www.tuhocielts.online Open in urlscan Pro
3.1.17.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tinyurl.com/4yuzpyhc?fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8
Effective URL:
https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlzn...
Submission: On April 12 via manual (April 12th 2023, 4:18:25 pm UTC) from IN — Scanned from DE

Summary HTTP 46 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 16 domains to perform 46 HTTP transactions. The main IP is 3.1.17.18, located in Singapore and belongs to AMAZON-02, US. The main domain is www.tuhocielts.online.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on January 23rd 2023. Valid for: 3 months.

This is the only time www.tuhocielts.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:1e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.1.17.18 3.1.17.18	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2400:52e0:1e0... 2400:52e0:1e00::863:1	200325 (BUNNYCDN) (BUNNYCDN)
4	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	52.76.186.82 52.76.186.82	16509 (AMAZON-02) (AMAZON-02)
2 5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2600:9000:225... 2600:9000:2250:5200:1c:1cc7:740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	173.231.16.77 173.231.16.77	18450 (WEBNX) (WEBNX)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2600:9000:24a... 2600:9000:24a9:8a00:d:3686:78c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
46	19

1 2606:4700:10::ac43:1e1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.1.17.18 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-17-18.ap-southeast-1.compute.amazonaws.com

www.tuhocielts.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::863:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

w.ladicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.76.186.82 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-186-82.ap-southeast-1.compute.amazonaws.com

a.ladipage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2250:5200:1c:1cc7:740:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.pushdi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.16.77 (United States)

ASN18450 (WEBNX, US)
PTR: 173-231-16-77.static.webnx.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24a9:8a00:d:3686:78c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

api-v2.pushdi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2284	21 KB
6	google.de www.google.de — Cisco Umbrella Rank: 5216	906 B
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	826 B
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 100	7 KB
4	pushdi.com sdk.pushdi.com — Cisco Umbrella Rank: 286349 api-v2.pushdi.com — Cisco Umbrella Rank: 615821	45 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	200 KB
3	gstatic.com fonts.gstatic.com	89 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	216 B
2	ladipage.com a.ladipage.com — Cisco Umbrella Rank: 83374	632 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	177 KB
2	ladicdn.com w.ladicdn.com — Cisco Umbrella Rank: 50731	152 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2603	104 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
1	tuhocielts.online www.tuhocielts.online woznve.tuhocielts.online Failed	11 KB
1	tinyurl.com 1 redirects tinyurl.com — Cisco Umbrella Rank: 17321	633 B
46	16

	Domain	Requested by
6	www.google.de	www.tuhocielts.online
6	www.google.com	2 redirects www.tuhocielts.online
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.tuhocielts.online
5	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com
4	www.googletagmanager.com	www.tuhocielts.online www.googletagmanager.com
3	sdk.pushdi.com	www.googletagmanager.com sdk.pushdi.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.googleadservices.com	www.googletagmanager.com
2	www.facebook.com	www.tuhocielts.online
2	region1.google-analytics.com	www.googletagmanager.com
2	a.ladipage.com	w.ladicdn.com
2	connect.facebook.net	www.tuhocielts.online connect.facebook.net
2	w.ladicdn.com	www.tuhocielts.online
1	api-v2.pushdi.com	sdk.pushdi.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	api.ipify.org	www.googletagmanager.com
1	fonts.googleapis.com	www.tuhocielts.online
1	www.tuhocielts.online
1	tinyurl.com	1 redirects
0	woznve.tuhocielts.online Failed	connect.facebook.net
46	20

This site contains links to these domains. Also see Links.

Domain
m.me
drive.google.com
docs.google.com

Subject Issuer	Validity	Valid
www.tuhocielts.online ZeroSSL RSA Domain Secure Site CA	`2023-01-23` - `2023-04-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
w.ladicdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-10` - `2024-03-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-20` - `2023-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
a.ladipage.com Amazon RSA 2048 M02	`2023-02-02` - `2023-07-16`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.pushdi.com Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8
Frame ID: E94E80C64FA043008D879DDEC08204D9
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trọn bộ tài liệu IELTS từ 0 - 7.5+

Page URL History Show full URLs

https://tinyurl.com/4yuzpyhc?fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8 HTTP 301
https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2w... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

46
Requests

93 %
HTTPS

79 %
IPv6

16
Domains

20
Subdomains

19
IPs

5
Countries

707 kB
Transfer

1938 kB
Size

17
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://m.me/universal.edu.vn?utm_source=facebook&utm_medium=btclick&utm_campaign=bt01&utm_id=bt01
Title: 💯 [FREE] - Học thử IELTS miễn phí

Search URL Search Domain Scan URL

URL: https://drive.google.com/file/d/1GrG-lHC9GqrCc3KdXa45faF5bbAh2aWi/view?usp=sharing&utm_source=seeding&utm_medium=postd&utm_campaign=cpc
Title: Bộ Cam IELTS 17 (Mới - Bản đẹp)

Search URL Search Domain Scan URL

URL: http://m.me/universal.edu.vn?utm_source=facebook&utm_medium=btclick&utm_campaign=bt02&utm_id=bt02
Title: 💯 [FREE] - Học thử mất gốc

Search URL Search Domain Scan URL

URL: https://drive.google.com/drive/folders/13KmEfA9BIvwbyAHcyfXb_tUexxJ1pEjJ?utm_source=facebook&utm_medium=btclick&utm_campaign=bt05&utm_id=bt05
Title: Tổng hợp full từ vựng

