRbq_LZSLRXfq85qxlskFgGiv6HdwpizchiIV0g8D0XxI4zHYR4u8BRxj5cBFgjb_ZkYjttHcKB_XAKa1MxQsw0qdjONFAAZuN8SVrdkI835j37-LkomNpFidFg1H5udpcDH8iYGKiSDkcas09MKwyazLLNpAqeSH3Q9HGuGbSzqWWqDti3MUnRZekXlwBU-WR9bkdppewacKZRWElejOAt9oJsOtp1gUQuPsNbiRGSmi7tDQqiudfn3XMu2uE52f6x51fgBEgjXNhFzFr_CrlU1lc6uj1jIxIGvT8_SjjI27ZYs8WJ_-LH1a8sm8ln7SuPE2N3Un7fFj-P8n6ssLQRGFjQyGdlElK945C1TDeucn4oxhRyMCWA5643A-Kaiq2A1diPW9zFA9qI7rnyDNm2_s9slDc2Cfl0sfVrOPHkPGonYO3XrbAmszC_FjnUFNLqvrc4-WDxs_yBxfwocQew4eT6lIvKoM_h-1In2DTazDzHDnWqB60-9SF4DapcDUlWQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 13:29:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F6FA 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVmBqLV7iat8qMw1g1gaG1rIUYnHPM3Nr1JU96bfE_RciB_zEAtdYoJs5OReE9TFXgs7wGtX1zaQnH6vPzC9G5t7Nn9CSYgBwm4JUxMfY&sig=Cg0ArKJSzCxDgobJtzkzEAE&id=lidar2&mcvt=1000&p=150,1455,750,1575&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210616&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3097972743&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624195747183&dlt=0&rpt=1029&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.5giay.vn/threads/viec-lam-kcn-nhon-trach-2.9614031/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jun 2021 13:29:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900027.redintelligence.net/ Frame 8381 0
150 B 214ms
72ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/viewability?s=80190100077030901060216011631027&a=77b931b2&vb=v
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=80190100077030901060216011631027&a=d3f056bb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900027.redintelligence.net/request_content.php?s=80190100077030901060216011631027&a=d3f056bb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 13:29:09 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK /
eum-eu-west-1.instana.io/ Frame 8C9D 0
190 B 275ms
68ms Ping
text/plain 108.128.183.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-eu-west-1.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.183.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-183-11.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Sun, 20 Jun 2021 13:29:11 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 0

POST
H/1.1 200
OK /
eum-eu-west-1.instana.io/ Frame 8C9D 0
190 B 69ms
69ms Ping
text/plain 108.128.183.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eum-eu-west-1.instana.io/
Requested by: Host: eum.instana.io
URL: https://eum.instana.io/eum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.183.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-183-11.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.parship.ch/lp/v00/aff_c.html?pscode=01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Sun, 20 Jun 2021 13:29:15 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
timing-allow-origin: *
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ads.pubmatic.com/	1970-01-19 19:11:22	Name: KCCH Value: YES
.redintelligence.net/	1970-01-19 21:19:31	Name: 8lcfmzhxc8d6_uid Value: fcca06cd07dfbdfd
.www.conrad.ch/	1970-01-19 19:09:57	Name: __cf_bm Value: 04c0a411ab3f6db18f9117e7ded70eb41805daea-1624195748-1800-AYyd1W/l6VyKu7lxq/LZQCBKN5yao8385C+2OuBYaIK1rjqr1TdbE8e/t25DXOdIcFj94CM2YjEp5MjCBezNEUM=
.parship.ch/	1970-01-20 21:05:07	Name: NVI_FC Value: 01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID_TS%3A1624195748
.www.parship.ch/	1970-01-19 19:09:57	Name: __cf_bm Value: 59754fe63759e7f704212716495bb2f2f2723ab3-1624195748-1800-Ae5p8EuZ+Tdp49HRMswQQ7EK8RzCjKp00XGbcO3LeWX2518+o/kTHV4YcIQ2lCTo5e5TR+8lKz7jbEKvNeMxn4M=
.5giay.vn/	1970-01-19 19:11:22	Name: _gid Value: GA1.2.1027664626.1624195746
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 346432:2246412
.5giay.vn/	1970-01-20 04:31:31	Name: __gads Value: ID=c19f6e0852bb1434-22513bd065c80078:T=1624195746:S=ALNI_MbGd2keY-zBNFzfNIYmzeN_Beq4oA
.awin1.com/	1970-01-19 19:53:07	Name: awpv14114 Value: 414915\|1624195748\|7da8e8c1-d1cb-11eb-9de5-692d0c580a00
.awin1.com/	1970-01-19 19:14:14	Name: awpv11690 Value: 414915\|1624195748\|7da89aa0-d1cb-11eb-baa4-692d0214a5e5
.parship.ch/	1970-01-19 19:20:00	Name: NVI_LC2 Value: 01_120_60078_0001_0199_0001_empty_AF414915ID_GV1624195737.5529584.77792eb0-d1cb-11eb-8acb-00155def0803ID_TS%3A1624195748
.5giay.vn/	1970-01-19 19:09:55	Name: _gat Value: 1
www.conrad.ch/	1970-01-19 19:17:07	Name: CEAffHA Value: AW
.awin1.com/	1970-01-19 19:20:00	Name: awpv11467 Value: 414915\|1624195748\|7da89aa0-d1cb-11eb-8847-692d0cc96476
.5giay.vn/	1970-01-20 12:41:07	Name: _ga Value: GA1.2.1164137160.1624195746
www.conrad.ch/	1970-01-19 19:17:07	Name: HTLP_timestamp Value: 1624195748
.www.5giay.vn/	1969-12-31 23:59:59	Name: 5s_session Value: 93a264e3f4054240665be70b7d3cf977