Search URL Search Domain Scan URL

URL: https://docs.google.com/document/d/1ViEHNjtbrpQqT_Bo0fqDR3_dOT5Llf35KIAR99XXuyc/edit?utm_source=facebook&utm_medium=btclick&utm_campaign=bt06&utm_id=bt06
Title: [FULL] bộ đề IELTS Writing 2021

Search URL Search Domain Scan URL

URL: https://drive.google.com/drive/folders/1pDZfvD-pZTCWt-w6o1bUWv5zIMCJMkrR?usp=sharing&utm_source=seeding&utm_medium=postd&utm_campaign=cpc
Title: FULL BỘ BÀI MẪU WRITING TASK 1 + 2 (Mới)

Search URL Search Domain Scan URL

URL: https://m.me/571979499642632?ref=Gioithieusach&utm_source=seeding&utm_medium=postd&utm_campaign=cpc
Title: Bộ sách tự học IELTS (520k -> 390k)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tinyurl.com/4yuzpyhc?fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8 HTTP 301
https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827849146/?random=877778059&cv=11&fst=1681316300885&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&label=87scCLeB_MMDELrz34oD&hn=www.googleadservices.com&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&value=0&auid=885929225.1681316300&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=zdk2ZJZt0OPrBILrgqAK&sscte=1&crd=&eitems=ChAI8K3ZoQYQ7OXax5i00PQBEh0AlJ39eReZ1ZmbhjAh2BCugGXz7zRrm8d7W6cObQ&pscrd=EkxDaEFJOEszWm9RWVFuc215Z09QSXdMUk9FaVVBM3ltMGJteHpFWERXWEdfdTcyejhzNlhyVWp2R3p0dTV2dUdnN1BVbGtmbzFQMTFJGlhDaEVJOEszWm9RWVFtcjc2NGVQM3MtdXJBUkl0QUxaYzJhN2l3eG9IOGYzTm5FeVdENm1TbnFVN0hBdlc0NXJPRWJ6X09XYWlnVmNQdFMwZW1yaW5ZNUF1 HTTP 302
https://www.google.com/pagead/1p-conversion/827849146/?random=877778059&cv=11&fst=1681316300885&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&label=87scCLeB_MMDELrz34oD&hn=www.googleadservices.com&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&value=0&auid=885929225.1681316300&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEszWm9RWVFuc215Z09QSXdMUk9FaVVBM3ltMGJteHpFWERXWEdfdTcyejhzNlhyVWp2R3p0dTV2dUdnN1BVbGtmbzFQMTFJGlhDaEVJOEszWm9RWVFtcjc2NGVQM3MtdXJBUkl0QUxaYzJhN2l3eG9IOGYzTm5FeVdENm1TbnFVN0hBdlc0NXJPRWJ6X09XYWlnVmNQdFMwZW1yaW5ZNUF1&is_vtc=1&ocp_id=zdk2ZJZt0OPrBILrgqAK&cid=CAQSKQBygQiD3tJGn87GSQJXy5bN5vv9nM2whqyO9YjcjdaFBRU6-ZsJzK9f&eitems=ChAI8K3ZoQYQ7OXax5i00PQBEh0AlJ39edcXmUlFYzXTLr220l6RErVFUgw0Cf2f7w&random=3101006889 HTTP 302
https://www.google.de/pagead/1p-conversion/827849146/?random=877778059&cv=11&fst=1681316300885&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&label=87scCLeB_MMDELrz34oD&hn=www.googleadservices.com&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&value=0&auid=885929225.1681316300&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEszWm9RWVFuc215Z09QSXdMUk9FaVVBM3ltMGJteHpFWERXWEdfdTcyejhzNlhyVWp2R3p0dTV2dUdnN1BVbGtmbzFQMTFJGlhDaEVJOEszWm9RWVFtcjc2NGVQM3MtdXJBUkl0QUxaYzJhN2l3eG9IOGYzTm5FeVdENm1TbnFVN0hBdlc0NXJPRWJ6X09XYWlnVmNQdFMwZW1yaW5ZNUF1&is_vtc=1&ocp_id=zdk2ZJZt0OPrBILrgqAK&cid=CAQSKQBygQiD3tJGn87GSQJXy5bN5vv9nM2whqyO9YjcjdaFBRU6-ZsJzK9f&eitems=ChAI8K3ZoQYQ7OXax5i00PQBEh0AlJ39edcXmUlFYzXTLr220l6RErVFUgw0Cf2f7w&random=3101006889&ipr=y&prhg=0

Request Chain 43

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827849146/?random=1385677016&cv=11&fst=1681316300876&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&label=J-aCCPP1-8MDELrz34oD&hn=www.googleadservices.com&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&value=0&auid=885929225.1681316300&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=zdk2ZNpth47rBO3hhrgK&sscte=1&crd=&eitems=ChAI8K3ZoQYQ7OXax5i00PQBEh0AlJ39ea7rpDAz6zEUGY1y8nTE00u4sJk-ooJYgw&pscrd=EkxDaEFJOEszWm9RWVFuc215Z09QSXdMUk9FaVVBM3ltMGJteHpFWERXWEdfdTcyejhzNlhyVWp2R3p0dTV2dUdnN1BVbGtmbzFQMTFJGlhDaEVJOEszWm9RWVFtcjc2NGVQM3MtdXJBUkl0QUxaYzJhNGtaazdEWnh0RGJwYktST3VFZVJlOHBDeWI2MjRXWm9zZThKZF9HVHU0OThSbDB1UTRDT0Vw HTTP 302
https://www.google.com/pagead/1p-conversion/827849146/?random=1385677016&cv=11&fst=1681316300876&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&label=J-aCCPP1-8MDELrz34oD&hn=www.googleadservices.com&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&value=0&auid=885929225.1681316300&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEszWm9RWVFuc215Z09QSXdMUk9FaVVBM3ltMGJteHpFWERXWEdfdTcyejhzNlhyVWp2R3p0dTV2dUdnN1BVbGtmbzFQMTFJGlhDaEVJOEszWm9RWVFtcjc2NGVQM3MtdXJBUkl0QUxaYzJhNGtaazdEWnh0RGJwYktST3VFZVJlOHBDeWI2MjRXWm9zZThKZF9HVHU0OThSbDB1UTRDT0Vw&is_vtc=1&ocp_id=zdk2ZNpth47rBO3hhrgK&cid=CAQSKQBygQiDqYmZtOo-FHpCSiCNAxFImdQNEsjQl9zZCC5S7z78s70IkipA&eitems=ChAI8K3ZoQYQ7OXax5i00PQBEh0AlJ39eW27pvQv054A-lZRQQhCosCsd2E6c5OYKQ&random=1305606475 HTTP 302
https://www.google.de/pagead/1p-conversion/827849146/?random=1385677016&cv=11&fst=1681316300876&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&label=J-aCCPP1-8MDELrz34oD&hn=www.googleadservices.com&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&value=0&auid=885929225.1681316300&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEszWm9RWVFuc215Z09QSXdMUk9FaVVBM3ltMGJteHpFWERXWEdfdTcyejhzNlhyVWp2R3p0dTV2dUdnN1BVbGtmbzFQMTFJGlhDaEVJOEszWm9RWVFtcjc2NGVQM3MtdXJBUkl0QUxaYzJhNGtaazdEWnh0RGJwYktST3VFZVJlOHBDeWI2MjRXWm9zZThKZF9HVHU0OThSbDB1UTRDT0Vw&is_vtc=1&ocp_id=zdk2ZNpth47rBO3hhrgK&cid=CAQSKQBygQiDqYmZtOo-FHpCSiCNAxFImdQNEsjQl9zZCC5S7z78s70IkipA&eitems=ChAI8K3ZoQYQ7OXax5i00PQBEh0AlJ39eW27pvQv054A-lZRQQhCosCsd2E6c5OYKQ&random=1305606475&ipr=y&prhg=0

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tuhocielts.online/
Redirect Chain

https://tinyurl.com/4yuzpyhc?fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8
https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8

39 KB
11 KB

2402ms
242ms

Document
text/html

3.1.17.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.1.17.18 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-1-17-18.ap-southeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 98843b97992f3c5534405a9890b7686f3bc1c88cbc802bc5367145457240ef95

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 16:18:19 GMT
server: openresty
statuscode: 200
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
cf-cache-status: DYNAMIC
cf-ray: 7b6cc8c5ab109241-FRA
content-type: text/html; charset=UTF-8
date: Wed, 12 Apr 2023 16:18:17 GMT
location: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8
referrer-policy: unsafe-url
server: cloudflare
x-content-type-options: nosniff
x-tinyurl-redirect: eyJpdiI6IlpFbVNsZnltR0kveDdnZXRHYUFrdXc9PSIsInZhbHVlIjoiUE9EYWtDS0d4d3RCcldUcUVKbDFmcmhXeTkzV3N5bUJiWUxhQWZtVkdlc0p1RmRka3hkMXE1dzM3d1EzalNBYVFTQ3hJZjJXUXlCVzR0Y3dKQng0eXc9PSIsIm1hYyI6IjExNGFiYzhlOGZkNDk4MTE0ZGE3OTM1ZDVjOTgzNTMyZmZjMWVmN2Q5ODJhNjBkNWFlNDk1OGRiMGQ0MzZhZjIiLCJ0YWciOiIifQ==
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 141ms
50ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap

Requested by

Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d8cb717fcd7de5bcdd0d838f52d6e2f28e38be5df80e62020a279e14a206c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 16:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 16:18:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 16:18:19 GMT

GET
H2 200 ladipagev3.min.js Show response
w.ladicdn.com/v2/source/ 312 KB
79 KB 175ms
52ms Script
text/javascript 2400:52e0:1e00::863:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1680684269310
Requested by: Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::863:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-863 /
Resource Hash: 50ce5d233dd40b0fa1ca4a7db4b20e1feb6f6ac0328c1681a586bc439e8121d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 16:18:19 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: NY-267
cdn-cachedat: 04/05/2023 09:02:47
cdn-pullzone: 575124
last-modified: Wed, 05 Apr 2023 08:49:23 GMT
server: BunnyCDN-DE1-863
cdn-fileserver: 562
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"642d3613-4e193"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cache-control: public, max-age=31919000
cdn-requestid: cc144826ff7e42fba335a679ffccc3f8
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
41 KB 145ms
54ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MK254QC

Requested by

Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08ea21deb9b290f771ea45c53ac60e9cac4c48ff893647bcc4b9caf980411c69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 16:18:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41243
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Apr 2023 16:18:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 228 KB
80 KB 194ms
104ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WDWCTX

Requested by

Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

202932863cd6c6285f4ecf0ef7e570e40db4b994805b6b0787f1e0943b48612a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 16:18:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81990
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Apr 2023 16:18:19 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 135ms
40ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Apr 2023 16:18:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: l0pAaa30DuV6BfpDq5Xnkww0m2/czw+eJ59GyLNWsUrzp+zVmqTro04H6be5gwZh1A3tqwJyz8ioCa8jtihcQQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 129ms
40ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tuhocielts.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 107235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:04 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 31 KB
31 KB 184ms
95ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tuhocielts.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:24:14 GMT
x-content-type-options: nosniff
age: 104045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31320
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 11:24:14 GMT