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.5giay.vn/js/xenforo/xenforo.js?_v=06e28e09(Line 223) Message: XenForo.activate(%o) [object HTMLDocument]
console-api	log	URL: https://www.5giay.vn/js/xenforo/xenforo.js?_v=06e28e09(Line 224) Message: console.groupEnd
console-api	info	URL: https://www.5giay.vn/js/xenforo/xenforo.js?_v=06e28e09(Line 209) Message: XenForo.init() %dms. jQuery %s/%s 42 1.11.0 1.2.8-dev

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5b25d60c8c2a7713c12be55d39aea6b5.safeframe.googlesyndication.com
adnetwork.adasiaholdings.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
as.adlooxtracking.com
banner.5giay.vn
ced.sascdn.com
connect.facebook.net
data00.adlooxtracking.com
eum-eu-west-1.instana.io
eum.instana.io
fonts.googleapis.com
fonts.gstatic.com
hal9000.redintelligence.net
hal900027.redintelligence.net
image6.pubmatic.com
pagead2.googlesyndication.com
pixel.mathtag.com
platform.twitter.com
qc.5giay.vn
scontent-frt3-1.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.xx.fbcdn.net
stats.g.doubleclick.net
syndication.twitter.com
tags.mathtag.com
tpc.googlesyndication.com
trf.greatviews.de
www.5giay.vn
www.awin1.com
www.bandatnendongnai.vn
www.conrad.ch
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.parship.ch
www.zenaps.com
104.111.239.217
104.244.42.200
108.128.183.11
138.201.64.38
139.99.121.205
142.250.184.226
185.29.133.58
185.64.189.115
2.16.186.113
2.18.233.180
2.18.233.201
2001:19f0:7001:44f5:5400:1ff:fe84:87ce
210.211.109.164
210.211.109.167
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:5e41
2606:4700::6810:8860
2606:4700::6810:9cf3
2606:4700::6813:b979
2a00:1450:4001:800::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.241.31.249
47.74.174.177
78.46.111.106
85.239.105.10
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
06a379838288813c47c75235a2ad2172c5b285b216a9063f4bdeac38bb45dde2
08edf588670f7002d869ca63d5cf8edcde6ee5d80db55aad3faf0b942a34f10a
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c087a12ce385494d56568b44022ef463be4176c2c0c137c1f14f1ce15cca3eb
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14ed7b99cfba24944e676afecd7603396c225fbbb961e455eabbbcd3779bec66
18ba50dd291f3d14735bc14a85de7c014ce783c7c85819d7776eab7ed4da203e
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e6a8de32f3549cbc9f1c37130992e3505b087fd5050de4a4378ebb86712e165
1ef88a18c24212613b3ee105a29600d8475f567bd2923ed9da395c5b9323cc22
1fc44e8783752f4dfa6f4cfb77b091c97a37d72ce971bfdb2f63de81ce98a95a
20fa21e201dd39b45d28e9ed67db67201fe061ee659f6cacc7cae18e0662de4c
2221aaf2e39930a9097ec771af514c48bfc2f16af906e6ffd712785e2161e5f2
278a9c0226f322fb6adc8c06e28d79607cc5427729dafbf93c157e2b6b874277
282b202f82ac13a0ff5b11172db4e0c11e1bb413a63ce4bb996e1f8fb3e900dc
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d2b6a37f9c1d811484c53489771fbcf7b7aef4626f6b2165440354299e3ada0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
304e4bd7fcd5c397dc8fee1e3ce90887fabaa87a3de02b27870809da119ba0df
30e921bae19f924397faac9545bd37cd5c72e38798aa7b0235962d5155e77b13