GET
H2 200 4515143625253994 Show response
connect.facebook.net/signals/config/ 513 KB
149 KB 189ms
189ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/4515143625253994?v=2.9.101&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

218b694037da2533834a6a40746bb0cb11c9a997aec719f9a4d92b4ef3783e11

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Apr 2023 16:18:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: XxG8cvlQBoKCr7k/MD/K0f/r1ADp2XxaxRK9stn+ApKWi9wYrTtQZ35rbKi/3NzWdePYSPjc8G5a4IjMPaoUzw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 62ms
60ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6SXZ7Q75S2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK254QC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

239d8adc3cdef5f9881dd851ff3f71895a945e45acc622bd4d207fe5e8e08d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 16:18:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80656
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Apr 2023 16:18:19 GMT

GET
H2 200 image_2021-08-28_201056-20210828131057.png
w.ladicdn.com/s450x450/5e7a07968739d716a5a7ab0d/ 73 KB
73 KB 43ms
43ms Image
image/png 2400:52e0:1e00::863:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s450x450/5e7a07968739d716a5a7ab0d/image_2021-08-28_201056-20210828131057.png
Requested by: Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::863:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-863 /
Resource Hash: d26e2b006ee263914f71c7fd9615872dd5768736b80d262a52946dffb5fa53ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 16:18:19 GMT
cdn-edgestorageid: 860
perma-cache: HIT
cdn-storageserver: NY-346
cdn-cachedat: 12/29/2022 09:28:20
cdn-pullzone: 575124
content-length: 74419
last-modified: Fri, 14 Jan 2022 07:50:37 GMT
server: BunnyCDN-DE1-863
cdn-fileserver: 205
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "61e12b4d-122b3"
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 0c090a30da1b1ba7416df7a8a4dd1880
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

OPTIONS
H2 200 event
a.ladipage.com/ 0
0 767ms
246ms Preflight
application/json 52.76.186.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.76.186.82 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-76-186-82.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Access-Control-Request-Method: POST
Origin: https://www.tuhocielts.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 12 Apr 2023 16:18:20 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 event Show response
a.ladipage.com/ 106 B
632 B 250ms
249ms XHR
text/plain 52.76.186.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1680684269310

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.76.186.82 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-76-186-82.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

LADI_CLIENT_ID: 1b8c4a34-906b-453b-5767-c8efe69d519c
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT: 0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
LADI_CAMP_NAME
Content-Type: application/json
accept-language: de-DE,de;q=0.9
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW: 0
Referer: https://www.tuhocielts.online/
LADI_PAGE_VIEW: 1
LADI_CAMP_TYPE

Response headers

date: Wed, 12 Apr 2023 16:18:20 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-827849146/ 3 KB
1 KB 174ms
86ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-827849146/?random=1681316299866&cv=11&fst=1681316299866&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&hn=www.googleadservices.com&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&auid=885929225.1681316300&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WDWCTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

510144d4e3e764af9902ea8cdeda032e61eb2db0c800f601e32be7c6e08d979c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1333
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/827849146/ 3 KB
1 KB 267ms
179ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827849146/?random=1681316299870&cv=11&fst=1681316299870&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&hn=www.googleadservices.com&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&auid=885929225.1681316300&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WDWCTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b389e5b1dccf10b0a561cb92b75940089b4502907c6e72d64625aceaa7e6474e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 390ms
39ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WDWCTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 16:05:09 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 791
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 12 Apr 2023 18:05:09 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/827849146/ 3 KB
2 KB 171ms
85ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827849146/?random=1681316299871&cv=11&fst=1681316299871&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&hn=www.googleadservices.com&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&auid=885929225.1681316300&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WDWCTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

913009a37ebf08ca0834322f81da8331a6a9601f6b1b3d8f1347ea1a1ca88c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 356a192b-7913-324c-9457-4d18c28d46e6.js Show response
sdk.pushdi.com/js/generated/ 2 KB
2 KB 588ms
420ms Script
application/javascript 2600:9000:2250:5200:1c:1cc7:740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.pushdi.com/js/generated/356a192b-7913-324c-9457-4d18c28d46e6.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WDWCTX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5200:1c:1cc7:740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c544a2f507f003ed941027c62aef8f39d9c3720843b48773a5a6d9473ed00f7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 16:18:21 GMT
x-amz-version-id: 4Xm4u5CzFseOdL8MwxUE__Ahossp3cup
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
last-modified: Thu, 04 Nov 2021 07:05:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "d23aa3f86cc0fada7ff679cf6792f9eb"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
cache-control: no-cache
content-length: 2024
x-amz-cf-id: h40vBAw_3c3FvZ-2trtdycNc5vAVpuD0hWy9U8iJvvWJQ5cq1p9mdw==

GET
H2 200 / Show response
api.ipify.org/ 29 B
104 B 952ms
249ms Script
application/javascript 173.231.16.77
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=getIP
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WDWCTX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.16.77 , United States, ASN18450 (WEBNX, US),
Reverse DNS: 173-231-16-77.static.webnx.com
Software: /
Resource Hash: dc6f762f62dbfce3c08d3aec583e42296ef032bc9161fb63784c26184faa2f94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 16:18:20 GMT
content-length: 29
vary: Origin
content-type: application/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 146ms
50ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6SXZ7Q75S2&gtm=45je34a0&_p=1504919734&cid=363913181.1681316300&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681316299&sct=1&seg=0&dl=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&dt=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6SXZ7Q75S2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuhocielts.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 14 KB
14 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tuhocielts.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:53:58 GMT
x-content-type-options: nosniff
age: 105861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14040
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:53:58 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/827849146/ 42 B
455 B 140ms
51ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/827849146/?random=1681316299871&cv=11&fst=1681315200000&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&fmt=3&is_vtc=1&random=3274438153&rmt_tld=0&ipr=y

Requested by

Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/827849146/ 42 B
108 B 149ms
60ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/827849146/?random=1681316299871&cv=11&fst=1681315200000&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&fmt=3&is_vtc=1&random=3274438153&rmt_tld=1&ipr=y

Requested by

Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/AW-827849146/ 42 B
108 B 140ms
51ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-827849146/?random=1681316299866&cv=11&fst=1681315200000&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&fmt=3&is_vtc=1&random=905719490&rmt_tld=0&ipr=y

Requested by

Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/AW-827849146/ 42 B
455 B 148ms
60ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-827849146/?random=1681316299866&cv=11&fst=1681315200000&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&fmt=3&is_vtc=1&random=905719490&rmt_tld=1&ipr=y

Requested by

Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST events
woznve.tuhocielts.online/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 140ms
41ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4515143625253994&ev=PageView&dl=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&rl=&if=false&ts=1681316300079&sw=1600&sh=1200&v=2.9.101&r=stable&ec=0&o=30&cs_est=true&fbc=fb.1.1681316300074.iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&fbp=fb.1.1681316300075.972393061&eid=ob3_plugin-set_0f87943039373285e2d8a070ef4e8c28240b4daf6917c6436fcafcf872c77a08&it=1681316299763&coo=false&rqm=GET

Requested by

Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Apr 2023 16:18:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/827849146/ 42 B
108 B 55ms
54ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/827849146/?random=1681316299870&cv=11&fst=1681315200000&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&fmt=3&is_vtc=1&random=1686103408&rmt_tld=0&ipr=y

Requested by

Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/827849146/ 42 B
108 B 60ms
60ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/827849146/?random=1681316299870&cv=11&fst=1681315200000&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&fmt=3&is_vtc=1&random=1686103408&rmt_tld=1&ipr=y

Requested by

Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 48ms
47ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1504919734&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&ul=en-us&de=UTF-8&dt=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=809648441&gjid=1392872899&cid=363913181.1681316300&tid=UA-214301920-18&_gid=249759236.1681316300&_r=1&_slc=1&gtm=45He34a0n815WDWCTX&z=45739366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tuhocielts.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuhocielts.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 147ms
48ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-214301920-18&cid=363913181.1681316300&jid=809648441&gjid=1392872899&_gid=249759236.1681316300&_u=YADAAEAAAAAAACAAI~&z=1172886093

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tuhocielts.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 12 Apr 2023 16:18:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuhocielts.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk-https.js Show response
sdk.pushdi.com/js/ 151 KB
37 KB 49ms
49ms Script
application/javascript 2600:9000:2250:5200:1c:1cc7:740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.pushdi.com/js/sdk-https.js
Requested by: Host: sdk.pushdi.com
URL: https://sdk.pushdi.com/js/generated/356a192b-7913-324c-9457-4d18c28d46e6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5200:1c:1cc7:740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96dd8b78209ba9ddb3aecab394a6094f85792b09b285eb8294e7d1a9beb7130c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 02:37:18 GMT
x-amz-version-id: 3dX3kY4m6h_jmXmllQo4VWfLCwrZT4.n
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 02:32:44 GMT
server: AmazonS3
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
etag: W/"8b5947cf131907d3dbb8e471da891f74"
age: 49263
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -GjmUexRvA8oEns7KpPAHlOe7YAhj1GHpBgAJ-oBwBtnR1jSnKQfog==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 78ms
76ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-214301920-18&cid=363913181.1681316300&jid=809648441&_u=YADAAEAAAAAAACAAI~&z=952614492

Requested by

Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 77ms
77ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-214301920-18&cid=363913181.1681316300&jid=809648441&_u=YADAAEAAAAAAACAAI~&z=952614492

Requested by

Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.css
sdk.pushdi.com/css/ 24 KB
5 KB 43ms
42ms Stylesheet
text/css 2600:9000:2250:5200:1c:1cc7:740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.pushdi.com/css/widget.css
Requested by: Host: sdk.pushdi.com
URL: https://sdk.pushdi.com/js/sdk-https.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5200:1c:1cc7:740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4cf7dfadf62141d974da4d1da09b981125df04d9592442c393a135cea4ffd94d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:40:31 GMT
x-amz-version-id: tAfS5726Ou.13d_STGhE1F9PhQ3plvj5
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:29:02 GMT
server: AmazonS3
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
etag: W/"fe8908b81c93e066e548b913eeef95e6"
age: 38270
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: i4NnyFr_6kpW9qiWTv19K1SrH7NRYBNOxXdW5TMnognB9sriPk8iWw==

POST
H2 200 subscribe Show response
api-v2.pushdi.com/v2/ 119 B
476 B 1286ms
829ms Fetch
application/json 2600:9000:24a9:8a00:d:3686:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v2.pushdi.com/v2/subscribe
Requested by: Host: sdk.pushdi.com
URL: https://sdk.pushdi.com/js/sdk-https.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24a9:8a00:d:3686:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 / Express
Resource Hash: d5526c59194f35733dfb85ebf80de1d4a12258b84750dba92d2ec5f440f0ae1d