408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116
41cf42a81152182b9a092d827ced8f46e735bb862584096650262796739264d3
4b5f5a8182de38890b86c7bd4ad823e94b36dea8fe12641ebb9c428ae4702e05
4cc4cae0bb86846428c4d8471ec2cd1627e7df4ce1fc4e4bb11c94cf557f9c8e
51ca1acc16710ab33ec2c8e8e7bca4d9fa7b6ee242303c0b4efff9dded5d8aad
5a8f886ffb6afed6497f36d8940ab950086a2eb72fe82266f8ac96acc43a8de2
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
6430e607318020a047d21598ef9b639402b42226d60200b749af9c9fc02d63f5
650538fa16e7c3a06f738327323c1850964b67d03b6c5a825f37780f9d5ff31c
6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167
6d4fe55a88ade6347f8db044c0368e4f23983d19068b354bcf121efbc078ea1a
700ceb670397df8708ef627ba1e6cb378163d2650568572209916b5c9668f7ca
73d6c99c3d1c1a532ec8034450f164809f8e28960456310b9fc74971a199c1c8
7790e40a51728de2f4dab01e8eecee193ec134f1f6ccbb046af0ba261d4316e3
7a97d3aa73aaebbf6aa3b525310b05027369a42101503afb89cb43106c4fe18a
7af81501a5cb5656e36fb8ed0370dbc645b6e16194fc377713109683b248597e
7f548614fb0d9da5631e5b5b7aa8cb239a253863e0f18361efd82f057bc4b258
814e6e15c71b9ac889bb0071660fe580ad88cdeb795784c5e7df88613cf957c8
81c821e746c88b6e6a291ae7e6927f541ec28c0029203cfb4ef0a90cf4deab1c
837bee1681357388d5f361f39b3fb3e5b5e7d6fd87d8e5334efa8c8483a28176
838dae179316cb0fce03a58e751f34805eed97945085342ad0afd7ef81ea692f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8fc687134456044b0e5deb7e0fe9932f3dea3c23fc24152a7d83b7498b99d8da
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
911b52291cf482680811e4da43ff6e00788c3dd3b4b84fcf4183f6224688a886
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
9316d990b7d9d6d6687f3c9843e260fdc6be615beeaeeb756912c51246629164
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
95fcd8743c078a55e9c221483971d598295b18e094a8d8e9d7ba06d1cdd67710
9df364139c1fc38b2caab474d596a71c601c8bf5ee5a3e95681f1b877cd1d4ca
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a68ed74648414bd6a0328d861deda58ef82aac2549b87fa44ba0f45742e018af
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa0e4c5ccd3dcd3d45529ab9fe9753acfdd53b79d4e2d265b54b670e3effaf54
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abaaeb9e82c50bb0ab7ca67bd67bf0aae6df9f70b9f1ce03e47cc5d2086ca563
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac9dc46c9c11a0540dcd4c0e6319293b2d471f1fae4ae8edd5c72679117e0c97
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afd5018c84a870d00826562927d8eceaa4b5424c6517c59e2f02814f5f4e9cf9
b08a2176f5116bf9b7dc33c923711b288b9146d154270b307e1d904dd15bd863
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b286b503fac03a393afcc7af0e0e79e39ddffe9d6f9abe243fa579dcfe5e5292
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b3408a1b744ce1351e9554b861c45480f39e54c059f3b11f4e77f9f13564ba4f
b44e239d7ae95c5f64893652dd5e028ba962e1692cee303a17cafd19c264a5f5
ba053094c3fce9fffd55a81c1ce057ebcca763cbe13ffe53be20346164062136
ba66abe847c018e4a18dfa8861724db879712627f056dd18918b0b04bd4d999d
bc5a52d2374d525bd3a7a6286e7848bf9a4a5d62d92ff24f19063893f065bc71