Request headers

Referer: https://www.tuhocielts.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 12 Apr 2023 16:18:21 GMT
via: 1.1 901cac3bf821e4f6dea13c04dae17082.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: ATL59-P1
etag: W/"77-OU2j5WUIMCEmg6kCLX/10QvoQhs"
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-token
content-length: 119
x-amz-cf-id: r-1iz7iR3J1779nc8QbvGdBqtLVWoxpLGWp0KIXSTk9FOKjSDNzANg==

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 41ms
40ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4515143625253994&ev=Microdata&dl=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&rl=&if=false&ts=1681316300582&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B%22%2C%22meta%3Akeywords%22%3A%22T%C3%A0i%20li%E1%BB%87u%20IELTS%2C%20t%E1%BB%B1%20h%E1%BB%8Dc%20IELTS%2C%20luy%E1%BB%87n%20thi%20IELTS%2C%20t%E1%BB%95ng%20h%E1%BB%A3p%20IELTS%2C%20s%C3%A1ch%20IELTS%22%2C%22meta%3Adescription%22%3A%22T%E1%BB%95ng%20h%E1%BB%A3p%20t%C3%A0i%20li%E1%BB%87u%20IELTS%2C%20t%E1%BB%B1%20h%E1%BB%8Dc%20IELTS%2C%20t%E1%BB%B1%20luy%E1%BB%87n%20thi%20IELTS%2C%20s%C3%A1ch%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.tuhocielts.online%22%2C%22og%3Atitle%22%3A%22Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.ladipage.net%2F5e7a07968739d716a5a7ab0d%2Fimage_2021-08-28_201056-20210828131057.png%22%2C%22og%3Adescription%22%3A%22T%E1%BB%95ng%20h%E1%BB%A3p%20t%C3%A0i%20li%E1%BB%87u%20IELTS%2C%20t%E1%BB%B1%20h%E1%BB%8Dc%20IELTS%2C%20t%E1%BB%B1%20luy%E1%BB%87n%20thi%20IELTS%2C%20s%C3%A1ch%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.101&r=stable&ec=1&o=30&fbc=fb.1.1681316300074.iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&fbp=fb.1.1681316300075.972393061&eid=ob3_plugin-set_5b77950454bb242803e2e3ceaf77447e1539a9ddedb68e16a6deaecc1b5a113f&it=1681316299763&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Apr 2023 16:18:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1504919734&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&ul=en-us&de=UTF-8&dt=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=363913181.1681316300&tid=UA-214301920-18&_gid=249759236.1681316300&gtm=45He34a0n815WDWCTX&cd1=80.255.7.103&z=1008727998

Requested by

Host: www.tuhocielts.online
URL: https://www.tuhocielts.online/?utm_source=seeding&utm_medium=postd&utm_campaign=cpc&fbclid=iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79989
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 55ms
55ms Image
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=7225765&rv=34a0&cid=GTM-MK254QC&l=GTM-MK254QC.L3122.S1.Y6.E1075.TC1.HTC0~gtm.init.S0.E3~gtm.js.S0.E3.TS5gaawc.TE0~gtm.dom.S0.E1~gtm.scrollDepth.S0.E7~*.S0.E4~gtm.load.S0.E0~gtm.init_consent.S1.E4&qi=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 16:18:20 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/827849146/ 3 KB
2 KB 176ms
81ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/827849146/?random=1681316300876&cv=11&fst=1681316300876&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&label=J-aCCPP1-8MDELrz34oD&hn=www.googleadservices.com&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&value=0&bttype=purchase&auid=885929225.1681316300&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WDWCTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

285a968a2efb7866e6ab8dfe7a50ac148fdac80c518d888becc49649bd8cce09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1722
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/827849146/ 3 KB
2 KB 169ms
80ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/827849146/?random=1681316300885&cv=11&fst=1681316300885&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&label=87scCLeB_MMDELrz34oD&hn=www.googleadservices.com&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&value=0&bttype=purchase&auid=885929225.1681316300&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WDWCTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

6c9c3feed9f914201fb57c17e00234099555b569b8d02459c136232cf224c891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1729
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 42ms
42ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1504919734&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&ul=en-us&de=UTF-8&dt=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll50%25&ea=undefined&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=363913181.1681316300&tid=UA-214301920-18&_gid=249759236.1681316300&gtm=45He34a0n815WDWCTX&z=1795011277

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79989
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 42ms
42ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1504919734&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&ul=en-us&de=UTF-8&dt=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll100%25&ea=undefined&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=363913181.1681316300&tid=UA-214301920-18&_gid=249759236.1681316300&gtm=45He34a0n815WDWCTX&z=1357817939

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79989
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/827849146/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827849146/?random=877778059&cv=11&fst=1681316300885&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.t...
https://www.google.com/pagead/1p-conversion/827849146/?random=877778059&cv=11&fst=1681316300885&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3...
https://www.google.de/pagead/1p-conversion/827849146/?random=877778059&cv=11&fst=1681316300885&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3F...

42 B
64 B

78ms
78ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/827849146/?random=877778059&cv=11&fst=1681316300885&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&label=87scCLeB_MMDELrz34oD&hn=www.googleadservices.com&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&value=0&auid=885929225.1681316300&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEszWm9RWVFuc215Z09QSXdMUk9FaVVBM3ltMGJteHpFWERXWEdfdTcyejhzNlhyVWp2R3p0dTV2dUdnN1BVbGtmbzFQMTFJGlhDaEVJOEszWm9RWVFtcjc2NGVQM3MtdXJBUkl0QUxaYzJhN2l3eG9IOGYzTm5FeVdENm1TbnFVN0hBdlc0NXJPRWJ6X09XYWlnVmNQdFMwZW1yaW5ZNUF1&is_vtc=1&ocp_id=zdk2ZJZt0OPrBILrgqAK&cid=CAQSKQBygQiD3tJGn87GSQJXy5bN5vv9nM2whqyO9YjcjdaFBRU6-ZsJzK9f&eitems=ChAI8K3ZoQYQ7OXax5i00PQBEh0AlJ39edcXmUlFYzXTLr220l6RErVFUgw0Cf2f7w&random=3101006889&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/827849146/?random=877778059&cv=11&fst=1681316300885&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&label=87scCLeB_MMDELrz34oD&hn=www.googleadservices.com&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&value=0&auid=885929225.1681316300&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEszWm9RWVFuc215Z09QSXdMUk9FaVVBM3ltMGJteHpFWERXWEdfdTcyejhzNlhyVWp2R3p0dTV2dUdnN1BVbGtmbzFQMTFJGlhDaEVJOEszWm9RWVFtcjc2NGVQM3MtdXJBUkl0QUxaYzJhN2l3eG9IOGYzTm5FeVdENm1TbnFVN0hBdlc0NXJPRWJ6X09XYWlnVmNQdFMwZW1yaW5ZNUF1&is_vtc=1&ocp_id=zdk2ZJZt0OPrBILrgqAK&cid=CAQSKQBygQiD3tJGn87GSQJXy5bN5vv9nM2whqyO9YjcjdaFBRU6-ZsJzK9f&eitems=ChAI8K3ZoQYQ7OXax5i00PQBEh0AlJ39edcXmUlFYzXTLr220l6RErVFUgw0Cf2f7w&random=3101006889&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/827849146/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827849146/?random=1385677016&cv=11&fst=1681316300876&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
https://www.google.com/pagead/1p-conversion/827849146/?random=1385677016&cv=11&fst=1681316300876&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%...
https://www.google.de/pagead/1p-conversion/827849146/?random=1385677016&cv=11&fst=1681316300876&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3...

42 B
64 B

54ms
53ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/827849146/?random=1385677016&cv=11&fst=1681316300876&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&label=J-aCCPP1-8MDELrz34oD&hn=www.googleadservices.com&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&value=0&auid=885929225.1681316300&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEszWm9RWVFuc215Z09QSXdMUk9FaVVBM3ltMGJteHpFWERXWEdfdTcyejhzNlhyVWp2R3p0dTV2dUdnN1BVbGtmbzFQMTFJGlhDaEVJOEszWm9RWVFtcjc2NGVQM3MtdXJBUkl0QUxaYzJhNGtaazdEWnh0RGJwYktST3VFZVJlOHBDeWI2MjRXWm9zZThKZF9HVHU0OThSbDB1UTRDT0Vw&is_vtc=1&ocp_id=zdk2ZNpth47rBO3hhrgK&cid=CAQSKQBygQiDqYmZtOo-FHpCSiCNAxFImdQNEsjQl9zZCC5S7z78s70IkipA&eitems=ChAI8K3ZoQYQ7OXax5i00PQBEh0AlJ39eW27pvQv054A-lZRQQhCosCsd2E6c5OYKQ&random=1305606475&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/827849146/?random=1385677016&cv=11&fst=1681316300876&bg=ffffff&guid=ON&async=1&gtm=45He34a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&label=J-aCCPP1-8MDELrz34oD&hn=www.googleadservices.com&frm=0&tiba=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&value=0&auid=885929225.1681316300&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOEszWm9RWVFuc215Z09QSXdMUk9FaVVBM3ltMGJteHpFWERXWEdfdTcyejhzNlhyVWp2R3p0dTV2dUdnN1BVbGtmbzFQMTFJGlhDaEVJOEszWm9RWVFtcjc2NGVQM3MtdXJBUkl0QUxaYzJhNGtaazdEWnh0RGJwYktST3VFZVJlOHBDeWI2MjRXWm9zZThKZF9HVHU0OThSbDB1UTRDT0Vw&is_vtc=1&ocp_id=zdk2ZNpth47rBO3hhrgK&cid=CAQSKQBygQiDqYmZtOo-FHpCSiCNAxFImdQNEsjQl9zZCC5S7z78s70IkipA&eitems=ChAI8K3ZoQYQ7OXax5i00PQBEh0AlJ39eW27pvQv054A-lZRQQhCosCsd2E6c5OYKQ&random=1305606475&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 47ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6SXZ7Q75S2&gtm=45je34a0&_p=1504919734&cid=363913181.1681316300&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1681316299&sct=1&seg=0&dl=https%3A%2F%2Fwww.tuhocielts.online%2F%3Futm_source%3Dseeding%26utm_medium%3Dpostd%26utm_campaign%3Dcpc%26fbclid%3Diwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8&dt=Tr%E1%BB%8Dn%20b%E1%BB%99%20t%C3%A0i%20li%E1%BB%87u%20IELTS%20t%E1%BB%AB%200%20-%207.5%2B&en=scroll&epn.percent_scrolled=90&_et=10
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6SXZ7Q75S2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tuhocielts.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 16:18:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tuhocielts.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: woznve.tuhocielts.online
URL: https://woznve.tuhocielts.online/events