bcf6e45981cf5196ae6bf70e51b1d559e0a80c024f83146b644360a236b3da23
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c1263a7aec844385314a037cee8d4fc86cd7820731f92fb55ed93dd63184f2f9
c3a4b99db229f080fcdc2f7ff698ab73e83c468916d35c25bd12fc5bd15be1b8
c5097da42217e110eb92e74d0834e712ea85c4795f54125cab5cd1c3d46103f7
c6674a49a1ce0f1098025614223daf6d76c9c32bdfe76b3bcf1134122cb380c2
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
c9dc8ec104c88f02b7247bceccae2023a665855ce57e2a3f714d1dfa62cb2262
cb35afbba43badbe99bdc30448e3f4389c5b55a66888c50b75535e7b01c362b8
cf7d446cd036edf188277a0442d66d7ad979ff9cb38cb79391b20ceeb107e981
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d5a915d50f69eefcd76b8b57ce8b439080c67d16fb77def91b9d6ba947d662c6
d6d32db1c76006216ef7c7cfcd03fbb81fedc45b1bbe8f422ac3575c8b88e571
d72fe48350b82bd31bd6c6b8e90811d971f483c9722af13005cb7539a0c0a2fa
d9f42899eda68ee014cf0cc8c0eede9a2373c880370593e560d4b783d300aa83
dc6a65d3c26abc69d593f853316df1541fd847ea35d6c8ac8ae36992fb8adb7e
dd216406fd85fbc36271fb0b5eff74d4d5cf4c16ab5e4dff460725d5f308d581
ddccdf1a8d2226cf86856b2bf9e3b5a6788a2896cc8aabb9388dd79ec38cab50
ddd96a77c438ecbb6013cbff60c420e79f5c9beb851333474686e3366308cef0
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e2a0c03792f12617d0b0e0478a19bb6c24ae3878c28665b94959313a0d86b3e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e44c51c44d98e56e70bfdd2a2a9fe73171015812ac7cdb4ce599b66f92b8fde1
e52aa66ea29c95d331ce0ee4ee3987937bfbe49a2adecca66ecc021a6e90a803
e54682a356915c846c7e786b7afd6d7e4dcb5ab7e8d8a77f27d0f11e6dee540a
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f47c6b0310ec5a450b4f2a9789e08b673bd6d9e22fe39fbf4011c1dff200cd70
f6de8a0ceea88b4bd55779cf77e6a60f94a2d5ccb0203537859d54b0e44f4ea5
f7bcc80a3c33950f21b535283891256ac63e657ae7660f9ef0f6b7898d9c95de
f818ad01616fcee8e2486a56ac41a4d8de9a569898af6e888432d954be9c951a
f85f0fea8a806a30c7f4ac2750cec795f7ecebc34a7876593ae1231161cc6b86
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
f9e45836d61aea9666f3a5c4c356fa4e5e757bdeaaa6138018feea1a5e1b5f21
fab9c53c7aa7bf77de0c5c4bdde77e3656257834222167298826edb91f27db39
fb3fa445a14328f3670897ce069c60921549c6d6213c3b6feec5763cb1447c60
fb505e91c4af76a9e411b68657ae26ca6a24f009e1600feca40d27e3646ce74f
fb96f297567f4aa0b829fb9774679b16fe9eca4bbca718bee00a935e4f0124bb
fbdb1a21b9aaba55221dd436f153fdd5cef1c5d66d50a3c48e87201c127768ce
ffbae82bacf1c3222a9cbde314e23b598fb0332e163206925d728a40c99f4e7d

www.5giay.vn Open in urlscan Pro 210.211.109.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

150 Requests

99 %HTTPS

55 %IPv6

27 Domains

42 Subdomains

38 IPs

8 Countries

2141 kBTransfer

5061 kBSize

17 Cookies

12 Outgoing links

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.5giay.vn Open in urlscan Pro
210.211.109.164 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

99 %
HTTPS

55 %
IPv6

27
Domains

42
Subdomains

38
IPs

8
Countries

2141 kB
Transfer

5061 kB
Size

17
Cookies

150 HTTP transactions
2 data transactions