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.tuhocielts.online/	1970-01-20 20:37:56	Name: LADI_DNS_CHECK Value: "2023-04-12 16:18:19.46742597 +0000 UTC m=+640662.030400500"
www.tuhocielts.online/	1970-01-20 20:37:56	Name: LADI_CLIENT_ID Value: 1b8c4a34-906b-453b-5767-c8efe69d519c
www.tuhocielts.online/	1970-01-20 20:37:56	Name: LADI_FORM_SUBMIT Value: 0
www.tuhocielts.online/	1970-01-20 20:37:56	Name: LADI_PAGE_VIEW Value: 1
www.tuhocielts.online/	1970-01-20 11:03:22	Name: _timenow Value: 1681316299831
.tuhocielts.online/	1970-01-20 13:11:32	Name: _gcl_au Value: 1.1.885929225.1681316300
.tuhocielts.online/	1970-01-20 20:37:56	Name: _ga_6SXZ7Q75S2 Value: GS1.1.1681316299.1.0.1681316299.0.0.0
.tuhocielts.online/	1970-01-20 13:11:32	Name: _fbc Value: fb.1.1681316300074.iwar3z8ksoehz2wv1yldignfqekou2nrlznh6ccezfoqwpr0kjwuxquqpnmp8
.tuhocielts.online/	1970-01-20 13:11:32	Name: _fbp Value: fb.1.1681316300075.972393061
.tuhocielts.online/	1970-01-20 20:37:56	Name: _ga Value: GA1.2.363913181.1681316300
.tuhocielts.online/	1970-01-20 11:03:22	Name: _gid Value: GA1.2.249759236.1681316300
.tuhocielts.online/	1970-01-20 11:01:56	Name: _gat_UA-214301920-18 Value: 1
www.tuhocielts.online/	1970-01-20 20:37:56	Name: pushdy_view_times Value: 1
www.tuhocielts.online/	1970-01-20 20:37:56	Name: pdts Value: referral
.doubleclick.net/	1970-01-20 20:23:32	Name: IDE Value: AHWqTUlQtTrHfWVJDcDq4pDeAFQ9sgKHjE-warbsj6Uhy5Rv6MaH2HF9GbK1zid-
www.tuhocielts.online/	1970-01-20 20:37:56	Name: pushdy_last Value: 1681316300554
www.tuhocielts.online/	1970-01-20 20:37:56	Name: pushdy_last_sub Value: 1681316300554

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://woznve.tuhocielts.online/events Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
api-v2.pushdi.com
api.ipify.org
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
region1.google-analytics.com
sdk.pushdi.com
stats.g.doubleclick.net
tinyurl.com
w.ladicdn.com
woznve.tuhocielts.online
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.tuhocielts.online
woznve.tuhocielts.online
142.250.184.226
173.231.16.77
2001:4860:4802:32::36
2400:52e0:1e00::863:1
2600:9000:2250:5200:1c:1cc7:740:93a1
2600:9000:24a9:8a00:d:3686:78c0:93a1
2606:4700:10::ac43:1e1
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.1.17.18
52.76.186.82
08ea21deb9b290f771ea45c53ac60e9cac4c48ff893647bcc4b9caf980411c69
0ec06672fe3c64b5f9a2734153c38dc3aac1a84dd0c656447e4f393339608db6
202932863cd6c6285f4ecf0ef7e570e40db4b994805b6b0787f1e0943b48612a
218b694037da2533834a6a40746bb0cb11c9a997aec719f9a4d92b4ef3783e11
239d8adc3cdef5f9881dd851ff3f71895a945e45acc622bd4d207fe5e8e08d49
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
285a968a2efb7866e6ab8dfe7a50ac148fdac80c518d888becc49649bd8cce09
4cf7dfadf62141d974da4d1da09b981125df04d9592442c393a135cea4ffd94d
4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843
50ce5d233dd40b0fa1ca4a7db4b20e1feb6f6ac0328c1681a586bc439e8121d1
510144d4e3e764af9902ea8cdeda032e61eb2db0c800f601e32be7c6e08d979c
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6c9c3feed9f914201fb57c17e00234099555b569b8d02459c136232cf224c891
7d8cb717fcd7de5bcdd0d838f52d6e2f28e38be5df80e62020a279e14a206c85
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
913009a37ebf08ca0834322f81da8331a6a9601f6b1b3d8f1347ea1a1ca88c4b
96dd8b78209ba9ddb3aecab394a6094f85792b09b285eb8294e7d1a9beb7130c
98843b97992f3c5534405a9890b7686f3bc1c88cbc802bc5367145457240ef95
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b389e5b1dccf10b0a561cb92b75940089b4502907c6e72d64625aceaa7e6474e
c544a2f507f003ed941027c62aef8f39d9c3720843b48773a5a6d9473ed00f7d
d26e2b006ee263914f71c7fd9615872dd5768736b80d262a52946dffb5fa53ce
d5526c59194f35733dfb85ebf80de1d4a12258b84750dba92d2ec5f440f0ae1d
dc6f762f62dbfce3c08d3aec583e42296ef032bc9161fb63784c26184faa2f94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.tuhocielts.online Open in urlscan Pro 3.1.17.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

93 %HTTPS

79 %IPv6

16 Domains

20 Subdomains

19 IPs

5 Countries

707 kBTransfer

1938 kBSize

17 Cookies

7 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tuhocielts.online Open in urlscan Pro
3.1.17.18 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

93 %
HTTPS

79 %
IPv6

16
Domains

20
Subdomains

19
IPs

5
Countries

707 kB
Transfer

1938 kB
Size

17
Cookies

46 HTTP transactions
0 data transactions